ipfs.io
209.94.90.1  Malicious Activity! Public Scan Open in urlscan Pro

Internal
urlscan.io (IP) urlscan.io (Domain)
Effective Hostname
VirusTotal SecurityTrails crt.sh
Submitted URL
Google Safe Browsing Archive.org
Effective URL Pivot
Google Safe Browsing Archive.org
Effective IP
VirusTotal SecurityTrails Domaintools Censys
Go To Rescan
Add Verdict Report
Submitted URL:
http://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a 11yr old
Effective URL:
https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a 11yr old
Submission: On March 17 via automatic, source openphish (March 17th 2026, 1:02:43 am UTC) — Scanned from CH
Summary HTTP 13 Redirects Links 1  Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 13 HTTP transactions. The main IP is 209.94.90.1, located in United States and belongs to PROTOCOL - Protocol Labs, US. The main domain is ipfs.io. The Cisco Umbrella rank of the primary domain is 103413. 11yr old
TLS certificate: Issued by WE1 on January 27th 2026. Valid for: 3mo.
This is the only time ipfs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
2 209.94.90.1 209.94.90.1 40680 (PROTOCOL) (PROTOCOL - Protocol Labs)
1 2a04:4e42:400... 2a04:4e42:400::649 54113 (FASTLY) (FASTLY - Fastly)
1 104.17.25.14 104.17.25.14 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 104.18.11.207 104.18.11.207 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2a00:1450:400... 2a00:1450:4001:804::200a 15169 (GOOGLE) (GOOGLE - Google LLC)
1 104.18.10.207 104.18.10.207 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
13 7
2    209.94.90.1 (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN40680 (PROTOCOL - Protocol Labs, US)
ipfs.io 11yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2a04:4e42:400::649 (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN54113 (FASTLY - Fastly, Inc., US)
code.jquery.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    104.17.25.14 (Ascension Island)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    104.18.11.207 (Ascension Island)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
maxcdn.bootstrapcdn.com 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2a00:1450:4001:804::200a (Frankfurt am Main, Germany)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    104.18.10.207 (Ascension Island)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
stackpath.bootstrapcdn.com 8yr old
VirusTotal SecurityTrails crt.sh Domaintools
Apex Domain
Subdomains		 Transfer
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1770 10yr old
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4562 8yr old
29 KB
2 ipfs.io
ipfs.io — Cisco Umbrella Rank: 103413 11yr old
149 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 726 10yr old
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 340 13yr old
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1046 13yr old
24 KB
0 appdomain.cloud Failed
wetransfego.eu-gb.cf.appdomain.cloud Failed 5yr old
0 glitch.me Failed
cdn.glitch.me Failed 5yr old
0 wetransfer.net Failed
cdn.wetransfer.net Failed 9yr old
13 8
Domain Requested by
2 ipfs.io ipfs.io
1 stackpath.bootstrapcdn.com ipfs.io
1 ajax.googleapis.com ipfs.io
1 maxcdn.bootstrapcdn.com ipfs.io
1 cdnjs.cloudflare.com ipfs.io
1 code.jquery.com ipfs.io
0 wetransfego.eu-gb.cf.appdomain.cloud Failed
0 cdn.glitch.me Failed ipfs.io
0 cdn.wetransfer.net Failed ipfs.io
13 9

This site contains links to these domains. Also see Links.

Domain
www.besproutable.com
Subject Issuer Validity Valid
ipfs.io
WE1		 2026-01-27 -
2026-04-27		 3mo crt.sh
*.jquery.com
Sectigo Public Server Authentication CA DV E36		 2025-06-12 -
2026-06-26		 1yr crt.sh
cdnjs.cloudflare.com
WE1		 2026-03-14 -
2026-06-12		 3mo crt.sh
bootstrapcdn.com
WE1		 2026-03-05 -
2026-06-03		 3mo crt.sh
upload.video.google.com
WE2		 2026-02-02 -
2026-04-27		 3mo crt.sh

This page contains 1 frames:

Primary Page: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Frame ID: 4899E99290824B42EF4166A776CC6735
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WeTransfer Secured

Page URL History Show full URLs

  1. http://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a HTTP 307
    https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a Page URL

Detected technologies

(UI frameworks)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
(JavaScript libraries)
Overall confidence: 100%
Detected patterns
  • jquery
  • /jquery(?:-(\d+\.\d+\.\d+))[/.-]
  • /(\d+\.\d+\.\d+)/jquery(?!\.popupoverlay\.js)[/.-][^u]
(CDN)
Overall confidence: 100%
Detected patterns
  • cdnjs\.cloudflare\.com
(CDN)
Overall confidence: 100%
Detected patterns
  • ajax\.googleapis\.com/ajax/libs/
(CDN)
Overall confidence: 100%
Detected patterns
  • code\.jquery\.com/
(Miscellaneous)
Overall confidence: 100%
Detected patterns
  • /popper(?:\.min)?\.js(?:/([0-9.]+))?

Page Statistics

13
Requests

54 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

238 kB
Transfer

985 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a HTTP 307
    https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol		 Status Resource
Path		 Size
x-fer		 Time
Latency		 Type
MIME-Type		 IP
Location
GET
H3 		200
 Primary Request bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a Show response
ipfs.io/ipfs/
Redirect Chain
  • http://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
  • https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
717 KB
149 KB 		107ms
72ms 		Document
text/html		 209.94.90.1
Protocol Labs
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.94.90.1 , United States, ASN40680 (PROTOCOL - Protocol Labs, US),
Reverse DNS
Software
cloudflare /
Resource Hash
055dad9e8ae30b6208a8a3e3ee8b09d582b2ffdf2b60295287b1459de0c13f84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type Range User-Agent X-Requested-With
access-control-allow-methods
GET HEAD OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=29030400, immutable
cf-cache-status
HIT
cf-ray
9dd812e1f980cb74-ZRH
content-encoding
br
content-type
text/html
date
Tue, 17 Mar 2026 01:02:43 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
x-ipfs-path
/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
x-ipfs-pop
rainbow-rbx-247-80
x-ipfs-roots
bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
x-robots-tag
noindex, nofollow

Redirect headers

Location
https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Non-Authoritative-Reason
HttpsUpgrades
GET
H3 		422
 css.css
ipfs.io/ipfs/weT&_files/ 		0
0 		132ms
132ms 		Stylesheet
text/html		 209.94.90.1
Protocol Labs
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/weT&_files/css.css
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.94.90.1 , United States, ASN40680 (PROTOCOL - Protocol Labs, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a

Response headers

x-robots-tag
noindex, nofollow
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cf-cache-status
MISS
access-control-allow-methods
GET, HEAD, OPTIONS
cf-ray
9dd812e31b9fcb74-ZRH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Mar 2026 01:02:43 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
GET
H2 		200
 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 		68 KB
24 KB 		64ms
16ms 		Script
application/javascript		 2a04:4e42:400::649
Fastly
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Origin
https://ipfs.io
Referer
https://ipfs.io/

Response headers

content-encoding
gzip
etag
W/"28feccc0-10fdd"
age
2725590
x-cache
HIT, HIT
date
Tue, 17 Mar 2026 01:02:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
11, 8383
x-served-by
cache-lga21963-LGA, cache-fra-eddf8230093-FRA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1773709364.743175,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
23856
server
nginx
GET
H3 		200
 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		43ms
22ms 		Script
application/javascript		 104.17.25.14
Cloudflare
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Origin
https://ipfs.io
Referer
https://ipfs.io/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fa9-4af4"
age
2243296
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjgGXFTt9dMTrimobxZ3dXnSuGjzKkgOtSV%2FA6WFrIID7%2Bv6RJIzWv8HCMp0yiqZaCr9LqDfqr1K8I%2BH%2FXpDI1JdSC5AI%2FgKYFprgFYOqG3oNgxw3KtRPVy4WAW15kdpe0Skf7PH"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Mar 2027 01:02:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Mar 2026 01:02:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:37 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
9dd812e33959cd00-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
6157
server
cloudflare
GET
H3 		200
 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		38ms
20ms 		Script
application/javascript		 104.18.11.207
Cloudflare
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Origin
https://ipfs.io
Referer
https://ipfs.io/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"14d449eb8876fa55e1ef3c2cc52b0c17"
age
3553296
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Mar 2026 01:02:43 GMT
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
06/16/2025 00:51:14
cdn-requestpullcode
200
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-requestid
71bf31068ab262534e7d139bf3b0541f
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.29
cf-ray
9dd812e32f69bac8-ZRH
access-control-allow-origin
*
cdn-edgestorageid
1218
server
cloudflare
cdn-requestcountrycode
FR
GET
H2 		200
 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		154ms
48ms 		Script
text/javascript		 2a00:1450:4001:804::200a
Google LLC
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1450:4001:804::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://ipfs.io/

Response headers

content-encoding
gzip
age
19137
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Tue, 16 Mar 2027 19:43:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Mar 2026 19:43:46 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30028
x-xss-protection
0
server
sffe
GET
H3 		200
 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
15 KB 		35ms
19ms 		Script
application/javascript		 104.18.10.207
Cloudflare
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://ipfs.io/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"67176c242e1bdc20603c878dee836df3"
age
2354416
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Mar 2026 01:02:43 GMT
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
02/07/2025 02:56:30
cdn-requestpullcode
200
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-requestid
d4aa4e899f6124bf0f753bc2aa01790b
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.19
cf-ray
9dd812e32fd08628-ZRH
access-control-allow-origin
*
cdn-edgestorageid
1187
server
cloudflare
cdn-requestcountrycode
FR
GET

FreightSans-Pro-Medium-b238d791af67274dc5ab77119ae5df014e05523afe3ce1e7074dc22241668bd4.woff
cdn.wetransfer.net/assets/freightsans/ 		0
0

GET

FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
cdn.wetransfer.net/assets/faktpro/ 		0
0

GET

video-02.mp4
cdn.glitch.me/a64f6645-9f3a-4924-be34-751985a42bb5/ 		0
0

GET

FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
cdn.wetransfer.net/assets/faktpro/ 		0
0

GET

FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
cdn.wetransfer.net/assets/faktpro/ 		0
0

GET

icon.ico
wetransfego.eu-gb.cf.appdomain.cloud/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.wetransfer.net
URL
https://cdn.wetransfer.net/assets/freightsans/FreightSans-Pro-Medium-b238d791af67274dc5ab77119ae5df014e05523afe3ce1e7074dc22241668bd4.woff
Domain
cdn.wetransfer.net
URL
https://cdn.wetransfer.net/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
Domain
cdn.glitch.me
URL
https://cdn.glitch.me/a64f6645-9f3a-4924-be34-751985a42bb5/video-02.mp4
Domain
cdn.wetransfer.net
URL
https://cdn.wetransfer.net/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
Domain
cdn.wetransfer.net
URL
https://cdn.wetransfer.net/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
Domain
wetransfego.eu-gb.cf.appdomain.cloud
URL
https://wetransfego.eu-gb.cf.appdomain.cloud/icon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

5 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap string| ur

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source Level URL
Text
javascript error URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a(Line 11423)
Message:
Access to font at 'https://cdn.wetransfer.net/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff' from origin 'https://ipfs.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.wetransfer.net/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a(Line 11423)
Message:
Access to font at 'https://cdn.wetransfer.net/assets/freightsans/FreightSans-Pro-Medium-b238d791af67274dc5ab77119ae5df014e05523afe3ce1e7074dc22241668bd4.woff' from origin 'https://ipfs.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.wetransfer.net/assets/freightsans/FreightSans-Pro-Medium-b238d791af67274dc5ab77119ae5df014e05523afe3ce1e7074dc22241668bd4.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ipfs.io/ipfs/weT&_files/css.css
Message:
Failed to load resource: the server responded with a status of 422 ()
javascript error URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Message:
Access to font at 'https://cdn.wetransfer.net/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff' from origin 'https://ipfs.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.wetransfer.net/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Message:
Access to font at 'https://cdn.wetransfer.net/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff' from origin 'https://ipfs.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.wetransfer.net/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
Message:
Failed to load resource: net::ERR_FAILED
recommendation verbose URL: https://ipfs.io/ipfs/bafybeigpnuh5x6gvdvls3ecmlrb3yjfhss77joxnkpwl563ag5zdhrcy4a
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://wetransfego.eu-gb.cf.appdomain.cloud/icon.ico
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED