bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link Open in urlscan Pro
209.94.90.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Effective URL:
https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Submission: On June 25 via api (June 25th 2024, 1:16:16 am UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 35 HTTP transactions. The main IP is 209.94.90.3, located in United States and belongs to PROTOCOL, US. The main domain is bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link.
TLS certificate: Issued by E6 on June 14th 2024. Valid for: 3 months.

This is the only time bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
11	209.94.90.3 209.94.90.3	40680 (PROTOCOL) (PROTOCOL)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1 1	2606:4700::68... 2606:4700::6811:600d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	5

11 209.94.90.3 (United States)

ASN40680 (PROTOCOL, US)

bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn-js-forms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
drop9-ether.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:600d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	dweb.link bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link	1 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	143 KB
1	cf-ipfs.com 1 redirects bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com	435 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	51 KB
1	drop9-ether.ru drop9-ether.ru	5 KB
1	cdn-js-forms.com cdn-js-forms.com	279 KB
35	6

	Domain	Requested by
10	bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link	bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link cdn-js-forms.com
2	cdnjs.cloudflare.com	cdn-js-forms.com
1	bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link	bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
1	bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com	1 redirects
1	cdn.jsdelivr.net	cdn-js-forms.com
1	drop9-ether.ru	cdn-js-forms.com
1	cdn-js-forms.com	bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
35	7

This site contains links to these domains. Also see Links.

Domain
x.com

Subject Issuer	Validity	Valid
dweb.link E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
cdn-js-forms.com GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
drop9-ether.ru WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Frame ID: A7547F2F9D1BEA84856A94A047DBF58E
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

$ROOST

Page URL History Show full URLs

http://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ HTTP 307
https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

35
Requests

43 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

1573 kB
Transfer

4206 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/roostcoin?s=21&t=nivIN4WMitrGtb9V5IJ_wA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ HTTP 307
https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com/styles/popup-6.css HTTP 301
https://bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link/styles/popup-6.css

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Redirect Chain

http://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/

234 KB
66 KB

113ms
60ms

Document
text/html

209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2889ab3bc227e63d8cfbc0d207750eb95eafc28d9c4fd5349ece7fbfeb331550

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET HEAD OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age: 76315
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: HIT
cf-ray: 89911b7d5eeb5902-TXL
content-encoding: br
content-type: text/html
date: Tue, 25 Jun 2024 01:15:35 GMT
server: cloudflare
vary: Accept-Encoding
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/
x-ipfs-pop: rainbow-fr2-03
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Non-Authoritative-Reason: HSTS

GET
H3 200 bonad.js Show response
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 250 B
717 B 57ms
55ms Script
text/javascript 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/bonad.js
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b2e8ca32e6c886f8a50346526f69d2d0347d49767a29e0bba43636c62d80016

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 76315
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreielf2gkgltmrbxyuubumutpnhjnand5jf3hukpaxosdmnwgfwaacy
etag: W/"bafkreielf2gkgltmrbxyuubumutpnhjnand5jf3hukpaxosdmnwgfwaacy"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/bonad.js
cf-ray: 89911b7ddfe25902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H3 200 script.js Show response
cdn-js-forms.com/ 1 MB
279 KB 140ms
74ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-js-forms.com/script.js

Requested by

Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5550ef73668010b4fa8ec5cd844bf79d226a153f86986df34b081042021fee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"21e2e8c6d75f31b65d60a39dfd7e4a3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2HAHmKECsC%2F3xS%2BjCln01CN4umP%2F9suXhniPyFTC3eyyf2Rq0PKXENoDO84k3iQy%2BC2XkJNnHCmO9SY9rXdk%2FHMK2ihq8esxqXw99HCBYunHan6nmGJAlTr8D9E%2FdcPIft2"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 89911b7e3b8d90ec-FRA
alt-svc: h3=":443"; ma=86400

GET font.css
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET
H3 200 css2.css
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 1 KB
997 B 57ms
55ms Stylesheet
text/css 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/css2.css
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3c798cef1585ed27a482cdea9fb1d776231a233200e67862fb08ed0f25f7e5c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 76315
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreigty6mm54kyl3jhusbm32u7whlxmiy2emzabztyml5qr3ipex36lq
etag: W/"bafkreigty6mm54kyl3jhusbm32u7whlxmiy2emzabztyml5qr3ipex36lq"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/css2.css
cf-ray: 89911b7ddfe65902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET main.11a91eab.css
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET 483.bcdc98e5.chunk.css
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET logo.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET sadsadsad.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET
H3 200 sdsfsfsd.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 1 KB
1 KB 90ms
89ms Image
image/svg+xml 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/sdsfsfsd.svg
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e376e22fbf88b15846c5dc27c0f410b9efae3b109b7b7cd3aae88cc0b01b4c9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 76315
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreihdo3rc7p4iwfmenro4e7apiefz56xdwee3pn6nhkxirtalag2mtu
etag: W/"bafkreihdo3rc7p4iwfmenro4e7apiefz56xdwee3pn6nhkxirtalag2mtu"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/sdsfsfsd.svg
cf-ray: 89911b7ddfef5902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H3 200 Frame%20202.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 67 KB
28 KB 73ms
72ms Image
image/svg+xml 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/Frame%20202.svg
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd04cf7b6c12afdc5dc3c2af0625a909a9bb5ac97410ad3627c745482ca2e95e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 76316
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreignathxw3asv7of3q6cv4dclkijvg5vvsluccwtmj6hiveczixjly
etag: W/"bafkreignathxw3asv7of3q6cv4dclkijvg5vvsluccwtmj6hiveczixjly"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/Frame 202.svg
cf-ray: 89911b7df8245902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET fdhdfhfdhdf.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET
H3 200 safsfdsfsdfsdf.png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 779 KB
780 KB 52ms
52ms Image
image/png 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/safsfdsfsdfsdf.png
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45046df848dc8904e7a7f6fdec27963b084fc3e8f1943027218ccecaaa476245

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
cf-cache-status: HIT
age: 76315
alt-svc: h3=":443"; ma=86400
content-length: 798032
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreicfarw7qsg4recopj7w7xwcpfr3bbh4h2hrsqycoimmz3fkur3ciu
etag: "bafkreicfarw7qsg4recopj7w7xwcpfr3bbh4h2hrsqycoimmz3fkur3ciu"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/safsfdsfsdfsdf.png
accept-ranges: bytes
cf-ray: 89911b82b9385902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET Group%20216.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET Vector%203.png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET eegn%20(1).png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET Vector%201%20(2).png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET
H3 200 Vector%202.png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 940 B
1 KB 76ms
72ms Image
image/png 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/Vector%202.png
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eecd3c0440453884a4453a53dfc543c1b9d33bb01923e37906af72bd1d8add48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
cf-cache-status: HIT
age: 76316
alt-svc: h3=":443"; ma=86400
content-length: 940
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreihozu6aiqcfhcckirj2kpp4kq6bxhjtxmazeprxsbvpok6r3cw5ja
etag: "bafkreihozu6aiqcfhcckirj2kpp4kq6bxhjtxmazeprxsbvpok6r3cw5ja"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/Vector 2.png
accept-ranges: bytes
cf-ray: 89911b7e389e5902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET eegn%20(4).png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET eegn%20(2).png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET eegn%20(3).png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET
H3 200 dfdsfsdfdf.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 543 KB
194 KB 76ms
72ms Image
image/svg+xml 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/dfdsfsdfdf.svg
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043ec8fdbaef48f818be0377c3539c25fd4cd2ca221c8458bb83728333a48238

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 76316
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreiaeh3ep3oxpjd4brpqdo7bvhhbf7vgnfsrcdscfro4dokbthjecha
etag: W/"bafkreiaeh3ep3oxpjd4brpqdo7bvhhbf7vgnfsrcdscfro4dokbthjecha"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/dfdsfsdfdf.svg
cf-ray: 89911b7e38ac5902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H3 200 tututyyiy.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 34 KB
11 KB 74ms
71ms Image
image/svg+xml 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/tututyyiy.svg
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6784040c7afbac39201b727a99475cb1d5dd60525a4d3c1d2c690e8e319df8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 76316
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreigwpbaebr5pxlbzeanxe6uzi5oldvo5mbjfutj4duwgsduoggo7ry
etag: W/"bafkreigwpbaebr5pxlbzeanxe6uzi5oldvo5mbjfutj4duwgsduoggo7ry"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/tututyyiy.svg
cf-ray: 89911b7e38af5902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET fssdfsdfsd.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET Group%20213.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET
H3 200 basil_telegram-solid%20(1).svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 1 KB
1 KB 73ms
71ms Image
image/svg+xml 209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/basil_telegram-solid%20(1).svg
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fa94c2b929add33a50e8c4f6b0a3763a476eb465b9dea4d873cf3d13369f50d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 76316
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-am6-01
server: cloudflare
x-ipfs-roots: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou,bafkreic7vfgcxeu23uz2kdumj5vqun3dur3owrs3txve3bz46pitg2pvbu
etag: W/"bafkreic7vfgcxeu23uz2kdumj5vqun3dur3owrs3txve3bz46pitg2pvbu"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou/basil_telegram-solid (1).svg
cf-ray: 89911b7e38b85902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET Group%20200.png
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET sasas.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET fsfsfsdfgsdg.svg
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/ 0
0

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 59 KB
20 KB 98ms
49ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

Requested by

Host: cdn-js-forms.com
URL: https://cdn-js-forms.com/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 374493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19621
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65384d58-4ca5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lK2E0SY94gfou5ONPPBjVe%2FCCPKWMPzX3xzDZ3Qb7Vi4efNDLKoOo2tlvg3rAgLnGBuKmO57i2NPXdAACB4jnfCChkUWnFMFwXlovKODVMBHw36Ou5BOzjhobIrEQ6TZAtpqv2qI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89911b831a308f33-FRA
expires: Sun, 15 Jun 2025 01:15:36 GMT

POST
H3 200 config Show response
drop9-ether.ru/ 6 KB
5 KB 1212ms
1135ms Fetch
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop9-ether.ru/config
Requested by: Host: cdn-js-forms.com
URL: https://cdn-js-forms.com/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7cb50bb37c868ddbc033bbe1913ab2d0d6f1efbeec0c6012f26dbc8b4acea4b4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jun 2024 01:15:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpvyKZO%2FfWgcDmisS4YZQ26ysAkt2h8jkBh7sRSqGqL8sVIHY8P79q%2BH3w2Zl9ntTlvoVLBr3XSlPIpEWJmwhHVUY%2BtK8FTPhOX23Q2dDe4VL%2BFBCHnQGa%2B4l67HwbXWRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 89911b843eaf6acb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ethers.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ 719 KB
124 KB 47ms
47ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

Requested by

Host: cdn-js-forms.com
URL: https://cdn-js-forms.com/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 01:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 369109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125841
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62ad87d5-1eb91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BmTIC2unr4IVtrsQ4jMjI2WeZ0qpec2VbUT8gIXlAzoop68Yfq8Zq8Mhw099ns3ib6l8qDEIyfcccnIxwDon3WdPyPEgbEOMdO8rnkyIslH0bvhnrU1UykO6R8cH79jHLxW8jHD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89911b8b58558f33-FRA
expires: Sun, 15 Jun 2025 01:15:38 GMT

GET
H2 200 merkletree.js Show response
cdn.jsdelivr.net/npm/merkletreejs@latest/ 209 KB
51 KB 116ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js

Requested by

Host: cdn-js-forms.com
URL: https://cdn-js-forms.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jun 2024 01:15:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2714
x-jsd-version: 0.3.11
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 51348
x-served-by: cache-fra-etou8220103-FRA, cache-cph2320034-CPH
x-jsd-version-type: version
etag: W/"343f5-wn3//e2DIG1tBGj3Z3By+fDhqDc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET wallet-connect-v4.js
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/scripts/ 0
0

GET
H3

200

popup-6.css
bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link/styles/
Redirect Chain

https://bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com/styles/popup-6.css
https://bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link/styles/popup-6.css

51 KB
11 KB

79ms
68ms

Stylesheet
text/css

209.94.90.3
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link/styles/popup-6.css
Requested by: Host: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
Protocol: H3
Server: 209.94.90.3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 01:15:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 287250
alt-svc: h3=":443"; ma=86400
x-ipfs-pop: rainbow-fr2-03
server: cloudflare
x-ipfs-roots: bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy,bafybeihdkmd6kaafbimsylevgfwy7gigj25thgxhdcnp35mjeyhxaohwea,bafkreihu6lvivh5ob7qancl6jvmqpq3hocdkwpkhnyyi4ktkip2dzkh7v4
etag: W/"bafkreihu6lvivh5ob7qancl6jvmqpq3hocdkwpkhnyyi4ktkip2dzkh7v4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy/styles/popup-6.css
cf-ray: 89911b8cbc6a5902-TXL
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

Redirect headers

location: https://bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link/styles/popup-6.css
date: Tue, 25 Jun 2024 01:15:38 GMT
server: cloudflare
cf-ray: 89911b8c4e014d9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/font.css

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/main.11a91eab.css

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/483.bcdc98e5.chunk.css

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/logo.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/sadsadsad.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/fdhdfhfdhdf.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/Group%20216.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/Vector%203.png

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/eegn%20(1).png

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/Vector%201%20(2).png

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/eegn%20(4).png

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/eegn%20(2).png

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/eegn%20(3).png

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/fssdfsdfsd.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/Group%20213.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/Group%20200.png

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/sasas.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/fsfsfsdfgsdg.svg

Domain: bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
URL: https://bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link/scripts/wallet-connect-v4.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com/	1970-01-20 21:34:39	Name: __cf_bm Value: B_xGKPJKOomh3AxqTPr4Yr8vr7xjRTJTseM98aDkEXE-1719278138-1.0.1.1-JY0RU.cmtDCh7J.pATci1lzw5HTTw2R9qAIUi3v2h1biCEdn0GLPDBqV2lSVdrcgc_9TA078kSxZCn6kW_foPg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com
bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.dweb.link
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
cdn-js-forms.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
drop9-ether.ru
bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link
104.17.25.14
188.114.96.3
209.94.90.3
2606:4700::6811:600d
2a04:4e42::485
043ec8fdbaef48f818be0377c3539c25fd4cd2ca221c8458bb83728333a48238
2889ab3bc227e63d8cfbc0d207750eb95eafc28d9c4fd5349ece7fbfeb331550
45046df848dc8904e7a7f6fdec27963b084fc3e8f1943027218ccecaaa476245
5fa94c2b929add33a50e8c4f6b0a3763a476eb465b9dea4d873cf3d13369f50d
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
7cb50bb37c868ddbc033bbe1913ab2d0d6f1efbeec0c6012f26dbc8b4acea4b4
8b2e8ca32e6c886f8a50346526f69d2d0347d49767a29e0bba43636c62d80016
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
cd04cf7b6c12afdc5dc3c2af0625a909a9bb5ac97410ad3627c745482ca2e95e
d3c798cef1585ed27a482cdea9fb1d776231a233200e67862fb08ed0f25f7e5c
d6784040c7afbac39201b727a99475cb1d5dd60525a4d3c1d2c690e8e319df8e
e376e22fbf88b15846c5dc27c0f410b9efae3b109b7b7cd3aae88cc0b01b4c9d
eecd3c0440453884a4453a53dfc543c1b9d33bb01923e37906af72bd1d8add48
f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf
f5550ef73668010b4fa8ec5cd844bf79d226a153f86986df34b081042021fee5

bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link Open in urlscan Pro 209.94.90.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

43 %HTTPS

40 %IPv6

6 Domains

7 Subdomains

5 IPs

3 Countries

1573 kBTransfer

4206 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

43 JavaScript Global Variables

1 Cookies

Indicators

bafybeicvbg7eqrvvs5mns5t3t3kvzhgixfxtyr7ahjb7iwbaibchns2pou.ipfs.dweb.link Open in urlscan Pro
209.94.90.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

43 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

1573 kB
Transfer

4206 kB
Size

1
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!