bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 6 HTTP transactions. The main IP is 2602:fea2:2::3, located in United States and belongs to PROTOCOL, US. The main domain is bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link.
TLS certificate: Issued by E6 on December 8th 2024. Valid for: 3 months.

This is the only time bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	2602:fea2:2::3 2602:fea2:2::3	40680 (PROTOCOL) (PROTOCOL)
1	104.131.67.145 104.131.67.145	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	2606:4700::68... 2606:4700::6812:bc73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1ac4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:c0:ac:7:... 2a02:c0:ac:7:fe::193	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro AS)
6	5

1 2602:fea2:2::3 (United States)

ASN40680 (PROTOCOL, US)

bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.67.145 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.freebiesupply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bc73 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.dhlparcel.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1ac4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dhlecommerce.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:c0:ac:7:fe::193 (Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro AS, NO)

images-global.nhst.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	dhlecommerce.nl www.dhlecommerce.nl — Cisco Umbrella Rank: 302960	3 KB
2	dhlparcel.nl 2 redirects www.dhlparcel.nl — Cisco Umbrella Rank: 587831	694 B
1	nhst.tech images-global.nhst.tech — Cisco Umbrella Rank: 214883	221 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	30 KB
1	freebiesupply.com cdn.freebiesupply.com — Cisco Umbrella Rank: 246777	45 KB
1	dweb.link bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link	3 KB
6	6

	Domain	Requested by
2	www.dhlecommerce.nl	bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
2	www.dhlparcel.nl	2 redirects
1	images-global.nhst.tech	bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
1	ajax.googleapis.com	bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
1	cdn.freebiesupply.com	bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
1	bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
6	6

This site contains no links.

Subject Issuer	Validity	Valid
dweb.link E6	`2024-12-08` - `2025-03-08`	3 months	crt.sh
cdn.freebiesupply.com R10	`2024-11-17` - `2025-02-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
nhst.tech R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/
Frame ID: 6BC7ADF6EE1975557C62FD50F459EAC9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL Express | Track Shipment

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

67 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

303 kB
Transfer

369 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.dhlparcel.nl/themes/custom/dp_theme/images/logo.svg HTTP 301
https://www.dhlecommerce.nl/themes/custom/dp_theme/images/logo.svg

Request Chain 4

https://www.dhlparcel.nl/themes/custom/dp_theme/favicon.ico HTTP 301
https://www.dhlecommerce.nl/themes/custom/dp_theme/favicon.ico

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/ 10 KB
3 KB 39ms
18ms Document
text/html 2602:fea2:2::3
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2602:fea2:2::3 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c9ab5fd796e9015d75f0787ac875da114f6c19365e53c77b298e42c9fe7383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET HEAD OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age: 17969025
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: HIT
cf-ray: 8f483f81c8f7d2f3-FRA
content-encoding: br
content-type: text/html
date: Thu, 19 Dec 2024 14:57:58 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding
x-ipfs-path: /ipfs/bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca/
x-ipfs-pop: rainbow-fr2-01
x-ipfs-roots: bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca

GET
H/1.1 200
OK dhl-1-logo-png-transparent.png
cdn.freebiesupply.com/logos/large/2x/ 45 KB
45 KB 374ms
181ms Image
image/png 104.131.67.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.freebiesupply.com/logos/large/2x/dhl-1-logo-png-transparent.png
Requested by: Host: bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
URL: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.131.67.145 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f8a7411080898c5e0e9a1b99c27c4c0951d558c6948a8f5cd712364f85e9bc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/

Response headers

X-Cache-Status: HIT
Cache-Control: max-age=15552000, public, no-transform
ETag: "c254c6e963469ddf999da53d10109dea"
Connection: keep-alive
x-amz-request-id: 28614FAD7B274E59
Expires: Tue, 17 Jun 2025 14:57:58 GMT
Accept-Ranges: bytes
Content-Length: 45805
Date: Thu, 19 Dec 2024 14:57:58 GMT
Content-Type: image/png
Last-Modified: Fri, 09 Mar 2018 21:42:13 GMT
Server: nginx
x-amz-id-2: XZbIpmPf9PFo2XVF7tEO9Qr7mSd4FG4AA+Rw98IEpb27+/GWXHNMfBTBVGvb4Conea/CEiMQ2Lc=

GET
H2

200

logo.svg
www.dhlecommerce.nl/themes/custom/dp_theme/images/
Redirect Chain

https://www.dhlparcel.nl/themes/custom/dp_theme/images/logo.svg
https://www.dhlecommerce.nl/themes/custom/dp_theme/images/logo.svg

3 KB
1 KB

41ms
16ms

Image
image/svg+xml

2606:4700::6812:1ac4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlecommerce.nl/themes/custom/dp_theme/images/logo.svg

Requested by

Host: bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
URL: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/

Protocol

H2

Server

2606:4700::6812:1ac4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62bf08fcdd300ef2c47e160b8d0a9f2dcb2fd9278af0a4e52cc716deb8a14c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"c72-62533bc1f6d80"
age: 2517040
x-content-type-options: nosniff
cf-ray: 8f483f825d99dbad-FRA
expires: Thu, 20 Nov 2025 11:47:18 GMT
date: Thu, 19 Dec 2024 14:57:58 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Oct 2024 07:13:10 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
location: https://www.dhlecommerce.nl/themes/custom/dp_theme/images/logo.svg
x-content-type-options: nosniff
cf-ray: 8f483f820eb84d5b-FRA
expires: Thu, 19 Dec 2024 15:57:58 GMT
content-length: 167
date: Thu, 19 Dec 2024 14:57:58 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
URL: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/

Response headers

content-encoding: gzip
age: 437772
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 13:21:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 13:21:46 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30028
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK 0f2521703767006c88f7c21a24cf991e
images-global.nhst.tech/image/WEdHSVZ5eU5vT01Ia25OS1duVnowOWNrSFJyVXFmRzdZOFhBcjNhZ3g4Zz0=/nhst/binary/ 221 KB
221 KB 302ms
51ms Image
image/jpg 2a02:c0:ac:7:fe::193
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/WEdHSVZ5eU5vT01Ia25OS1duVnowOWNrSFJyVXFmRzdZOFhBcjNhZ3g4Zz0=/nhst/binary/0f2521703767006c88f7c21a24cf991e
Requested by: Host: bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
URL: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0:ac:7:fe::193 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro AS, NO),
Reverse DNS
Software: / Express
Resource Hash: 25e1397babd7c81dc8946fbf3fdbf8ba9a7e3092160f4e473cc90ac59b4b15e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/

Response headers

cache-control: max-age=86400
Age: 111946
Connection: keep-alive
X-CDN-Location: unknown
X-CDN-Cache: HIT #2
Via: 1.1 varnish-v4
Accept-Ranges: bytes
Content-Length: 225852
Date: Wed, 18 Dec 2024 07:52:11 GMT
Content-Type: image/jpg
X-Powered-By: Express

GET
H2

200

favicon.ico
www.dhlecommerce.nl/themes/custom/dp_theme/
Redirect Chain

https://www.dhlparcel.nl/themes/custom/dp_theme/favicon.ico
https://www.dhlecommerce.nl/themes/custom/dp_theme/favicon.ico

7 KB
2 KB

17ms
17ms

Other
image/vnd.microsoft.icon

2606:4700::6812:1ac4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dhlecommerce.nl/themes/custom/dp_theme/favicon.ico

Protocol

H2

Server

2606:4700::6812:1ac4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6804c64aa3c5ed0b33ea0127c00d7d5af5bcca300162e009ce80de5032618cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"1cee-62533bc1f6d80"
age: 2517081
x-content-type-options: nosniff
cf-ray: 8f483f84eaf2dbad-FRA
expires: Thu, 20 Nov 2025 11:46:37 GMT
date: Thu, 19 Dec 2024 14:57:58 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 24 Oct 2024 07:13:10 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
location: https://www.dhlecommerce.nl/themes/custom/dp_theme/favicon.ico
x-content-type-options: nosniff
cf-ray: 8f483f84c8ee4d5b-FRA
expires: Thu, 19 Dec 2024 15:57:58 GMT
content-length: 167
date: Thu, 19 Dec 2024 14:57:58 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dhlecommerce.nl/	1969-12-31 23:59:59	Name: _cfuvid Value: zB9DyNe8Z2KY_cZozRZbG7fpWgH92b_5aLdKZdoio5U-1734620278140-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link
cdn.freebiesupply.com
images-global.nhst.tech
www.dhlecommerce.nl
www.dhlparcel.nl
104.131.67.145
2602:fea2:2::3
2606:4700::6812:1ac4
2606:4700::6812:bc73
2a00:1450:4001:828::200a
2a02:c0:ac:7:fe::193
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
25e1397babd7c81dc8946fbf3fdbf8ba9a7e3092160f4e473cc90ac59b4b15e0
6804c64aa3c5ed0b33ea0127c00d7d5af5bcca300162e009ce80de5032618cb6
7f8a7411080898c5e0e9a1b99c27c4c0951d558c6948a8f5cd712364f85e9bc7
a62bf08fcdd300ef2c47e160b8d0a9f2dcb2fd9278af0a4e52cc716deb8a14c3
b1c9ab5fd796e9015d75f0787ac875da114f6c19365e53c77b298e42c9fe7383

bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link Open in urlscan Pro 2602:fea2:2::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

67 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

303 kBTransfer

369 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

bafybeifj4qhyla7yp5xwswirxlwjyatbj4zk4r5twlepzpnzfs34ulvmca.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

67 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

303 kB
Transfer

369 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!