cloudflare-ipfs.com Open in urlscan Pro
2606:4700::6811:400e Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://royal-agate-seal.glitch.me/
Effective URL:
https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj
Submission: On February 15 via manual (February 15th 2024, 3:46:45 pm UTC) from ES — Scanned from ES

Summary HTTP 6 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6811:400e, located in United States and belongs to CLOUDFLARENET, US. The main domain is cloudflare-ipfs.com.
TLS certificate: Issued by E1 on December 28th 2023. Valid for: 3 months.

This is the only time cloudflare-ipfs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online) Adobe (Consumer) Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	34.233.171.34 34.233.171.34	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:400e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1		() ()
6	5

3 34.233.171.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-171-34.compute-1.amazonaws.com

royal-agate-seal.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whip-snowy-flavor.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:400e (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

cloudflare-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	glitch.me royal-agate-seal.glitch.me whip-snowy-flavor.glitch.me	1 KB
2	cloudflare-ipfs.com cloudflare-ipfs.com	346 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 940	30 KB
6	3

	Domain	Requested by
2	cloudflare-ipfs.com	cloudflare-ipfs.com
2	whip-snowy-flavor.glitch.me
1	code.jquery.com	cloudflare-ipfs.com
1	royal-agate-seal.glitch.me
6	4

This site contains links to these domains. Also see Links.

Domain
v78qet9v-qev7tqev-qev78tq-e7veqv.siofficelence.ru
eqgv9qv-qe89yqev-eqv89yeqv-e8qyvqv.siofficelence.ru
qv9y8qe0-vqe98vyqe-v8qe0v-qev978y.siofficelence.ru
qv89qeyeqv-qev89yqev-eqv8yqe0v-eqvy8evq.siofficelence.ru
9qe89evq-q89yqev-qv7te8y-qev98qyev.siofficelence.ru

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
cloudflare-ipfs.com E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj
Frame ID: FAF4112F9259D1FBA85131A0AFD43C14
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Share Point Online

Page URL History Show full URLs

https://royal-agate-seal.glitch.me/ Page URL
https://whip-snowy-flavor.glitch.me/2.htm Page URL
https://whip-snowy-flavor.glitch.me/ Page URL
https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

378 kB
Transfer

2312 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://v78qet9v-qev7tqev-qev78tq-e7veqv.siofficelence.ru/rvzVPUWh
Title: Sign in with Outlook

Search URL Search Domain Scan URL

URL: https://eqgv9qv-qe89yqev-eqv89yeqv-e8qyvqv.siofficelence.ru/ZjELVDzD
Title: Sign in with Aol

Search URL Search Domain Scan URL

URL: https://qv9y8qe0-vqe98vyqe-v8qe0v-qev978y.siofficelence.ru/DLkCJbqX
Title: Sign in with Office365

Search URL Search Domain Scan URL

URL: https://qv89qeyeqv-qev89yqev-eqv8yqe0v-eqvy8evq.siofficelence.ru/fnjWyfCA
Title: Sign in with Yahoo!

Search URL Search Domain Scan URL

URL: https://9qe89evq-q89yqev-qv7te8y-qev98qyev.siofficelence.ru/jwcSNwzg
Title: Sign in with Gmail

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://royal-agate-seal.glitch.me/ Page URL
https://whip-snowy-flavor.glitch.me/2.htm Page URL
https://whip-snowy-flavor.glitch.me/ Page URL
https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response royal-agate-seal.glitch.me/	89 B 450 B	527ms 251ms	Document text/html	34.233.171.34 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://royal-agate-seal.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.171.34 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-171-34.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `6bcb7d5c458227a1fe24b5e4545a1ebbbe293f46df9fed4834831527d4099e16` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 89 content-type text/html; charset=utf-8 date Thu, 15 Feb 2024 15:46:38 GMT etag "235852f1c82a84e0cc9b6e01e50fc024" last-modified Wed, 14 Feb 2024 13:14:21 GMT server AmazonS3 x-amz-id-2 ZeN3t4YZY9izs4KEbLlD6LTwUoswyksBlKFvEtcKKK6/ygER0ehrxrxtBv1fAn8tBxEKf2LOYqs= x-amz-request-id 26N6CAX3C7XKA7PJ x-amz-server-side-encryption AES256 x-amz-version-id QIet9_Zk4H1k0rBWfEuhsxjwU5Dk.k23
GET H2	200	2.htm whip-snowy-flavor.glitch.me/	84 B 444 B	267ms 257ms	Document text/html	34.233.171.34 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://whip-snowy-flavor.glitch.me/2.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.171.34 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-171-34.compute-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers Referer https://royal-agate-seal.glitch.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 84 content-type text/html; charset=utf-8 date Thu, 15 Feb 2024 15:46:39 GMT etag "9f9634510b3bf5d509722d83ec294561" last-modified Wed, 14 Feb 2024 13:13:15 GMT server AmazonS3 x-amz-id-2 AoDECUoy/Q5nkwuwfwpBRworybieZHiVhIutuU+RPe5aQ4v7hdgBdCxbCiIQZswgCG2tgHfdJo4= x-amz-request-id 26N422DVP1G8E6CE x-amz-server-side-encryption AES256 x-amz-version-id KuQGMV.aQAGrbXI8U1Up7GNYArndYh.t
GET H2	200	/ Show response whip-snowy-flavor.glitch.me/	127 B 488 B	166ms 166ms	Document text/html	34.233.171.34 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://whip-snowy-flavor.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.171.34 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-171-34.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `66de1b4630bf6702a229d32c167f5485f9cf961fdbb82cdea4e4b3c132c2df22` Request headers Referer https://whip-snowy-flavor.glitch.me/2.htm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 127 content-type text/html; charset=utf-8 date Thu, 15 Feb 2024 15:46:39 GMT etag "21ff4c9f5f4967eb0b22005a8d3047cc" last-modified Wed, 14 Feb 2024 13:13:15 GMT server AmazonS3 x-amz-id-2 IycBzSRRhjFTHiSkhf73ar7wb9oetfo7bbOOV/YsDd5+qMMpdZ5IhsgFaYM/zYxS2ZaKjHvhDoc= x-amz-request-id RNJ06R779Q0NBGW8 x-amz-server-side-encryption AES256 x-amz-version-id SWZWk9XcNzclzK0b8FNP5HoBJXoXfTlS
GET H2	200	Primary Request QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Show response cloudflare-ipfs.com/ipfs/	2 MB 346 KB	358ms 262ms	Document text/html	2606:4700::6811:400e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:400e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5848062cffa5ec97a99a28d18c90c420146608ffea41abbb59fa10b34b7a63a4` Request headers Referer https://whip-snowy-flavor.glitch.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers access-control-allow-headers Content-Type Range User-Agent X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-expose-headers Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output alt-svc h3=":443"; ma=86400 cache-control public, max-age=29030400, immutable cf-cache-status MISS cf-ray 855eaf542bcf6605-MAD content-encoding br content-type text/html date Thu, 15 Feb 2024 15:46:39 GMT etag W/"QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj" server cloudflare vary Accept-Encoding x-cf-ipfs-cache-status miss x-ipfs-path /ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj x-ipfs-roots QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj
GET H2	200	jquery-3.4.1.min.js code.jquery.com/	86 KB 30 KB	99ms 31ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash Request headers Referer https://cloudflare-ipfs.com/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 15 Feb 2024 15:46:39 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 3329081 x-cache HIT, HIT content-length 30638 x-served-by cache-lga21923-LGA, cache-mad2200109-MAD last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1708012000.935045,VS0,VE0 etag W/"28feccc0-15851" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 45, 187505
GET BLOB	200 OK	52937a3e-ae0e-484d-a4a7-b92f4e156c19 Show response https://cloudflare-ipfs.com/	390 KB 0		Document text/html
General Check archive.org Show headers Download Go to Full URL blob:https://cloudflare-ipfs.com/52937a3e-ae0e-484d-a4a7-b92f4e156c19 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `b4ad7fcfbf9d34771d8f3880b3f8dc4d894e0243241befea655d4fc022574bd3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Content-Length 399845 Content-Type text/html
GET DATA	200 OK	truncated /	30 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `26c62dbdf527b8dcbf378ea62f129cbbba3b244730687909ba21ecd729c9d2e6` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	771 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	26 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a2f26b68a6c8810c1aeb4048c938f835a86ba83756a7a440f989b967e78f3ba8` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	21 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	157 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7829f065e0e10c8466f3d57766e0719421b7b652f6a1082f21b98702f1b28a30` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online) Adobe (Consumer) Generic (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cloudflare-ipfs.com/	1970-01-20 18:26:53	Name: __cf_bm Value: PCdUqmOycJ9oKJc.dFwPK5UnBDGb0z649by7d0l9d_Q-1708011999-1.0-AQXEHFzhRjpE1GIcLgVEHOVXsOLjXvQMzHKPLuLEwyMT3snxqV8+eKgnD5kS55QDQyLxxe0unx3u61s8SiXOzu0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.4.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cloudflare-ipfs.com/ipfs/QmVXAPKLEnNuExsYCfjHEureHNufrU6Sz3MCTkZaCc21Lj Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.4.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloudflare-ipfs.com
code.jquery.com
royal-agate-seal.glitch.me
whip-snowy-flavor.glitch.me

2606:4700::6811:400e
2a04:4e42:200::649
34.233.171.34
26c62dbdf527b8dcbf378ea62f129cbbba3b244730687909ba21ecd729c9d2e6
3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
5848062cffa5ec97a99a28d18c90c420146608ffea41abbb59fa10b34b7a63a4
66de1b4630bf6702a229d32c167f5485f9cf961fdbb82cdea4e4b3c132c2df22
6bcb7d5c458227a1fe24b5e4545a1ebbbe293f46df9fed4834831527d4099e16
7829f065e0e10c8466f3d57766e0719421b7b652f6a1082f21b98702f1b28a30
a2f26b68a6c8810c1aeb4048c938f835a86ba83756a7a440f989b967e78f3ba8
aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554
b4ad7fcfbf9d34771d8f3880b3f8dc4d894e0243241befea655d4fc022574bd3
f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14

cloudflare-ipfs.com Open in urlscan Pro 2606:4700::6811:400e Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

5 IPs

1 Countries

378 kBTransfer

2312 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

cloudflare-ipfs.com Open in urlscan Pro
2606:4700::6811:400e Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

378 kB
Transfer

2312 kB
Size

1
Cookies

6 HTTP transactions
7 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!