urlscan.io logo urlscan.io
SecurityTrails logo

sharefilesxp.work.gd Open in urlscan Pro
139.59.17.23  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://sharefilesxp.work.gd/
Submission: On March 14 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 139.59.17.23, located in Bengaluru, India and belongs to DIGITALOCEAN-ASN, US. The main domain is sharefilesxp.work.gd.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 12th 2023. Valid for: 3 months.
This is the only time sharefilesxp.work.gd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
9 139.59.17.23 14061 (DIGITALOC...)
1 142.251.42.202 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 151.101.65.229 54113 (FASTLY)
1 104.21.73.63 13335 (CLOUDFLAR...)
2 13.35.49.29 16509 (AMAZON-02)
1 20.74.48.56 ()
2 103.102.166.240 14907 (WIKIMEDIA)
1 104.21.77.112 13335 (CLOUDFLAR...)
19 9
9    139.59.17.23 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
sharefilesxp.work.gd
1    142.251.42.202 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f10.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.21.73.63 (None, )

ASN13335 (CLOUDFLARENET, US)
ns.cdn-services.com
2    13.35.49.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-29.nrt20.r.cloudfront.net
auth.services.adobe.com
1    20.74.48.56 (None, )

ASN- ()
f.hellowork.com
2    103.102.166.240 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.eqsin.wikimedia.org
upload.wikimedia.org
1    104.21.77.112 (None, )

ASN13335 (CLOUDFLARENET, US)
download.logo.wine
Apex Domain
Subdomains		 Transfer
9 work.gd
sharefilesxp.work.gd
2 MB
2 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2283
78 KB
2 adobe.com
auth.services.adobe.com — Cisco Umbrella Rank: 3773
151 KB
1 logo.wine
download.logo.wine — Cisco Umbrella Rank: 273925
26 KB
1 hellowork.com
f.hellowork.com
21 KB
1 cdn-services.com
ns.cdn-services.com
885 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
777 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
949 B
19 9
Domain Requested by
9 sharefilesxp.work.gd sharefilesxp.work.gd
2 upload.wikimedia.org
2 auth.services.adobe.com
1 download.logo.wine
1 f.hellowork.com
1 ns.cdn-services.com sharefilesxp.work.gd
1 cdn.jsdelivr.net sharefilesxp.work.gd
1 cdnjs.cloudflare.com sharefilesxp.work.gd
1 fonts.googleapis.com sharefilesxp.work.gd
19 9

This site contains no links.

Subject Issuer Validity Valid
sharefilesxp.work.gd
cPanel, Inc. Certification Authority		 2023-03-12 -
2023-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
auth.services.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-23		 a year crt.sh
*.hellowork.com
Gandi Standard SSL CA 2		 2022-04-04 -
2023-04-29		 a year crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-27 -
2023-11-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sharefilesxp.work.gd/
Frame ID: F2AA691A3173B969A95C7F4F6B9CED32
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adobe ID

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

2256 kB
Transfer

2251 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sharefilesxp.work.gd/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
956b947b5c61c21f1a87e4919a500bf6b2fc90763e7f643a7a113c449264cd48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
1151
Content-Type
text/html
Date
Tue, 14 Mar 2023 06:03:10 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
css2
fonts.googleapis.com/ 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400&display=swap
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f10.1e100.net
Software
ESF /
Resource Hash
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Mar 2023 06:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 06:03:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Mar 2023 06:03:11 GMT
index.min.js
cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/index.min.js
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5c9c430c430273551c46e69d58bec076c4171a41f56ef0411e670a76651a7c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://sharefilesxp.work.gd/
Origin
https://sharefilesxp.work.gd
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 06:03:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15498278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
452
last-modified
Mon, 04 May 2020 16:04:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf5-425"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cn87RcEsnIRJj3riZWay88GyxSvR5Fo8K6gaLGPRbEIuwR1Ce0IbgJpDbVUr7NQ07z0pq9SI5RPDtfNadN%2BGcuV7I3kOOUa3VaLwKY2RrdCUcKrCnpW1uCeTPml%2Fchuu%2FOef06P5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a7a4fe45a1620c5-NRT
expires
Sun, 03 Mar 2024 06:03:11 GMT
index.min.js
cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/ 		430 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/index.min.js
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6dcf40fd04d3387edc5d792b6c7d978af1ba834014f7028765f9342db989f6ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Mar 2023 06:03:11 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1719656
x-jsd-version
5.0.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
305
x-served-by
cache-fra-eddf8230108-FRA, cache-itm18851-ITM
x-jsd-version-type
version
etag
W/"1ae-myc90tb7oItlxVsc5EMaDyV2uOM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
init.js
sharefilesxp.work.gd/config/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/config/init.js
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
b74cd9c45abbb2d5926beb554db944fd3f7045536c8acd15c42347c5f83f728f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:11 GMT
Last-Modified
Sun, 12 Mar 2023 20:54:00 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1382
vendor.6303725c.js
sharefilesxp.work.gd/js/ 		973 KB
973 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/js/vendor.6303725c.js
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
77576f4c230c940d7e805d530487e5f7db2cc7fd35839d44269fa1a549d477e0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:11 GMT
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
996031
app.1e6f110f.js
sharefilesxp.work.gd/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/js/app.1e6f110f.js
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
85ad13f22cf2a01bb468b042727480e83c543750dbab2bd82017f39245ea7f52

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:11 GMT
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6032
vendor.5b226abe.css
sharefilesxp.work.gd/css/ 		645 KB
646 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/css/vendor.5b226abe.css
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
688b82121718b312f73c0ea37c08cb66b4d18423f51d5526795d08a5cef6ec59

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:11 GMT
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
660935
app.72f6d2b2.css
sharefilesxp.work.gd/css/ 		979 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/css/app.72f6d2b2.css
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
758cad4afb3211839ab227311eac86811c7562993ae3bdd67f9099602c424276

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:11 GMT
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
979
ip
ns.cdn-services.com/ 		319 B
885 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ns.cdn-services.com/ip
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/js/app.1e6f110f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.73.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
04c46437c95332ff328ad49268aa482bce22625dd5b88c529a872b3e8f6bbb84

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 06:03:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"13f-18eezn1/LWmOF7RaxZrb6Y0W444"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkAuh5xRJX9gjo%2F89jRT2HEj0obUxRFzFQvqljwyiIUjjB1KUxW%2BLT6pt%2BEtbmZ%2BGreC0h5cIz%2FMvw%2BXIQvnizhvUUblPotrA2tv1w7YLCkRgN4PXMUOIWOyaLWpmnagjX8JCt0o"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7a7a4fed98923475-NRT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
29.7d47d7d1.js
sharefilesxp.work.gd/js/ 		714 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/js/29.7d47d7d1.js
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/js/app.1e6f110f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
85a615f6750c0769f01cbfd6113f86feccd0cc8eea46a74ff9cb845b21f6de5e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:14 GMT
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
714
322.b2763ed2.js
sharefilesxp.work.gd/js/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/js/322.b2763ed2.js
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/js/app.1e6f110f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
9df2d660ffc601d375fc05a80c7ee885977e88e1acf20893a34e1645cd2e748d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:14 GMT
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
29204
MichaelSchauer.jpg
auth.services.adobe.com/img/canvas/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.services.adobe.com/img/canvas/MichaelSchauer.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
505b412122ce40778f49ae20a7ec48cde61668e40aaa887a0bd366d3cb3aea15
Security Headers
Name Value
Content-Security-Policy report-uri https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report; report-to https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 23:46:57 GMT
x-amz-version-id
LjDC6To2CFfTyYAPngZ2Gbaf0PHhi5Ug
via
1.1 dd8f51bb351d32dc7365f17f23248a8e.cloudfront.net (CloudFront)
content-security-policy
report-uri https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report; report-to https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
NRT20-C1
age
5206578
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
151626
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Dec 2022 09:17:37 GMT
server
AmazonS3
etag
"2632037d5fd52a0c529042a1d591cf1c"
x-frame-options
DENY
content-type
image/jpeg
cache-control
public,max-age=31557600
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
QWWsRuWUQTmn50KU9EaAyLxT0mrHbHXmruuX6xO_Xi2E3pojBD-Pyw==
materialdesignicons-webfont.e9db4005.woff2
sharefilesxp.work.gd/fonts/ 		318 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sharefilesxp.work.gd/fonts/materialdesignicons-webfont.e9db4005.woff2
Requested by
Host: sharefilesxp.work.gd
URL: https://sharefilesxp.work.gd/css/vendor.5b226abe.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.59.17.23 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490

Request headers

Referer
https://sharefilesxp.work.gd/css/vendor.5b226abe.css
Origin
https://sharefilesxp.work.gd
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 06:03:14 GMT
Last-Modified
Tue, 26 Jul 2022 13:47:03 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
325244
adobe_logo_white.svg
auth.services.adobe.com/img/generic/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.services.adobe.com/img/generic/adobe_logo_white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d91c29bcf81c848135875cec80202a9a5c36fbe48e35483a143ce6a177275adc
Security Headers
Name Value
Content-Security-Policy report-uri https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report; report-to https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:43:51 GMT
x-amz-version-id
.m6zW.oFFA_Wnq7zmz0BfKq_1xbjX0gj
content-encoding
gzip
content-security-policy
report-uri https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report; report-to https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report
via
1.1 dd8f51bb351d32dc7365f17f23248a8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
NRT20-C1
age
217164
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Mar 2023 14:46:54 GMT
server
AmazonS3
etag
W/"663caaa3b8e7047f97025faa6926e9d0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
cache-control
public,max-age=604800,must-revalidate
x-robots-tag
noindex
x-amz-cf-id
7q1gXo4C2UOE9UJwQXGgqI22zzsuRoMW083T3ZNig-LxJzkfxXiUWA==
gmail-logo-1200x758.jpg
f.hellowork.com/blogdumoderateur/2019/03/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.hellowork.com/blogdumoderateur/2019/03/gmail-logo-1200x758.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.74.48.56 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
62175170675734d0960537439d450d22a569ecdc4b3ade979e61a2f22d4ba9d5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 06:03:16 GMT
last-modified
Thu, 17 Feb 2022 04:25:59 GMT
age
35793
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
21473
x-cache-hits
221
1200px-Microsoft_Office_logo_%282013%E2%80%932019%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/0/0c/Microsoft_Office_logo_%282013%E2%80%932019%29.svg/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/0/0c/Microsoft_Office_logo_%282013%E2%80%932019%29.svg/1200px-Microsoft_Office_logo_%282013%E2%80%932019%29.svg.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.102.166.240 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.eqsin.wikimedia.org
Software
ATS/9.1.4 /
Resource Hash
4e7f73b48510402b5c1e5b3801fe84bdff544e55bad85af4df4c2407e307f698
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 15:25:53 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
52642
x-cache-status
hit-front
x-cache
cp5027 hit, cp5027 hit/1
content-disposition
inline;filename*=UTF-8''Microsoft_Office_logo_%282013%E2%80%932019%29.svg.png
server-timing
cache;desc="hit-front", host;desc="cp5027"
content-length
11356
x-client-ip
121.85.21.192
last-modified
Mon, 08 Aug 2022 20:50:43 GMT
server
ATS/9.1.4
etag
c7220cb7b5bb978efe0c2eb3384dbf01
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
1200px-Microsoft_Office_Outlook_%282018%E2%80%93present%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/d/df/Microsoft_Office_Outlook_%282018%E2%80%93present%29.svg/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/d/df/Microsoft_Office_Outlook_%282018%E2%80%93present%29.svg/1200px-Microsoft_Office_Outlook_%282018%E2%80%93present%29.svg.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.102.166.240 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.eqsin.wikimedia.org
Software
ATS/9.1.4 /
Resource Hash
47cd4c2ee2dbb764a95f8eb5a59babfe140207871e27f0a6b9e44a9e89305004
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 04:12:43 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
6632
x-cache-status
hit-front
x-cache
cp5027 hit, cp5027 hit/6
content-disposition
inline;filename*=UTF-8''Microsoft_Office_Outlook_%282018%E2%80%93present%29.svg.png
server-timing
cache;desc="hit-front", host;desc="cp5027"
content-length
66213
x-client-ip
121.85.21.192
last-modified
Thu, 09 Mar 2023 11:27:58 GMT
server
ATS/9.1.4
etag
7cc31a00c3c8e9b6242964f161cb1ade
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
Yahoo!_Mail-Logo.wine.png
download.logo.wine/logo/Yahoo!_Mail/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download.logo.wine/logo/Yahoo!_Mail/Yahoo!_Mail-Logo.wine.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.77.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae3faecd4c355015d6f3e22fe2ab0b99a8ed68b0be77f6fa315c4629e2f93d9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sharefilesxp.work.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 06:03:15 GMT
x-oss-request-id
64084B4E17DAE23037038E59
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
khfmnV78xwATx8aVaTckgg==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26298
x-oss-object-type
Normal
last-modified
Wed, 18 Aug 2021 15:43:50 GMT
server
cloudflare
etag
"9217E69D5EFCC70013C7C69569372482"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9cfYEugNqHf7PHkN2FdsDW4Vo9ik9KFu3k7745G7b2nhL%2BWTC7khu60%2BLGhspZWWJEKF2DP16Ey5B9ifRVytbtppb2IqCejwGiUybPWrWllTkS%2BuF5yQhoacX6xqNShvCmJeCg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
7a7a4ffb6b1adff5-NRT
x-oss-hash-crc64ecma
14798606850440494160
x-oss-server-time
8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| adblockDetect object| webpackChunkadobe boolean| __VUE__

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.services.adobe.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
download.logo.wine
f.hellowork.com
fonts.googleapis.com
ns.cdn-services.com
sharefilesxp.work.gd
upload.wikimedia.org
103.102.166.240
104.17.24.14
104.21.73.63
104.21.77.112
13.35.49.29
139.59.17.23
142.251.42.202
151.101.65.229
20.74.48.56
04c46437c95332ff328ad49268aa482bce22625dd5b88c529a872b3e8f6bbb84
0e5c9c430c430273551c46e69d58bec076c4171a41f56ef0411e670a76651a7c
47cd4c2ee2dbb764a95f8eb5a59babfe140207871e27f0a6b9e44a9e89305004
4e7f73b48510402b5c1e5b3801fe84bdff544e55bad85af4df4c2407e307f698
505b412122ce40778f49ae20a7ec48cde61668e40aaa887a0bd366d3cb3aea15
5ae3faecd4c355015d6f3e22fe2ab0b99a8ed68b0be77f6fa315c4629e2f93d9
62175170675734d0960537439d450d22a569ecdc4b3ade979e61a2f22d4ba9d5
688b82121718b312f73c0ea37c08cb66b4d18423f51d5526795d08a5cef6ec59
6dcf40fd04d3387edc5d792b6c7d978af1ba834014f7028765f9342db989f6ee
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
758cad4afb3211839ab227311eac86811c7562993ae3bdd67f9099602c424276
77576f4c230c940d7e805d530487e5f7db2cc7fd35839d44269fa1a549d477e0
85a615f6750c0769f01cbfd6113f86feccd0cc8eea46a74ff9cb845b21f6de5e
85ad13f22cf2a01bb468b042727480e83c543750dbab2bd82017f39245ea7f52
956b947b5c61c21f1a87e4919a500bf6b2fc90763e7f643a7a113c449264cd48
9df2d660ffc601d375fc05a80c7ee885977e88e1acf20893a34e1645cd2e748d
b74cd9c45abbb2d5926beb554db944fd3f7045536c8acd15c42347c5f83f728f
d91c29bcf81c848135875cec80202a9a5c36fbe48e35483a143ce6a177275adc
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490