cloudflare-ipfs.com Open in urlscan Pro
2606:4700::6811:400e Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Submission: On April 30 via automatic, source openphish (April 30th 2024, 1:07:54 am UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6811:400e, located in United States and belongs to CLOUDFLARENET, US. The main domain is cloudflare-ipfs.com.
TLS certificate: Issued by E1 on April 24th 2024. Valid for: 3 months.

This is the only time cloudflare-ipfs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Dropbox (Consumer) Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700::68... 2606:4700::6811:400e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.235.65.101 18.235.65.101	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	7

5 2606:4700::6811:400e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cloudflare-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.235.65.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-65-101.compute-1.amazonaws.com

alder-hilarious-barometer.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudflare-ipfs.com 1 redirects cloudflare-ipfs.com	79 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1230	99 KB
3	glitch.me alder-hilarious-barometer.glitch.me	79 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1139	36 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 363	31 KB
14	6

	Domain	Requested by
5	cloudflare-ipfs.com	1 redirects cloudflare-ipfs.com
3	use.fontawesome.com	cloudflare-ipfs.com use.fontawesome.com
3	alder-hilarious-barometer.glitch.me	cloudflare-ipfs.com
2	maxcdn.bootstrapcdn.com	cloudflare-ipfs.com
1	cdnjs.cloudflare.com	cloudflare-ipfs.com
1	ajax.googleapis.com	cloudflare-ipfs.com
14	6

This site contains no links.

Subject Issuer	Validity	Valid
cloudflare-ipfs.com E1	`2024-04-24` - `2024-07-23`	3 months	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Frame ID: 44BF442FCB0F64A2A824399D7FCF1A30
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shared Files - OneDrive

Page URL History Show full URLs

https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q Page URL
https://cloudflare-ipfs.com/cdn-cgi/phish-bypass?atok=7FdVL.gw9j_hymWL47QeJDSzcn1yqJ5fCqSjAdvkjG0-171443... HTTP 301
https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

331 kB
Transfer

992 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q Page URL
https://cloudflare-ipfs.com/cdn-cgi/phish-bypass?atok=7FdVL.gw9j_hymWL47QeJDSzcn1yqJ5fCqSjAdvkjG0-1714439264-0.0.1.1-%2Fipfs%2FQmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q HTTP 301
https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q Show response
cloudflare-ipfs.com/ipfs/ 4 KB
2 KB 33ms
12ms Document
text/html 2606:4700::6811:400e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:400e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63e5f7daca8a12698a23826e656d8b9d078a81d5b6289d79b92f35976bd6ed66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 87c3a2fdde8b8f3e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 01:07:44 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
cloudflare-ipfs.com/cdn-cgi/styles/ 23 KB
5 KB 10ms
9ms Stylesheet
text/css 2606:4700::6811:400e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare-ipfs.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:400e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
server: cloudflare
etag: W/"6622d9ef-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 87c3a2fdfeb68f3e-FRA
expires: Tue, 30 Apr 2024 03:07:44 GMT

GET
H3 200 icon-exclamation.png
cloudflare-ipfs.com/cdn-cgi/images/ 452 B
634 B 8ms
7ms Image
image/png 2606:4700::6811:400e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflare-ipfs.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:400e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/cdn-cgi/styles/cf.errors.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
server: cloudflare
etag: "6622d9ef-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 87c3a2fe1ec58f3e-FRA
content-length: 452
expires: Tue, 30 Apr 2024 03:07:44 GMT

GET
H3

200

Primary Request QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q Show response
cloudflare-ipfs.com/ipfs/
Redirect Chain

https://cloudflare-ipfs.com/cdn-cgi/phish-bypass?atok=7FdVL.gw9j_hymWL47QeJDSzcn1yqJ5fCqSjAdvkjG0-1714439264-0.0.1.1-%2Fipfs%2FQmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

398 KB
72 KB

88ms
87ms

Document
text/html

2606:4700::6811:400e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:400e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2372b42d2afc39267393e1c7263ece4bdc7915794f447dc344a464d5ac0097ee

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: MISS
cf-ray: 87c3a3170d568f3e-FRA
content-encoding: br
content-type: text/html
date: Tue, 30 Apr 2024 01:07:49 GMT
etag: W/"QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q"
server: cloudflare
vary: Accept-Encoding
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
x-ipfs-roots: QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

Redirect headers

cache-control: private, no-cache
cf-ray: 87c3a316fd438f3e-FRA
content-length: 167
content-type: text/html
date: Tue, 30 Apr 2024 01:07:48 GMT
location: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 css.css
alder-hilarious-barometer.glitch.me/ 5 KB
5 KB 471ms
261ms Stylesheet
text/css 18.235.65.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://alder-hilarious-barometer.glitch.me/css.css
Requested by: Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.65.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-65-101.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f197d9da74ec12bcfeb42f4ace83d2b31b2dd06c70a60aa8f9d89c8f58efa9e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
x-amz-version-id: DP1rP0XatBzhwNIEG7Cw7_eRZJyBhMVG
last-modified: Mon, 29 Apr 2024 16:11:09 GMT
server: AmazonS3
x-amz-request-id: V3Z82G2R45XGHMHY
etag: "4c472c99479ee186cec5d737c15c602b"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 5100
x-amz-id-2: ohbl6pBsSYMfw6AE5RSXciRU26jHYeWDhsLtiz7uWm6DMSZBJyqD7sm9+Q7sTQ+4QrNlpkg4Nw4=

GET
H2 200 check.css
alder-hilarious-barometer.glitch.me/ 1 KB
2 KB 450ms
241ms Stylesheet
text/css 18.235.65.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://alder-hilarious-barometer.glitch.me/check.css
Requested by: Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.65.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-65-101.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ab96691d78536247ca2ab64aac5af744cf699926fa30d393ae859c9fa803b42c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
x-amz-version-id: p1IQjhocuUwjbVIko.z_7MfIIgVrac1g
last-modified: Mon, 29 Apr 2024 16:11:09 GMT
server: AmazonS3
x-amz-request-id: V3ZB47ZGCMC68ARH
etag: "54b5377580019f827aac4fc3090efc3a"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 1339
x-amz-id-2: cTsq2VDQ4qWkyP7cqY8SMi2bQf00fYC9JKACCXyBC4k9+rCz+390NAZ2KtZkPL7jEKfSHbeBus8=

GET
H2 200 all.css
alder-hilarious-barometer.glitch.me/ 71 KB
72 KB 544ms
335ms Stylesheet
text/css 18.235.65.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://alder-hilarious-barometer.glitch.me/all.css
Requested by: Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.65.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-65-101.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 530cb4c29b444dc89dd73a4e0812f803be98d3448a48edca8aafdbc55a0b97eb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
x-amz-version-id: wDTr0Rbg97Hu70kgdDEHS8U_BmuVXRMm
last-modified: Mon, 29 Apr 2024 16:11:09 GMT
server: AmazonS3
x-amz-request-id: V3ZE9QQ3N8ZFG2H6
etag: "9280ef20d2d40a0287109a55d273daf1"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 73117
x-amz-id-2: aAW0f2x2AcC4MAwAkqJOWgF867vMChNog6eSlXUWDmt8qUWwHAYSgt39EWb/nQWkiVt/EwYFRt8=

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.0/css/ 53 KB
12 KB 46ms
17ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by: Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/
Origin: https://cloudflare-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130868
etag: W/"251d28bd755f5269a4531df8a81d5664"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=437OpKiZGck2q063TDFrM9gxSSh2kHM9Va%2BII5cHdjDg7A5qHvpQ6CPfqinlA3egIgiFPG964buTEo%2BmFZuyVLfWn11CZd4T8Z2c4ekItLnnkQHbQFv6v0jhB9lBCk%2Fy5Q%2BWRYwyqILI%2FnDffgO0fypv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 87c3a3186d419219-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 44ms
23ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/
Origin: https://cloudflare-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 752
age: 4086451
cdn-cachedat: 10/31/2023 18:48:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"450fc463b8b1a349df717056fbb3e078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4f48d17f4bbd2537e5b8fb68bd344cbc
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87c3a3185de15c6e-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cloudflare-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 00:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 00:16:07 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 38ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Origin: https://cloudflare-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://cloudflare-ipfs.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 249086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MjWvVmI1h2u7fpFvBdcqbTy%2Fawo4Lg5sCMLtyE7zpqKazQKaYbf4CLKxVVDM7BbY5jMgRBdctoafsu2q5MkjkVmzIT3oMNOoYlxn2nOax2o149NpvLGbo15u5w%2BjvAW6QCmoVuYe7OcsO%2B3G86Yrrhm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87c3a31869614dcc-FRA
expires: Sun, 20 Apr 2025 01:07:49 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 33ms
16ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: cloudflare-ipfs.com
URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Origin: https://cloudflare-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://cloudflare-ipfs.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1048
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1840236
cdn-cachedat: 03/18/2024 12:46:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9c397fe9619855302ffb1866328487e9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87c3a3185de05c6e-FRA
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a15ab5506fd2f4dd56632388ae13f93265bd2fb241b8cdc086246ed3ec4c8e5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47f7901b4ab01ff5544474bbe0f50c38331f8b3d1e7ce503ee0c7c807b45e57c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ad9c100b8c65f735e2b9d0e4b2f6df37ec87499856f73a5ae858b772b4a482e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3275b19201e60d9da8a8d6cfc1142a8d24ccb38651bed6c6ca6936833d255c75

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 152a5d57a6f2540659a44f2dd7b89ff1503bb4bc7eb37592698fbfbcc3136a08

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0ea10451375696df008df1ce02167284547e9803c10196d66f0ae79fe3c08ab

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.7.0/webfonts/ 13 KB
14 KB 14ms
13ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79569bbf98e046743427673c2f59a9649ee833f2a9089b2e6497d435b5fe1b09

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Origin: https://cloudflare-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33112
alt-svc: h3=":443"; ma=86400
content-length: 13576
last-modified: Fri, 22 Sep 2023 01:45:48 GMT
server: cloudflare
etag: "9c0eb6c2e967eccd837da618bcbde91c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvqQp8vLfA%2FMqRQVMU3TgZdBzSpudGQX%2BZGh8A0dDChHzl%2FSzwJ%2FSdjO1ZDFwcU%2FRr1PIYk%2Fc1DvPcyuNzCGAOVcTxUiDDjx4sgZlsa50sjhvc3Bd2%2FEitnUUsOpOGYVgUo7iubiNsJ01zmbgP0mpT3n"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 87c3a31c9f229219-FRA

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.0/webfonts/ 73 KB
73 KB 16ms
16ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Origin: https://cloudflare-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:07:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78459
alt-svc: h3=":443"; ma=86400
content-length: 74316
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
server: cloudflare
etag: "52134b924fd61958f88323845deffc64"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRqieFtGqoMpvY01TACtBLcoS8erLxcoiDmisA4vU1VssfExBZ6KxOjn2edF574Q8VnmQiJtiUklrlmHVxDoE%2FolFqOeUDZnmLQ6mnPjdZ9Ba%2FSX8eQlQlBfvpqzn8AIVp%2Bwh0f362eiTvMr8dYkea3E"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 87c3a31c9f239219-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Dropbox (Consumer) Generic Cloudflare (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cloudflare-ipfs.com/	1970-01-20 20:15:25	Name: __cf_mw_byp Value: 7FdVL.gw9j_hymWL47QeJDSzcn1yqJ5fCqSjAdvkjG0-1714439264-0.0.1.1-/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q
			cloudflare-ipfs.com/	1970-01-20 20:14:01	Name: __cf_bm Value: k8mfh9vbcSvvoQVR7cU8CK1VjjFBnaUoQH5fjf0DbQc-1714439269-1.0.1.1-ykhxef5gS4j7qtY869JKRAYZT3liyOG1GjbYox4L5QfqPmgiBSt._pwCbWyY5qQvtgE71Z5zimuRetebJFbAyQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cloudflare-ipfs.com/ipfs/QmXWKJqSnqE7ALAYFBK9Hg4sXWHESmnD5Qpkcpuoxuib1Q(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alder-hilarious-barometer.glitch.me
cdnjs.cloudflare.com
cloudflare-ipfs.com
maxcdn.bootstrapcdn.com
use.fontawesome.com
18.235.65.101
2606:4700:3036::6815:1b98
2606:4700::6811:190e
2606:4700::6811:400e
2606:4700::6812:bcf
2a00:1450:4001:828::200a
152a5d57a6f2540659a44f2dd7b89ff1503bb4bc7eb37592698fbfbcc3136a08
2372b42d2afc39267393e1c7263ece4bdc7915794f447dc344a464d5ac0097ee
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3275b19201e60d9da8a8d6cfc1142a8d24ccb38651bed6c6ca6936833d255c75
47f7901b4ab01ff5544474bbe0f50c38331f8b3d1e7ce503ee0c7c807b45e57c
530cb4c29b444dc89dd73a4e0812f803be98d3448a48edca8aafdbc55a0b97eb
5a15ab5506fd2f4dd56632388ae13f93265bd2fb241b8cdc086246ed3ec4c8e5
63e5f7daca8a12698a23826e656d8b9d078a81d5b6289d79b92f35976bd6ed66
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d
6ad9c100b8c65f735e2b9d0e4b2f6df37ec87499856f73a5ae858b772b4a482e
79569bbf98e046743427673c2f59a9649ee833f2a9089b2e6497d435b5fe1b09
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
ab96691d78536247ca2ab64aac5af744cf699926fa30d393ae859c9fa803b42c
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b0ea10451375696df008df1ce02167284547e9803c10196d66f0ae79fe3c08ab
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f197d9da74ec12bcfeb42f4ace83d2b31b2dd06c70a60aa8f9d89c8f58efa9e3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

cloudflare-ipfs.com Open in urlscan Pro 2606:4700::6811:400e Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

331 kBTransfer

992 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

cloudflare-ipfs.com Open in urlscan Pro
2606:4700::6811:400e Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

331 kB
Transfer

992 kB
Size

2
Cookies

14 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!