Submitted URL: https://parallelfi.net/
Effective URL: https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Submission: On May 18 via api from CN — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is ipfs.io. The Cisco Umbrella rank of the primary domain is 65949.
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.
This is the only time ipfs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2602:fea2:2::1 40680 (PROTOCOL)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a04:4e42::485 54113 (FASTLY)
11 7
Apex Domain
Subdomains
Transfer
3 cdn-js-delivr.com
cdn-js-delivr.com
2 MB
3 ipfs.io
ipfs.io — Cisco Umbrella Rank: 65949
4 MB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
143 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
51 KB
1 ipfs.tech
ipfs.tech — Cisco Umbrella Rank: 241700
5 KB
1 nftether2.ru
nftether2.ru
4 KB
1 parallelfi.net
parallelfi.net
489 B
11 7
Domain Requested by
3 cdn-js-delivr.com ipfs.io
3 ipfs.io 1 redirects cdn-js-delivr.com
2 cdnjs.cloudflare.com cdn-js-delivr.com
1 cdn.jsdelivr.net cdn-js-delivr.com
1 ipfs.tech
1 nftether2.ru cdn-js-delivr.com
1 parallelfi.net 1 redirects
11 7

This site contains links to these domains. Also see Links.

Domain
twitter.com
discord.com
Subject Issuer Validity Valid
ipfs.io
GTS CA 1P5
2024-04-16 -
2024-07-15
3 months crt.sh
cdn-js-delivr.com
E1
2024-05-14 -
2024-08-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
nftether2.ru
E1
2024-04-13 -
2024-07-12
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Frame ID: F7AFFBCD902AD313020AD2AB58502638
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Parallel

Page URL History Show full URLs

  1. https://parallelfi.net/ HTTP 301
    https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

11
Requests

82 %
HTTPS

100 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

6070 kB
Transfer

8715 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://parallelfi.net/ HTTP 301
    https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://ipfs.io/favicon.ico HTTP 301
  • https://ipfs.tech/favicon.ico

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Redirect Chain
  • https://parallelfi.net/
  • https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
6 MB
4 MB
Document
General
Full URL
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6272eeab0e59dad79adf0021baf3510e038dcb46dd32dca32d4b311bbd10b17b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type Range User-Agent X-Requested-With
access-control-allow-methods
GET HEAD OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age
33316
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=29030400, immutable
cf-cache-status
HIT
cf-ray
885c6b1369813605-FRA
content-encoding
br
content-type
text/html
date
Sat, 18 May 2024 14:08:15 GMT
server
cloudflare
vary
Accept-Encoding
x-ipfs-path
/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
x-ipfs-pop
rainbow-am6-02
x-ipfs-roots
Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
885c6b12396919af-FRA
date
Sat, 18 May 2024 14:08:15 GMT
location
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QlR0q3Hmg3pO%2BgShWV75w%2F1%2FzwQJUX0HkCuiUvel8%2BBnnLUVqScVnFUh3%2FhfN0PwOw46l4ciM9QYI4p6s%2BG4cFj5GajeOXSjxBpp6m1aq7uR8lXIh8r5xtw1RneSknM9kxIWgyAXUO8RmKUTbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
contracts.js
cdn-js-delivr.com/scripts/
0
487 B
Script
General
Full URL
https://cdn-js-delivr.com/scripts/contracts.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:cb38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ipfs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 18 May 2024 12:02:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oo838Wn4MkZfLlZVmovAWq%2FDakwYz%2B%2FujzE00EsN1dhJ8p%2BH36tT3TBBTh6sA6WaIxY8pltnho8vv5diW4S%2BNTPX4DAA2VRfhMes5NM24uFjPjCEIRN7a5maZOZpQV7g9IrIkcMNxexIAIrDnh9fpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
885c6b15dc842c3b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
main.js
cdn-js-delivr.com/scripts/
2 MB
2 MB
Script
General
Full URL
https://cdn-js-delivr.com/scripts/main.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:cb38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0812bdc6e19d0ac64b968d73b2c3f66aa8dc87f0521e943849a9a1d1d81bf9e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ipfs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 18 May 2024 12:02:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HP8bkaCSYNIdxozHpiE42jaP1QqcZQBm14hMF%2BKCnobtHVTwdwDW97nn0D%2B4sumrNPMd%2Bejpdp9iPr7d2iZzS7m%2BTE6n%2BtWjY%2FbC6PDAaZMd0Fzd7d6YAND5DjLbC20FAD6vzY%2B7sLy2QQ3Fh2ReQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
885c6b15dc832c3b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1651355
entry.js
cdn-js-delivr.com/scripts/
0
275 B
Script
General
Full URL
https://cdn-js-delivr.com/scripts/entry.js
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:cb38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ipfs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 18 May 2024 12:02:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkTwCI4a9EG8iGM%2BNCTI4zX74GpeOZoQkf1YFGzC0K8y3r%2F6yca3FTOgaGb5yt3SErBQog%2BBJJxD7SXZ0o2QXYStli9Fp0mTuza%2BOUk%2BSKQ2Chtjg%2FMMpUZgDRAFQKUeQOj6UIHs91Y53RKyrRpFPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
885c6b15dc802c3b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/
732 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
261035cfbb03ae890584fca81a0be24a5edcb091938f0e199e4695465bfcf466

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
169 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1547ae1a9d1c1f8ea6bb2201db6ea9e8bf22c1c87990d984dd3ad8b5a981b994

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84def95bf0d069e599710fd22cd138b1bb2524f25882efa6bdc699eb1c55280e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
418 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9ea3d432e395811f844d5867a2b0b6adcfcf355219d1fdcbeabee63ef6bb788

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
875 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e4c62f62ca912c789a3bd7b10b8f9e8d6ae04cc944c39f0fde2f61bf4519bab

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
179 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3efa25f860125e998e0393b6b5ee85046117fedf8d33fccd2eae8856b0bdae5b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
236 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92094ae3d72bf08f22da24cddc0b8985aac54d0a0ad603cfb83dbcccf0fc6f38

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36ac4086f2052a871fc9a2e8ef490a4e4b0fe2d3bfe2bc066865a45f60b327aa

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34db24bf8e3256492155f512b06385fff88057d3e8d2c41af66c28a85008a588

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d5d4c72f5bd7918e8cf106c6d24243e1509e168c42baccc8f7e3166aa334d1e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c123adb0fb0245332917af0033d26a975ea8b0b6c0d7d3b9fe2825e815438cce

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bec0f7007bf1df0f5fcd1a03c195a1951110787644d117b267d36930c7a9aca1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
12 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6ff02fff409919e3ecec56a4db8ed86d576e3ad17f768e9112e205e21607529

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/
59 KB
20 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js
Requested by
Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ipfs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
294045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19621
last-modified
Tue, 24 Oct 2023 23:03:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65384d58-4ca5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INh%2BhO0nyQ5ZUfJqSrf5FQfRpczMpMIKPWwexzkXCSIWRTCNW14a6YFNHXtFrb3nHYM%2FfnD1%2BkD%2Brv3yle1jk%2BnprgyPB668Wbmu6nReAzo%2BqbpGDmjoHEy3DveYYj%2BL0sOOe6oPlYgPtlZg738BIJUe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
885c6b17c97b9b39-FRA
expires
Thu, 08 May 2025 14:08:16 GMT
config
nftether2.ru/
4 KB
4 KB
Fetch
General
Full URL
https://nftether2.ru/config
Requested by
Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:969e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8dbc5fdf76506f8a5444c98e102b3be3f7b0df8aa615185a9a85f87361a77fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ipfs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwWvjT2hf4VQ04%2BcEu5iafSiH8XUeZKrsnUWHBl9Ecwz62Oe3DAfHOl6ryR2PNQF2yYJHseXORBYGWMJ9Wvhu686tcYOXv5qRvLwax8z1HcPevIOWd7d2hVkO19r2tWVbSTTpqIMN%2BB5J4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
885c6b1878b135fe-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
favicon.ico
ipfs.tech/
Redirect Chain
  • https://ipfs.io/favicon.ico
  • https://ipfs.tech/favicon.ico
15 KB
5 KB
Other
General
Full URL
https://ipfs.tech/favicon.ico
Protocol
H2
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ipfs.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
br
cdn-edgestorageid
1081
x-cache-status
MISS
cdn-cachedat
04/28/2024 13:52:02
cdn-pullzone
2016121
x-xss-protection
0
x-request-id
d11de914c93bce2139a1bcd4aa45debb
referrer-policy
strict-origin-when-cross-origin
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
x-ipfs-roots
bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy,QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT
etag
W/"QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/x-icon
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
max-age=60, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy/favicon.ico
cdn-requestpullcode
200
cdn-requestid
6d9de046b37b72fdf9402d15d0ab302d
cdn-requestcountrycode
DE
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Sat, 18 May 2024 14:08:16 GMT
cf-cache-status
HIT
x-ipfs-pop
rainbow-fr2-01
server
cloudflare
age
267
vary
Accept-Encoding
content-type
text/html
location
https://ipfs.tech/favicon.ico
cf-ray
885c6b183f423605-FRA
alt-svc
h3=":443"; ma=86400
ethers.umd.min.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/
719 KB
124 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
Requested by
Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ipfs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
169733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
125841
last-modified
Sat, 18 Jun 2022 08:07:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62ad87d5-1eb91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dP2FYa1FWfltQgNBBCGjMLtxKvM%2FnStwkCH9JUWzYVdHyVQaR8Oefg32RjND%2FTvKPGg9POxOhcQ8VMEsDouDkxJmbSB4G5zjVc8GmiSPfAnaqZt8wA3JWz55ZPHM0oq2HnL2bjFWG1vvCddxwPeSzbc5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
885c6b18fae79b39-FRA
expires
Thu, 08 May 2025 14:08:16 GMT
merkletree.js
cdn.jsdelivr.net/npm/merkletreejs@latest/
209 KB
51 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js
Requested by
Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ipfs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 May 2024 14:08:16 GMT
x-content-type-options
nosniff
content-encoding
br
age
3007
x-jsd-version
0.3.11
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
51348
x-served-by
cache-fra-etou8220049-FRA
x-jsd-version-type
version
etag
W/"343f5-wn3//e2DIG1tBGj3Z3By+fDhqDc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
wallet-connect-v4.js
ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/scripts/
0
0

popup-6.css
ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/styles/
51 KB
11 KB
Fetch
General
Full URL
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/styles/popup-6.css
Requested by
Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 14:08:16 GMT
content-encoding
br
cf-cache-status
HIT
age
32484
alt-svc
h3=":443"; ma=86400
x-ipfs-pop
rainbow-fr2-01
server
cloudflare
x-ipfs-roots
Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF,QmVVGcLZ2z7Ufwx36PbC75oWkmAAWNgfoTysvpRyn4DAJa,QmaCsW9u9iDSMheuPmSwgxy73MUGQU1PZHEyamaZBrBuTh
etag
W/"QmaCsW9u9iDSMheuPmSwgxy73MUGQU1PZHEyamaZBrBuTh"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/styles/popup-6.css
cf-ray
885c6b18f8183605-FRA
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ipfs.io
URL
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/scripts/wallet-connect-v4.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| savepage_ShadowLoader string| UNIQUE_IDENTITY object| popups function| __p_2073651016 object| __p_7478504956 number| __p_9905590737 object| __p_4748178779 function| __getGlobal object| __globalObject function| __TextDecoder function| __Uint8Array undefined| __Buffer function| __String function| __Array function| utf8ArrayToStr function| __p_9020619038 string| __p_7688207193 string| __p_0830950695 string| __p_4002270671 string| __p_1492684898 string| __p_0562294071 string| __p_3317661627 object| __p_3855476934 string| __p_4150600891 string| __p_7104306603 object| __p_8827084230 function| __p_6456149621_calc function| __p_3650137225 number| __p_4616965176 function| _0xc659 function| _0x41da13 function| _0x3aca function| __p_9076570504 function| __p_0841413802 object| CryptoJS object| _ethers object| ethers function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree

0 Cookies

1 Console Messages

Source Level URL
Text
other warning URL: https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/(Line 10)
Message:
<link rel=preload> has an invalid `href` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-js-delivr.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ipfs.io
ipfs.tech
nftether2.ru
parallelfi.net
ipfs.io
2400:52e0:1e00::1081:1
2602:fea2:2::1
2606:4700:3031::ac43:cb38
2606:4700:3036::6815:ae0
2606:4700:3036::ac43:969e
2606:4700::6811:180e
2a04:4e42::485
0812bdc6e19d0ac64b968d73b2c3f66aa8dc87f0521e943849a9a1d1d81bf9e1
1547ae1a9d1c1f8ea6bb2201db6ea9e8bf22c1c87990d984dd3ad8b5a981b994
261035cfbb03ae890584fca81a0be24a5edcb091938f0e199e4695465bfcf466
34db24bf8e3256492155f512b06385fff88057d3e8d2c41af66c28a85008a588
36ac4086f2052a871fc9a2e8ef490a4e4b0fe2d3bfe2bc066865a45f60b327aa
3efa25f860125e998e0393b6b5ee85046117fedf8d33fccd2eae8856b0bdae5b
5d5d4c72f5bd7918e8cf106c6d24243e1509e168c42baccc8f7e3166aa334d1e
6272eeab0e59dad79adf0021baf3510e038dcb46dd32dca32d4b311bbd10b17b
6e4c62f62ca912c789a3bd7b10b8f9e8d6ae04cc944c39f0fde2f61bf4519bab
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
84def95bf0d069e599710fd22cd138b1bb2524f25882efa6bdc699eb1c55280e
8dbc5fdf76506f8a5444c98e102b3be3f7b0df8aa615185a9a85f87361a77fa8
92094ae3d72bf08f22da24cddc0b8985aac54d0a0ad603cfb83dbcccf0fc6f38
94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
b6ff02fff409919e3ecec56a4db8ed86d576e3ad17f768e9112e205e21607529
bec0f7007bf1df0f5fcd1a03c195a1951110787644d117b267d36930c7a9aca1
c123adb0fb0245332917af0033d26a975ea8b0b6c0d7d3b9fe2825e815438cce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ea3d432e395811f844d5867a2b0b6adcfcf355219d1fdcbeabee63ef6bb788
f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf