cloudflare-ipfs.com
Open in
urlscan Pro
2606:4700::6811:600d
Malicious Activity!
Public Scan
Effective URL: https://cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/?sid=ijtppdpawgneil&eca=
Submission: On April 08 via manual from AE — Scanned from DE
Summary
TLS certificate: Issued by E1 on February 25th 2024. Valid for: 3 months.
This is the only time cloudflare-ipfs.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OneDrive (Online) Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:310... 2606:4700:310c::ac42:2d26 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 18 | 2606:4700::68... 2606:4700::6811:600d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 2 |
ASN13335 (CLOUDFLARENET, US)
wandering-sunset-9207.pages.dev |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
cloudflare-ipfs.com
1 redirects
cloudflare-ipfs.com |
869 KB |
3 |
pages.dev
wandering-sunset-9207.pages.dev |
50 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
18 | cloudflare-ipfs.com |
1 redirects
wandering-sunset-9207.pages.dev
cloudflare-ipfs.com |
3 | wandering-sunset-9207.pages.dev |
wandering-sunset-9207.pages.dev
|
20 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wandering-sunset-9207.pages.dev GTS CA 1P5 |
2024-03-18 - 2024-06-16 |
3 months | crt.sh |
cloudflare-ipfs.com E1 |
2024-02-25 - 2024-05-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/?sid=ijtppdpawgneil&eca=
Frame ID: FC1F46EED69D8134BCAA10B0E686B472
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Microsoft | SharePointPage URL History Show full URLs
-
http://wandering-sunset-9207.pages.dev/
HTTP 307
https://wandering-sunset-9207.pages.dev/ Page URL
- https://cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/?sid=ijtppd... Page URL
-
https://cloudflare-ipfs.com/cdn-cgi/phish-bypass?atok=UPsxwRRcmxiDsfDmXrQYc4YPQK__xRyM7ynhnKlXWmA-171260...
HTTP 301
https://cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/?sid=ijtppd... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wandering-sunset-9207.pages.dev/
HTTP 307
https://wandering-sunset-9207.pages.dev/ Page URL
- https://cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/?sid=ijtppdpawgneil&eca= Page URL
-
https://cloudflare-ipfs.com/cdn-cgi/phish-bypass?atok=UPsxwRRcmxiDsfDmXrQYc4YPQK__xRyM7ynhnKlXWmA-1712605703-0.0.1.1-%2Fipfs%2Fbafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy%2F%3Fsid%3Dijtppdpawgneil%26eca%3D
HTTP 301
https://cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/?sid=ijtppdpawgneil&eca= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://wandering-sunset-9207.pages.dev/ HTTP 307
- https://wandering-sunset-9207.pages.dev/
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
wandering-sunset-9207.pages.dev/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-2292bcd2.js
wandering-sunset-9207.pages.dev/assets/ |
140 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
wandering-sunset-9207.pages.dev/ |
1 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
cloudflare-ipfs.com/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
cloudflare-ipfs.com/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
outlook-anim.c9d7cfd2.gif
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/images/ |
603 KB 604 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/images/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1e10ecc00ed9fa82.css
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/css/ |
178 B 799 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0928fb330a264a8f.css
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webpack-791023863254e20e.js
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/chunks/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fd9d1056-bdbc21787612b876.js
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/chunks/ |
160 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
864-5b2a0e4b041824d8.js
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/chunks/ |
108 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main-app-944a4de3609ae22b.js
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/chunks/ |
508 B 895 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
white-onedrive.02a11105.svg
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/images/ |
96 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pdf.png
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/images/ |
150 KB 150 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
986-2e4c912a25752d34.js
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/chunks/ |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
page-da4e75fbc2979631.js
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/_next/static/chunks/app/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon.png
cloudflare-ipfs.com/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/images/ |
245 B 801 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OneDrive (Online) Generic Cloudflare (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunk_N_E object| __next_f undefined| _N_E object| next function| __next_require__ function| __next_chunk_load__2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cloudflare-ipfs.com/ | Name: __cf_mw_byp Value: UPsxwRRcmxiDsfDmXrQYc4YPQK__xRyM7ynhnKlXWmA-1712605703-0.0.1.1-/ipfs/bafybeidgk73tez5lbgsaowusupt3sfx4pfz32i2djis7ff3wypg4fn7qqy/?sid=ijtppdpawgneil&eca= |
|
cloudflare-ipfs.com/ | Name: __cf_bm Value: ZJhhU2VwZiD.uelrZ1JSC8JF4gLzlQLdSUKcdO_hPas-1712605704-1.0.1.1-5nDi..qo39OMBk4Y7SYpDW9cZCwOp4nwftLotqev1Qrl9tcQsong5HEpECyOk8DtwvZz9soc4b3LaX_IISsuCA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cloudflare-ipfs.com
wandering-sunset-9207.pages.dev
2606:4700:310c::ac42:2d26
2606:4700::6811:600d
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
121f081a914dbebec64002be3d372dac0d621c6b5144de658f99939ddb30a151
2416bcd8703fb4d89eb61bba356115d3d16a250dbfac93ffd82df60da6d14130
253bb213c16c9742f409da0729ff588b5a69b2fb6cb59c7d8dd19b821ac6cb3f
2a6ad1e7fda4ce7d50e888cf982dabf355d8cb6a88b8d24053ff1773a5e9557b
3803b72aaea1b501104f6d2d59b9311953535ab8bd3ab1621a4566b640e97533
46eca6d9042c1fbb823914a5133c900cd845cb8fe60f27c4e172032934b9fb1a
5002c2ba3eece3fa213168f8a0cb5a48fda8ff8129f799ff402d57b8f8b1550d
55beee9015b6c67d1768c6f5bf69cdca3172e533f82d0bd341b867c44f3ef56e
5af9163da28f0f8b4cbd4feb4a0f62241354049feb620d125966c6a55e21f4f7
5fbc55c7aca8515003db933fbfc27147afea85b30c666bee69d1a535c6e5d7fe
62782ac46a7fc0255e941d77f5f26a6872301e1cec04628813bb67228f571265
95dc1b37e1177faf90fe7052a5778149ea2c3a762c8880f0ff605feb03d1d4d5
9eb1a120cb9a1c72c4980d3ba4ff16b9ca8663c8308eb8401b797909296be435
aeca465f0702324766165f6d432fd420b9a3f9cb4cd1714f8efc7a3457da4062
b980c201bb31ff4c9cc802c4427c3be2b45a0f99e6ba2637e4be0344bb1823aa
e496bf3769e7bda12ce6f10e04ee924ec2a0ff319cc9d290da378accf73b0b38
edbb4350f8cf14ac0ddb276f154736d24574a9764a2e83b8f23926c4a9b5d504
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016