bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/
Submission: On July 28 via automatic, source phishtank (July 28th 2024, 4:12:12 am UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2602:fea2:2::3, located in United States and belongs to PROTOCOL, US. The main domain is bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link.
TLS certificate: Issued by E6 on June 14th 2024. Valid for: 3 months.

This is the only time bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	2602:fea2:2::3 2602:fea2:2::3	40680 (PROTOCOL) (PROTOCOL)
4	2606:4700:310... 2606:4700:3108::ac42:2911	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

1 2602:fea2:2::3 (United States)

ASN40680 (PROTOCOL, US)

bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3108::ac42:2911 (United States)

ASN13335 (CLOUDFLARENET, US)

internationalyachtchartergroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	internationalyachtchartergroup.com internationalyachtchartergroup.com	36 KB
1	dweb.link bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link	367 KB
0	autofer.site Failed autofer.site Failed
15	3

	Domain	Requested by
4	internationalyachtchartergroup.com	bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link internationalyachtchartergroup.com
1	bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link
0	autofer.site Failed	bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link
15	3

This site contains no links.

Subject Issuer	Validity	Valid
dweb.link E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
internationalyachtchartergroup.com WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/
Frame ID: 8DFC5608D6DB52427B27A17A171834AC
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roundcube Webmail :: Welcome to Roundcube Webmail

Page Statistics

15
Requests

33 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

403 kB
Transfer

3330 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/	3 MB 367 KB	56ms 23ms	Document text/html	2602:fea2:2::3 PROTOCOL
General Check archive.org Show headers Download Go to Full URL https://bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:fea2:2::3 , United States, ASN40680 (PROTOCOL, US), Reverse DNS Software cloudflare / Resource Hash `7d2b05ab3b56f1ec14df70df01c82a7771b9e3c56e881e15ba952ebe0746af23` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type Range User-Agent X-Requested-With access-control-allow-methods GET HEAD OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output age 283803 alt-svc h3=":443"; ma=86400 cache-control public, max-age=29030400, immutable cf-cache-status HIT cf-ray 8aa20772286f65d1-FRA content-encoding br content-type text/html date Sun, 28 Jul 2024 04:12:07 GMT server cloudflare vary Accept-Encoding x-ipfs-path /ipfs/bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri/ x-ipfs-pop rainbow-am6-03 x-ipfs-roots bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri
GET H2	200	styles.min.css internationalyachtchartergroup.com/webmail/skins/larry/	53 KB 10 KB	488ms 429ms	Stylesheet text/css	2606:4700:3108::ac42:2911 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://internationalyachtchartergroup.com/webmail/skins/larry/styles.min.css?s=1480262938 Requested by Host: bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link URL: https://bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2911 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cede90ea2d2fc62a7f606fa90e57ff7d8fc7d640d10cbf118c65b9c860ef5bbd` Request headers Referer https://bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 04:12:08 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 27 Nov 2016 16:08:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d30f-5424a9297fa80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3PnGSI7UGTaMjEqfXgWRZtRzpQt4wPhFYl%2Fs9zMtcQGrarvxgWDdJP2mWIVHXRTxqYvNzx%2Fc4%2BHR0QW%2FmRVWgmZShg%2FAzeQg%2BJP429bbEl%2FJem%2F80KqvFN5Lkqd96Zfw6tpYrlsVTi1TSqa%2BPE9ddhS4x9dJ3vxBDyWJ2n7kiE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 8aa207739bab3a5a-FRA
GET		jquery-3.2.1.min.js autofer.site/myjs/vendor/jquery/	0 0

GET		animsition.min.js autofer.site/myjs/vendor/animsition/js/	0 0

GET		popper.js autofer.site/myjs/vendor/bootstrap/js/	0 0

GET		bootstrap.min.js autofer.site/myjs/vendor/bootstrap/js/	0 0

GET		select2.min.js autofer.site/myjs/vendor/select2/	0 0

GET		moment.min.js autofer.site/myjs/vendor/daterangepicker/	0 0

GET		daterangepicker.js autofer.site/myjs/vendor/daterangepicker/	0 0

GET		countdowntime.js autofer.site/myjs/vendor/countdowntime/	0 0

GET		main.js autofer.site/myjs/js/	0 0

GET DATA	200 OK	truncated /	3 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `343b43c50e3c026f49164591bcd84a3a6a4f69dd0b4e56a2418ad19b930f537a` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	linen.jpg internationalyachtchartergroup.com/webmail/skins/larry/images/	14 KB 14 KB	105ms 105ms	Image image/jpeg	2606:4700:3108::ac42:2911 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://internationalyachtchartergroup.com/webmail/skins/larry/images/linen.jpg?v=0382.14157 Requested by Host: internationalyachtchartergroup.com URL: https://internationalyachtchartergroup.com/webmail/skins/larry/styles.min.css?s=1480262938 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2911 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a712b63789e2d5ca0d67dfc6583e3c4374daf13bbd23ef76c83c3c9e881dea7b` Request headers Referer https://internationalyachtchartergroup.com/webmail/skins/larry/styles.min.css?s=1480262938 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 04:12:08 GMT cf-cache-status HIT cf-bgj imgq:100,h2pri last-modified Sun, 27 Nov 2016 16:08:58 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=14157 etag "374d-5424a9297fa80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJ8g93UgqhwglQLa%2BzUUbQdkOgt90IdSOnO4LTi9o94mCRT1w3K2sZCfeNIN2%2B7auNmLfM0Z43hrF7HgMXJBqBxC%2FI28gvkJWMTW0h3GtyvSuw6LElPmTDFpirA3iXpypTYdLGz%2F2EeSU8jzH2VUk3HbQkGEaj%2FXgTdFS1Ucy6o%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 8aa207766d333a5a-FRA content-length 14109
GET H2	200	linen_login.jpg internationalyachtchartergroup.com/webmail/skins/larry/images/	10 KB 10 KB	109ms 107ms	Image image/jpeg	2606:4700:3108::ac42:2911 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://internationalyachtchartergroup.com/webmail/skins/larry/images/linen_login.jpg?v=0484.10363 Requested by Host: internationalyachtchartergroup.com URL: https://internationalyachtchartergroup.com/webmail/skins/larry/styles.min.css?s=1480262938 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2911 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `465cfa8692ff9561b87f8df906324b4219e333667ab219555e4695bb97fa4546` Request headers Referer https://internationalyachtchartergroup.com/webmail/skins/larry/styles.min.css?s=1480262938 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 04:12:08 GMT cf-cache-status HIT cf-bgj imgq:100,h2pri last-modified Sun, 27 Nov 2016 16:08:58 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=10363 etag "287b-5424a9297fa80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9E00XeNWiVlCliRiCdbQt9x%2Fr6%2Fjwf4jDXsL2eusuMDYn2ak3IXNxdYhRrHDWNWeV9MG%2FGOBgFrarK36Nq4PwMSvRakrGCsxrVswUDaLhGltXRM57dUkptRnUC1Ws3O9LDbXXw82M3pdtY2s5ZeWKyrL8zvp59Wom6y1PYbwNd8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 8aa207767d413a5a-FRA content-length 10317
GET H2	200	login_shadow.png internationalyachtchartergroup.com/webmail/skins/larry/images/	562 B 948 B	117ms 116ms	Image image/webp	2606:4700:3108::ac42:2911 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://internationalyachtchartergroup.com/webmail/skins/larry/images/login_shadow.png?v=1169.789 Requested by Host: internationalyachtchartergroup.com URL: https://internationalyachtchartergroup.com/webmail/skins/larry/styles.min.css?s=1480262938 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2911 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `32475dee52caa49526b0fcf33968518747e33c04e5730d22a54962e865b15b8e` Request headers Referer https://internationalyachtchartergroup.com/webmail/skins/larry/styles.min.css?s=1480262938 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 04:12:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origFmt=png, origSize=789 content-disposition inline; filename="login_shadow.webp" content-length 562 cf-bgj imgq:100,h2pri last-modified Sun, 27 Nov 2016 16:08:58 GMT server cloudflare etag "315-5424a9297fa80" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8UgXL3WIVGyKWUrtbBvkDctrVhUtFRLQt%2BoK85e8dEUxs6Be6jGCCqRy2qiADuPcfVYaEFXMyecVP8eulyAcvdl59QsgKHt4J0vxxVc0AalVFZXhugYYlY1Nswfq5CKl5L%2BEVESGftTbXODjNwxklx6rt4BITXekzpuyQb67Kw%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=86400 accept-ranges bytes cf-ray 8aa207769d4a3a5a-FRA
GET		favicon.ico autofer.site/rcubby/black/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/jquery/jquery-3.2.1.min.js

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/animsition/js/animsition.min.js

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/bootstrap/js/popper.js

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/bootstrap/js/bootstrap.min.js

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/select2/select2.min.js

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/daterangepicker/moment.min.js

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/daterangepicker/daterangepicker.js

Domain: autofer.site
URL: https://autofer.site/myjs/vendor/countdowntime/countdowntime.js

Domain: autofer.site
URL: https://autofer.site/myjs/js/main.js

Domain: autofer.site
URL: https://autofer.site/rcubby/black/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/jquery/jquery-3.2.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/jquery/jquery-3.2.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/animsition/js/animsition.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/bootstrap/js/popper.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/bootstrap/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/select2/select2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/daterangepicker/moment.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/daterangepicker/daterangepicker.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/vendor/countdowntime/countdowntime.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://autofer.site/myjs/js/main.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://autofer.site/myjs/vendor/jquery/jquery-3.2.1.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/vendor/animsition/js/animsition.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/vendor/bootstrap/js/popper.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/vendor/bootstrap/js/bootstrap.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/vendor/select2/select2.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/vendor/daterangepicker/moment.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/vendor/daterangepicker/daterangepicker.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/vendor/countdowntime/countdowntime.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/myjs/js/main.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://autofer.site/rcubby/black/favicon.ico Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

autofer.site
bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link
internationalyachtchartergroup.com
autofer.site
2602:fea2:2::3
2606:4700:3108::ac42:2911
32475dee52caa49526b0fcf33968518747e33c04e5730d22a54962e865b15b8e
343b43c50e3c026f49164591bcd84a3a6a4f69dd0b4e56a2418ad19b930f537a
465cfa8692ff9561b87f8df906324b4219e333667ab219555e4695bb97fa4546
7d2b05ab3b56f1ec14df70df01c82a7771b9e3c56e881e15ba952ebe0746af23
a712b63789e2d5ca0d67dfc6583e3c4374daf13bbd23ef76c83c3c9e881dea7b
cede90ea2d2fc62a7f606fa90e57ff7d8fc7d640d10cbf118c65b9c860ef5bbd

bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link Open in urlscan Pro 2602:fea2:2::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

33 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

403 kBTransfer

3330 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

20 Console Messages

Indicators

bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

33 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

403 kB
Transfer

3330 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!