bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link Open in urlscan Pro
209.94.90.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i******@a*******.n***.no
Submission: On May 15 via api (May 15th 2024, 9:22:39 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 209.94.90.3, located in United States and belongs to PROTOCOL, US. The main domain is bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link.
TLS certificate: Issued by E1 on April 16th 2024. Valid for: 3 months.

This is the only time bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	209.94.90.3 209.94.90.3	40680 (PROTOCOL) (PROTOCOL)
4	205.234.232.50 205.234.232.50	23352 (SERVERCEN...) (SERVERCENTRAL)
1 2	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
18	4

1 209.94.90.3 (United States)

ASN40680 (PROTOCOL, US)

bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.234.232.50 (Los Angeles, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: da1.hosteons.com

dlcastal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.193 (United States) 1 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	dlcastal.com dlcastal.com	34 KB
2	imgur.com 1 redirects imgur.com — Cisco Umbrella Rank: 5444 i.imgur.com — Cisco Umbrella Rank: 7840	1 KB
1	dweb.link bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link	9 KB
18	3

	Domain	Requested by
4	dlcastal.com	bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link dlcastal.com
1	i.imgur.com	bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link
1	imgur.com	1 redirects
1	bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link
18	4

This site contains no links.

Subject Issuer	Validity	Valid
dweb.link E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.dlcastal.com R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i******@a*******.n***.no
Frame ID: 3960C9E333F904C220E12D3CFE99CBA5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login

Page Statistics

18
Requests

28 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

44 kB
Transfer

178 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://imgur.com/I7ejIFw.png HTTP 301
https://i.imgur.com/I7ejIFw.png

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/ 26 KB
9 KB 242ms
122ms Document
text/html 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i******@a*******.n***.no
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c136fbe9396ff26cead2016072a0d98eb12b50bc4086b76a41fb3e98c32344

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET HEAD OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: MISS
cf-ray: 88462f2269a95902-TXL
content-encoding: br
content-type: text/html
date: Wed, 15 May 2024 21:22:34 GMT
server: cloudflare
vary: Accept-Encoding
x-ipfs-path: /ipfs/bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha/
x-ipfs-pop: rainbow-fr2-03
x-ipfs-roots: bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha

GET
H2 200 open_sans.min.css
dlcastal.com/wbm/ 6 KB
653 B 541ms
175ms Stylesheet
text/css 205.234.232.50
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://dlcastal.com/wbm/open_sans.min.css
Requested by: Host: bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link
URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i******@a*******.n***.no
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.234.232.50 Los Angeles, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: da1.hosteons.com
Software: Apache/2 /
Resource Hash: 17781767b9edf1ebdde3529494d5cb3d8403702893db10258bedd3f9b8002f20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:22:34 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 16:13:46 GMT
server: Apache/2
etag: "18d6-6104029d51587-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 507

GET
H2 200 style_v2_optimized.css
dlcastal.com/wbm/ 139 KB
30 KB 715ms
349ms Stylesheet
text/css 205.234.232.50
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://dlcastal.com/wbm/style_v2_optimized.css
Requested by: Host: bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link
URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i******@a*******.n***.no
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.234.232.50 Los Angeles, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: da1.hosteons.com
Software: Apache/2 /
Resource Hash: 7a4a889a53bc0c9d721cf22116f2060b0d8205f78a92fecdbd27988095012cbd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:22:34 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 16:13:52 GMT
server: Apache/2
etag: "22c5f-610402a3aee6d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 30854

GET
H2 200 webmail-logo.svg
dlcastal.com/wbm/ 5 KB
2 KB 542ms
176ms Image
image/svg+xml 205.234.232.50
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlcastal.com/wbm/webmail-logo.svg
Requested by: Host: bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link
URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i******@a*******.n***.no
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.234.232.50 Los Angeles, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: da1.hosteons.com
Software: Apache/2 /
Resource Hash: 998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:22:34 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 16:13:58 GMT
server: Apache/2
etag: "14f0-610402a935de7-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2366

GET notice-error.png
dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/ 0
0

GET icon-username.png
dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/ 0
0

GET OpenSans-Regular-webfont.woff
dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/ 0
0

GET icon-password.png
dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/ 0
0

GET OpenSans-Semibold-webfont.woff
dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/ 0
0

GET OpenSans-Bold-webfont.woff
dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/ 0
0

GET notice-info.png
dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/ 0
0

GET notice-success.png
dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/ 0
0

GET warning.png
dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/ 0
0

GET
H2

200

I7ejIFw.png
i.imgur.com/
Redirect Chain

https://imgur.com/I7ejIFw.png
https://i.imgur.com/I7ejIFw.png

837 B
1 KB

50ms
42ms

Image
image/png

199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/I7ejIFw.png

Requested by

Host: bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link
URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i******@a*******.n***.no

Protocol

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2cc6479a4b729db608841630e1ee07ceca64371a8d301b9ff1d124d5361b0289

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 21:22:35 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
age: 793153
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 837
x-served-by: cache-iad-kjyo7100039-IAD, cache-fra-etou8220124-FRA
last-modified: Fri, 16 Feb 2024 12:21:13 GMT
server: cat factory 1.0
x-timer: S1715808155.166306,VS0,VE1
etag: "0a217ba50d9bbe53d88942cd9a9a31de"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zIQBIMlR20JUncJgCNpm9_lc_LhghaP0hr2XZ3fAeIKDiVvMeQnZlg==
x-cache-hits: 70, 0

Redirect headers

x-cache-hits: 0
date: Wed, 15 May 2024 21:22:35 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1715808155.118101,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/I7ejIFw.png
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220124-FRA

GET OpenSans-Bold-webfont.ttf
dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/ 0
0

GET OpenSans-Semibold-webfont.ttf
dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/ 0
0

GET OpenSans-Regular-webfont.ttf
dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/ 0
0

GET
H2 200 cp.ico
dlcastal.com/wbm/frncs/ 744 B
853 B 175ms
175ms Other
image/x-icon 205.234.232.50
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://dlcastal.com/wbm/frncs/cp.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.234.232.50 Los Angeles, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: da1.hosteons.com
Software: Apache/2 /
Resource Hash: 93769ee14a0b79979d3b16ecec062a12ac49bd5cdab99219a28b177dff477164

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:22:35 GMT
content-encoding: gzip
last-modified: Fri, 16 Feb 2024 09:05:09 GMT
server: Apache/2
etag: "2e8-6117c0a771d12-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/x-icon
accept-ranges: bytes
content-length: 767

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-error.png

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/icon-username.png

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/icon-password.png

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-info.png

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-success.png

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1660251973/unprotected/cpanel/images/warning.png

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.ttf

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.ttf

Domain: dlcastal.com
URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/	1970-01-20 20:38:10	Name: __cflb Value: 02DiuFCdvzQdNrUpHZD9Ht9hUhHF3rY4UsVJTaCP7jPzL
			bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/	1969-12-31 23:59:59	Name: timezone Value: Europe/Berlin

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i****@a***.n.no Message*: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i****@a***.n.no Message*: Access to font at 'https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff' from origin 'https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i****@a***.n.no Message*: Access to font at 'https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff' from origin 'https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i****@a***.n.no Message*: Access to font at 'https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff' from origin 'https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i****@a***.n.no Message*: Access to font at 'https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.ttf' from origin 'https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i****@a***.n.no Message*: Access to font at 'https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.ttf' from origin 'https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link/?email=i****@a***.n.no Message*: Access to font at 'https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.ttf' from origin 'https://bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dlcastal.com/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link
dlcastal.com
i.imgur.com
imgur.com
dlcastal.com
199.232.192.193
205.234.232.50
209.94.90.3
17781767b9edf1ebdde3529494d5cb3d8403702893db10258bedd3f9b8002f20
2cc6479a4b729db608841630e1ee07ceca64371a8d301b9ff1d124d5361b0289
7a4a889a53bc0c9d721cf22116f2060b0d8205f78a92fecdbd27988095012cbd
93769ee14a0b79979d3b16ecec062a12ac49bd5cdab99219a28b177dff477164
998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8
d8c136fbe9396ff26cead2016072a0d98eb12b50bc4086b76a41fb3e98c32344

bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link Open in urlscan Pro 209.94.90.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

28 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

44 kBTransfer

178 kBSize

2 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

45 JavaScript Global Variables

2 Cookies

13 Console Messages

Indicators

bafybeigmsdziqfaekwzv5aud66wweepgoeu2xz6reibgbegcl7wqflb6ha.ipfs.dweb.link Open in urlscan Pro
209.94.90.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

28 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

44 kB
Transfer

178 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!