ipfs-stg.fleek.co
Open in
urlscan Pro
2606:4700::6812:791
Malicious Activity!
Public Scan
Submission: On November 29 via api from US — Scanned from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 28th 2023. Valid for: a year.
This is the only time ipfs-stg.fleek.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 2606:4700::68... 2606:4700::6812:791 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700::68... 2606:4700::6810:7daf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c06::5f | 15169 (GOOGLE) (GOOGLE) | |
2 | 3.162.125.57 3.162.125.57 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 192.0.77.2 192.0.77.2 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
4 | 2600:141b:e80... 2600:141b:e800:25::1721:2acc | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c08::5f | 15169 (GOOGLE) (GOOGLE) | |
19 | 9 |
ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-57.iad61.r.cloudfront.net
auth.services.adobe.com |
ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
fleek.co
1 redirects
ipfs-stg.fleek.co |
130 KB |
4 |
flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 43548 |
43 KB |
2 |
adobe.com
auth.services.adobe.com — Cisco Umbrella Rank: 3590 |
220 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364 |
31 KB |
2 |
unpkg.com
1 redirects
unpkg.com — Cisco Umbrella Rank: 903 |
517 KB |
1 |
wp.com
i0.wp.com — Cisco Umbrella Rank: 3823 |
2 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335 |
774 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
1 KB |
19 | 8 |
Domain | Requested by | |
---|---|---|
8 | ipfs-stg.fleek.co |
1 redirects
ipfs-stg.fleek.co
|
4 | cdn-icons-png.flaticon.com |
ipfs-stg.fleek.co
|
2 | auth.services.adobe.com |
ipfs-stg.fleek.co
|
2 | unpkg.com |
1 redirects
ipfs-stg.fleek.co
|
1 | ajax.googleapis.com |
ipfs-stg.fleek.co
|
1 | i0.wp.com |
ipfs-stg.fleek.co
|
1 | fonts.googleapis.com |
ipfs-stg.fleek.co
|
1 | cdn.jsdelivr.net |
ipfs-stg.fleek.co
|
1 | cdnjs.cloudflare.com |
ipfs-stg.fleek.co
|
19 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fleek.co Cloudflare Inc ECC CA-3 |
2023-02-28 - 2024-02-28 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
auth.services.adobe.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-23 |
a year | crt.sh |
*.wp.com Sectigo ECC Domain Validation Secure Server CA |
2023-11-28 - 2024-12-28 |
a year | crt.sh |
*.flaticon.com R3 |
2023-11-25 - 2024-02-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ipfs-stg.fleek.co/ipfs/QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT
Frame ID: 8D0D229AD184CC8C22D9DC967FBCF900
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Adobe Account loginPage URL History Show full URLs
- https://ipfs-stg.fleek.co/ipfs/QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT Page URL
-
https://ipfs-stg.fleek.co/cdn-cgi/phish-bypass?atok=MeyvEuJxUzeLQic.2EO7id7O8stcMKYynwbbrjINX4o-170129...
HTTP 301
https://ipfs-stg.fleek.co/ipfs/QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ipfs-stg.fleek.co/ipfs/QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT Page URL
-
https://ipfs-stg.fleek.co/cdn-cgi/phish-bypass?atok=MeyvEuJxUzeLQic.2EO7id7O8stcMKYynwbbrjINX4o-1701293259-0-%2Fipfs%2FQmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT
HTTP 301
https://ipfs-stg.fleek.co/ipfs/QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://unpkg.com/@babel/standalone/babel.min.js HTTP 302
- https://unpkg.com/@babel/standalone@7.23.5/babel.min.js
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT
ipfs-stg.fleek.co/ipfs/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf.errors.css
ipfs-stg.fleek.co/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-exclamation.png
ipfs-stg.fleek.co/cdn-cgi/images/ |
452 B 540 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT
ipfs-stg.fleek.co/ipfs/ Redirect Chain
|
2 MB 122 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
babel.min.js
unpkg.com/@babel/standalone@7.23.5/ Redirect Chain
|
3 MB 516 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/ |
430 B 774 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 997 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adobe_logo_white.svg
auth.services.adobe.com/img/generic/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pdf-document.png
i0.wp.com/uk-dc.org/wp-content/uploads/2018/05/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
888867.png
cdn-icons-png.flaticon.com/512/888/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
732223.png
cdn-icons-png.flaticon.com/512/732/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
732200.png
cdn-icons-png.flaticon.com/512/732/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6124988.png
cdn-icons-png.flaticon.com/512/6124/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxM.9b78ea3b.woff
ipfs-stg.fleek.co/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc-.0344cc3c.woff
ipfs-stg.fleek.co/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc-.ddd11dab.woff
ipfs-stg.fleek.co/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fotolia_228669299_XL.jpg
auth.services.adobe.com/img/canvas/ |
217 KB 218 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| Babel function| adblockDetect function| $ function| jQuery function| TestsFunction1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ipfs-stg.fleek.co/ | Name: __cf_mw_byp Value: MeyvEuJxUzeLQic.2EO7id7O8stcMKYynwbbrjINX4o-1701293259-0-/ipfs/QmXZZf1MnhJUyVqicbiAWjR8i9sJv31dGGPghHNTDLRNwT |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
auth.services.adobe.com
cdn-icons-png.flaticon.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
i0.wp.com
ipfs-stg.fleek.co
unpkg.com
192.0.77.2
2600:141b:e800:25::1721:2acc
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700::6812:791
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::5f
2a04:4e42::485
3.162.125.57
0b93ee0536e4ed61b5ee2d5c14cc6d23eb0657c61fc6b41ab0251977a357776b
0e5c9c430c430273551c46e69d58bec076c4171a41f56ef0411e670a76651a7c
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1537558c3e501f179409e9b7d2bca2331c2671e14621caf49415da45a5f4f1fc
1ace2aea07e30c3093e77523417214fc5e656305ce9718a56f2e255875aea970
207f32a8ded433bf1e9941049332f88958da7c31f2611572a4a5a31fd330ac7a
254b7df57d31cfc34493775ebccdf10b20886442446e6e29efdffd46e68e8a85
28d8814239561676419d7e9f648e56a08a48a6ab7e302c3d8d94f2554e85902d
29f51fa20a254db7800576d90b3afa385e58bea2125ab1b16a3d6befbfc661c9
36158a62a0f30aa09661cc9c15b0781b017a64c2320fd8364229ac78715ecd0c
4576e0dbd0d14b797de3c14b0ab4b4aead520e9fcbf8ed3219a3f8397d22b7da
558a1f7f5ffe218499dcfe5e4fe28d8c890553131b2f718fd4c547be2e09c484
6dcf40fd04d3387edc5d792b6c7d978af1ba834014f7028765f9342db989f6ee
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
d91c29bcf81c848135875cec80202a9a5c36fbe48e35483a143ce6a177275adc
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016