dymdlxd0.dreamwp.com Open in urlscan Pro
176.74.24.122 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://oia.bio/9xs26
Effective URL:
https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Submission: On January 12 via manual (January 12th 2024, 1:31:36 am UTC) from FR — Scanned from FR

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 176.74.24.122, located in London, United Kingdom and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is dymdlxd0.dreamwp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 11th 2024. Valid for: a year.

This is the only time dymdlxd0.dreamwp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation) Swiss Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3035::ac43:d434	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.203.71.227 52.203.71.227	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	176.74.24.122 176.74.24.122	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
24	6

3 2606:4700:3035::ac43:d434 (United States)

ASN13335 (CLOUDFLARENET, US)

oia.bio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.71.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-71-227.compute-1.amazonaws.com

o-trim.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 176.74.24.122 (London, United Kingdom) 1 redirects

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: ipb04a187a.ipv4.lon01.ds.network

dymdlxd0.dreamwp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	dreamwp.com dymdlxd0.dreamwp.com Failed	158 KB
3	oia.bio oia.bio	10 KB
2	o-trim.co o-trim.co	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	24 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1326	90 KB
24	5

	Domain	Requested by
14	dymdlxd0.dreamwp.com	o-trim.co dymdlxd0.dreamwp.com
3	oia.bio	oia.bio unpkg.com
2	o-trim.co	oia.bio o-trim.co
1	cdn.jsdelivr.net	o-trim.co
1	unpkg.com	oia.bio
24	5

This site contains no links.

Subject Issuer	Validity	Valid
oia.bio GTS CA 1P5	`2023-11-22` - `2024-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
o-trim.co Amazon RSA 2048 M03	`2023-10-29` - `2024-11-27`	a year	crt.sh
*.dreamwp.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-11` - `2025-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Frame ID: A8637EDB95CCDF151BDCB8508FBA77EB
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL - Account

Page URL History Show full URLs

https://oia.bio/9xs26 Page URL
https://o-trim.co/bb0aa Page URL
https://dymdlxd0.dreamwp.com/-/global/dhl/ HTTP 302
https://dymdlxd0.dreamwp.com/-/global/dhl/info.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

83 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

288 kB
Transfer

1187 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://oia.bio/9xs26 Page URL
https://o-trim.co/bb0aa Page URL
https://dymdlxd0.dreamwp.com/-/global/dhl/ HTTP 302
https://dymdlxd0.dreamwp.com/-/global/dhl/info.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 9xs26 Show response
oia.bio/ 19 KB
6 KB 567ms
505ms Document
text/html 2606:4700:3035::ac43:d434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oia.bio/9xs26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6c093f305019ee6c9aa5ab3bfc839c5724fb203859acfb17bfe8c6cd76369a44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8441a3f4587e2a25-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 01:31:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSuF7qn4%2BhpVpV5mc%2FsS9lXxHGcJeEsP62cOVkP3d74GKzhK3up4dI9As9x2%2FRxPHBTT0jCLF3WPw4VTTTyIY76yC6uGkzkXnzcjsi6cvvL3hg7vKJ6bdUfM29VMIHPqoBdHWKD%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 dotlottie-player.js Show response
unpkg.com/@dotlottie/player-component@1.0.0/dist/ 332 KB
90 KB 81ms
39ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@dotlottie/player-component@1.0.0/dist/dotlottie-player.js

Requested by

Host: oia.bio
URL: https://oia.bio/9xs26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19aa295521f5fe3828d378798ce690ff429956271afab0ac12883f188bcf95be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://oia.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3941598
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HG85QACWSK6F0F99RGXBN7PP-cdg
server: cloudflare
etag: W/"52f95-a5ortVpVcaDVdN2fO+5oFj6JbNE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8441a3f7ceca7842-CDG

GET
H2 200 logo.svg
oia.bio/ 9 KB
4 KB 399ms
399ms Image
image/svg+xml 2606:4700:3035::ac43:d434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oia.bio/logo.svg
Requested by: Host: oia.bio
URL: https://oia.bio/9xs26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://oia.bio/9xs26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2023 09:17:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"25a0-18bae38bfc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYHX%2FaDQyO5d%2F2TuynnHymgKgiYYgXxLb1iErr2YTJkaGl9a5y5AOp%2FuBigns0OJeH7RezFsphnWPkfu8%2BGMBxT6HtmWI1RWI%2BKSKvxtwUseRsTmNtJNJzEY4XCnwCqtwpzWp4ey"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 8441a3f78a5e2a25-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 stroke.svg
oia.bio/ 452 B
580 B 392ms
392ms Image
image/svg+xml 2606:4700:3035::ac43:d434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oia.bio/stroke.svg
Requested by: Host: oia.bio
URL: https://oia.bio/9xs26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://oia.bio/9xs26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2023 09:17:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1c4-18bae38c04b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgBZsiXOdvGX36nITSBg17qRwjv0pvM7e4UMNx6%2Fqeeixr5SfVQ6IWhmj9700emGP9iR35Bm8JYF2kSMWIQ%2FDHAxo1fO5hQAewxgYgqAGhlhJTa3f9EVbG9owq%2BC6dgZea0bl2E7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 8441a3f78a642a25-CDG
alt-svc: h3=":443"; ma=86400

GET animation.lottie
oia.bio/ 0
0

POST store-redirection-timings
oia.bio/api/v1/redirect/ 0
0

GET
H2 200 bb0aa Show response
o-trim.co/ 4 KB
4 KB 324ms
133ms Document
text/html 52.203.71.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://o-trim.co/bb0aa

Requested by

Host: oia.bio
URL: https://oia.bio/9xs26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.71.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-71-227.compute-1.amazonaws.com

Software

Resource Hash

8aff359e250b12e64e5a798082475855e7efd90cc2f05521550cf010fe422aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oia.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: fr-FR
content-length: 4175
content-type: text/html;charset=ISO-8859-1
date: Fri, 12 Jan 2024 01:31:32 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
24 KB 75ms
32ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: o-trim.co
URL: https://o-trim.co/bb0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://o-trim.co/
Origin: https://o-trim.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5346144
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230020-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgUO7GNNmYMdeLHJlZTcRrLkhvsaNFJ5ldCw2%2BNu735%2BCzf0np6ADBaDC6AKi0jahK59AQdDCc%2BmtlzpYLnzFBjKl%2BJlTFmS8PyF94rHAjltUFDWmClsdvwFoChu1L4hrkfLQCw%2B3yOKIEAp2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8441a3faac9600a0-CDG

GET
H2 200 RDNF92024-01-12T01:31:32.939Z
o-trim.co/trackdetails/bb0aa/ 82 B
381 B 93ms
93ms XHR
application/json 52.203.71.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://o-trim.co/trackdetails/bb0aa/RDNF92024-01-12T01:31:32.939Z

Requested by

Host: o-trim.co
URL: https://o-trim.co/bb0aa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.71.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-71-227.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://o-trim.co/bb0aa
email
qrRef: false
utmSource
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:31:32 GMT
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: inline;filename=f.txt
x-xss-protection: 1; mode=block
expires: 0

GET /
dymdlxd0.dreamwp.com/-/global/dhl/ 0
0

GET
H2

200

Primary Request info.php Show response
dymdlxd0.dreamwp.com/-/global/dhl/
Redirect Chain

https://dymdlxd0.dreamwp.com/-/global/dhl/
https://dymdlxd0.dreamwp.com/-/global/dhl/info.php

24 KB
8 KB

67ms
67ms

Document
text/html

176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Requested by: Host: o-trim.co
URL: https://o-trim.co/bb0aa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx / PHP/8.2.11
Resource Hash: 8514b2e03d7664b14c1e26b81068d5bf05fdf2b3538d296eff0c72a0c0547db0

Request headers

Referer: https://o-trim.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 7890
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 01:31:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-newfold-cache-level: 2
x-powered-by: PHP/8.2.11

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 23
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 01:31:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: info.php
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-newfold-cache-level: 2
x-powered-by: PHP/8.2.11

GET
H2 200 main.css
dymdlxd0.dreamwp.com/-/global/dhl/files/css/ 529 KB
87 KB 33ms
33ms Stylesheet
text/css 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx /
Resource Hash: d97797426d717621d5059e293ea468c8a463a3e8e7d89a5d90ac38eaa174ed64

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:34 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 13:27:30 GMT
server: nginx
etag: W/"5fbe5bc2-844ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 11 Feb 2024 01:31:34 GMT

GET
H2 200 jquery.js Show response
dymdlxd0.dreamwp.com/-/global/dhl/files/js/ 85 KB
30 KB 68ms
68ms Script
application/javascript 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/js/jquery.js
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx /
Resource Hash: 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:34 GMT
content-encoding: gzip
last-modified: Sun, 06 May 2018 02:07:02 GMT
server: nginx
etag: W/"5aee6346-15339"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 11 Feb 2024 01:31:34 GMT

GET
H2 200 dhl-logo.svg
dymdlxd0.dreamwp.com/-/global/dhl/files/img/ 2 KB
2 KB 71ms
71ms Image
image/svg+xml 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/img/dhl-logo.svg
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx /
Resource Hash: 362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:34 GMT
last-modified: Mon, 19 Oct 2020 21:47:02 GMT
server: nginx
x-newfold-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1603
expires: Sat, 13 Jan 2024 01:31:34 GMT

GET
H2 200 glo.svg
dymdlxd0.dreamwp.com/-/global/dhl/files/img/ 1 KB
1 KB 72ms
72ms Image
image/svg+xml 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/img/glo.svg
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx /
Resource Hash: 7b7e4adb65aa53b1bc731f15511c53d5beb73f187d5c5f35f19ebbfaf0decbbd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:34 GMT
last-modified: Tue, 17 Nov 2020 14:21:58 GMT
server: nginx
x-newfold-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1104
expires: Sat, 13 Jan 2024 01:31:34 GMT

GET
H2 200 glo-footer-logo.svg
dymdlxd0.dreamwp.com/-/global/dhl/files/img/ 12 KB
12 KB 28ms
28ms Image
image/svg+xml 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/img/glo-footer-logo.svg
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx /
Resource Hash: 5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:34 GMT
last-modified: Mon, 19 Oct 2020 21:47:04 GMT
server: nginx
x-newfold-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11968
expires: Sat, 13 Jan 2024 01:31:34 GMT

GET
H2 404 5132a7ca80ea9e18ec8cecc618cf5a0b.woff
dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/ 0
0 1155ms
1155ms Font
text/html 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/5132a7ca80ea9e18ec8cecc618cf5a0b.woff
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx / PHP/8.2.11
Resource Hash

Request headers

Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Origin: https://dymdlxd0.dreamwp.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:35 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.2.11
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dymdlxd0.dreamwp.com/wp-json/>; rel="https://api.w.org/"
content-length: 11905
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 arrow.svg
dymdlxd0.dreamwp.com/-/global/dhl/files/img/ 311 B
497 B 53ms
53ms Image
image/svg+xml 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/img/arrow.svg
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx /
Resource Hash: d8748acb2eead2bb284ccec7029faaa404c1f2bda9cbeae2d777b9033e473a9d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:34 GMT
last-modified: Sun, 22 Nov 2020 13:49:48 GMT
server: nginx
x-newfold-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 311
expires: Sat, 13 Jan 2024 01:31:34 GMT

GET
H2 200 lod.gif
dymdlxd0.dreamwp.com/-/global/dhl/files/img/ 17 KB
17 KB 33ms
33ms Image
image/gif 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/img/lod.gif
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx /
Resource Hash: ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/info.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:34 GMT
last-modified: Tue, 20 Oct 2020 20:45:00 GMT
server: nginx
etag: "5f8f4c4c-44b1"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17585
expires: Sun, 11 Feb 2024 01:31:34 GMT

GET
H2 404 c2d3739d2debffea340a58b7b8ab3c61.woff
dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/ 0
0 1125ms
1125ms Font
text/html 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/c2d3739d2debffea340a58b7b8ab3c61.woff
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx / PHP/8.2.11
Resource Hash

Request headers

Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Origin: https://dymdlxd0.dreamwp.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:35 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.2.11
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dymdlxd0.dreamwp.com/wp-json/>; rel="https://api.w.org/"
content-length: 11905
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 d2c082a9f78e61ea7ccefecaca4da8a3.woff
dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/ 0
0 1132ms
1132ms Font
text/html 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/d2c082a9f78e61ea7ccefecaca4da8a3.woff
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx / PHP/8.2.11
Resource Hash

Request headers

Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Origin: https://dymdlxd0.dreamwp.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:35 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.2.11
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dymdlxd0.dreamwp.com/wp-json/>; rel="https://api.w.org/"
content-length: 11905
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 e39bd2e2657ce5dd6f9c33df18529233.woff
dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/ 0
0 179ms
179ms Font
text/html 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/e39bd2e2657ce5dd6f9c33df18529233.woff
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx / PHP/8.2.11
Resource Hash

Request headers

Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Origin: https://dymdlxd0.dreamwp.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:35 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.2.11
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dymdlxd0.dreamwp.com/wp-json/>; rel="https://api.w.org/"
content-length: 11905
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 03f859bf58e4d37841070de34be7d978.woff
dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/ 0
0 202ms
202ms Font
text/html 176.74.24.122
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/03f859bf58e4d37841070de34be7d978.woff
Requested by: Host: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.74.24.122 London, United Kingdom, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb04a187a.ipv4.lon01.ds.network
Software: nginx / PHP/8.2.11
Resource Hash

Request headers

Referer: https://dymdlxd0.dreamwp.com/-/global/dhl/files/css/main.css
Origin: https://dymdlxd0.dreamwp.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:31:35 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.2.11
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dymdlxd0.dreamwp.com/wp-json/>; rel="https://api.w.org/"
content-length: 11905
expires: Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oia.bio
URL: https://oia.bio/animation.lottie

Domain: oia.bio
URL: https://oia.bio/api/v1/redirect/store-redirection-timings

Domain: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/

Domain: dymdlxd0.dreamwp.com
URL: https://dymdlxd0.dreamwp.com/-/global/dhl/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation) Swiss Post (Transportation)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery undefined| request

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
o-trim.co/	1969-12-31 23:59:59	Name: JSESSIONID Value: DD004A0AA4C6F28D8A83F6E752067BA2
o-trim.co/	1970-01-21 02:22:39	Name: otrim_tracking Value: RDNF92024-01-12T01:31:32.939Z
dymdlxd0.dreamwp.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8245atvjuhe8ig1isvh8c13vk6

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/c2d3739d2debffea340a58b7b8ab3c61.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/d2c082a9f78e61ea7ccefecaca4da8a3.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/5132a7ca80ea9e18ec8cecc618cf5a0b.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/e39bd2e2657ce5dd6f9c33df18529233.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dymdlxd0.dreamwp.com/-/global/dhl/files/assets/fonts/03f859bf58e4d37841070de34be7d978.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
dymdlxd0.dreamwp.com
o-trim.co
oia.bio
unpkg.com
dymdlxd0.dreamwp.com
oia.bio
176.74.24.122
2606:4700:3035::ac43:d434
2606:4700::6810:5814
2606:4700::6810:7eaf
52.203.71.227
19aa295521f5fe3828d378798ce690ff429956271afab0ac12883f188bcf95be
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
6c093f305019ee6c9aa5ab3bfc839c5724fb203859acfb17bfe8c6cd76369a44
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7b7e4adb65aa53b1bc731f15511c53d5beb73f187d5c5f35f19ebbfaf0decbbd
8514b2e03d7664b14c1e26b81068d5bf05fdf2b3538d296eff0c72a0c0547db0
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
8aff359e250b12e64e5a798082475855e7efd90cc2f05521550cf010fe422aee
ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302
d8748acb2eead2bb284ccec7029faaa404c1f2bda9cbeae2d777b9033e473a9d
d97797426d717621d5059e293ea468c8a463a3e8e7d89a5d90ac38eaa174ed64

dymdlxd0.dreamwp.com Open in urlscan Pro 176.74.24.122 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

83 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

288 kBTransfer

1187 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

3 Cookies

5 Console Messages

Indicators

dymdlxd0.dreamwp.com Open in urlscan Pro
176.74.24.122 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

83 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

288 kB
Transfer

1187 kB
Size

3
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!