storageapi.fleek.co Open in urlscan Pro
2606:4700::6812:691 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Effective URL:
https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Submission: On July 06 via manual (July 6th 2022, 8:09:08 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:691, located in United States and belongs to CLOUDFLARENET, US. The main domain is storageapi.fleek.co. The Cisco Umbrella rank of the primary domain is 188601.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2022. Valid for: a year.

This is the only time storageapi.fleek.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700::68... 2606:4700::6812:691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	68.65.123.205 68.65.123.205	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2606:4700:303... 2606:4700:3034::ac43:bc80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:5dea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	38.34.185.163 38.34.185.163	18978 (ENZUINC-) (ENZUINC-)
2	141.94.200.42 141.94.200.42	16276 (OVH) (OVH)
14	7

3 2606:4700::6812:691 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

storageapi.fleek.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.65.123.205 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server153-2.web-hosting.com

maxcdn.bootstrapcdn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:bc80 (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.rest	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:5dea (United States)

ASN13335 (CLOUDFLARENET, US)

code.jquery.quest	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 38.34.185.163 (Tokyo, Japan)

ASN18978 (ENZUINC-, US)
PTR: 163.185-34-38.rdns.scalabledns.com

code.jquery.com.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.200.42 (France)

ASN16276 (OVH, FR)
PTR: ns31469640.ip-141-94-200.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	com.de code.jquery.com.de	189 KB
3	fleek.co 1 redirects storageapi.fleek.co — Cisco Umbrella Rank: 188601	91 KB
2	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19065	101 KB
2	jquery.quest code.jquery.quest	69 KB
2	bootstrapcdn.rest maxcdn.bootstrapcdn.rest	69 KB
2	bootstrapcdn.cloud maxcdn.bootstrapcdn.cloud	65 KB
14	6

	Domain	Requested by
3	code.jquery.com.de	storageapi.fleek.co code.jquery.com.de
3	storageapi.fleek.co	1 redirects storageapi.fleek.co
2	i.postimg.cc	storageapi.fleek.co
2	code.jquery.quest	storageapi.fleek.co
2	maxcdn.bootstrapcdn.rest	storageapi.fleek.co
2	maxcdn.bootstrapcdn.cloud	storageapi.fleek.co
14	6

This site contains no links.

Subject Issuer	Validity	Valid
fleek.co Cloudflare Inc ECC CA-3	`2022-03-31` - `2023-03-30`	a year	crt.sh
maxcdn.bootstrapcdn.cloud Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-08`	a year	crt.sh
code.jquery.com.de cPanel, Inc. Certification Authority	`2022-05-09` - `2022-08-07`	3 months	crt.sh
postimg.cc R3	`2022-06-12` - `2022-09-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Frame ID: 7656EEDA43FE5C5174D2603B54AF6FBB
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your accountassets

Page URL History Show full URLs

http://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html HTTP 301
https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html Page URL
https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

584 kB
Transfer

1255 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html HTTP 301
https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html Page URL
https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html HTTP 301
https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html

14 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html Show response
storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/
Redirect Chain

http://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html

181 KB
46 KB

731ms
698ms

Document
text/html

2606:4700::6812:691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:691 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a96a2810a87f35a1d88045b1c1a0937353353109ca206465c9cf4a659d5960

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 726af9c2980a9a30-FRA
content-encoding: gzip
content-security-policy: block-all-mixed-content
content-type: text/html
date: Wed, 06 Jul 2022 20:09:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 05 Jul 2022 13:11:26 GMT
server: cloudflare
vary: Origin
x-amz-request-id: 16FF565C07DBEAF1
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 726af9c21c4bbb55-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 06 Jul 2022 20:09:00 GMT
Expires: Wed, 06 Jul 2022 21:09:00 GMT
Location: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery-3.5.2.min.js Show response
maxcdn.bootstrapcdn.cloud/ 94 KB
32 KB 492ms
153ms Script
application/javascript 68.65.123.205
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.123.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server153-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f5e4edf50b6322d646c8bce6c7e3f93dd7a18936066b0b4e57159a1fd56c949a

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 06 Jul 2022 20:09:02 GMT
content-encoding: br
last-modified: Sat, 21 May 2022 01:26:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32991
expires: Wed, 13 Jul 2022 20:09:02 GMT

GET
H2 200 jquery-3.5.2.min.js Show response
maxcdn.bootstrapcdn.rest/ 94 KB
34 KB 899ms
685ms Script
application/javascript 2606:4700:3034::ac43:bc80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.rest/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bc80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27559131cafa856f802326f5cb0345b5d5b88539dde5a3d81a869a30b20d8a65

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 06 Jul 2022 20:09:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 21 May 2022 01:27:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZE1TVjxnqNlNyMI%2BD15F3qJlMXfF%2FwI1oBSJcPSGMfVRDvJwidAVdDKsAODyIY1pFiqdT%2FPzg8uTMtRB%2FQeRVwoti6Z5u2pYuHyyz9uvmrLMyb%2F9dbngPujEovIM0hRvO8uI8MZgunVmUWHJgNKPkrILsWgqog%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726af9cb7f84bbb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.2.min.js Show response
code.jquery.quest/ 94 KB
35 KB 1172ms
1123ms Script
application/javascript 2606:4700:3033::6815:5dea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.quest/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5dea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04087cffa7cba5f58788034ad7d72c3e01d6b8cd17c7dc16e8a47d1df7468d8b

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 06 Jul 2022 20:09:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 21 May 2022 01:31:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r05DfR0qQT8qLc1%2B2MmGix1rqeTj2O2OyIHvGTbvK4jpCQTZ8vv%2BgAb854LJn0n5x6VEtzwwsDvVYVmbFwAzaNDQVUsnM9m4VkJlJy2JvPf5F3Jr%2Bv1HUIp6QsHVrMaMM0xZUU3PRcZGQodeBIz0vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726af9ca69ae9968-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK jquery-3.5.2.min.js Show response
code.jquery.com.de/ 94 KB
94 KB 1164ms
220ms Script
application/javascript 38.34.185.163
ENZUINC-

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com.de/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.185.163 Tokyo, Japan, ASN18978 (ENZUINC-, US),
Reverse DNS: 163.185-34-38.rdns.scalabledns.com
Software: Apache /
Resource Hash: 3da614ba1c1257ff6d16eb9e21b0a62995c0ac73cc85944cde23fbb9fe63e7d6

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 06 Jul 2022 20:09:02 GMT
Last-Modified: Sat, 21 May 2022 01:30:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 96430

GET
H2 200 back.jpg
i.postimg.cc/jSY8DXQL/ 50 KB
51 KB 70ms
17ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/jSY8DXQL/back.jpg
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: aabfc66455c2b1ece2ea0849c7de0755eb55fa3ed4ac007cc70a8840eb3f5338

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storageapi.fleek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:09:03 GMT
last-modified: Thu, 12 May 2022 20:20:28 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 51498
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 923 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86247a422f510be47b0749974bfe3119b8b826f22ecaca4231913dcae00e31ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2e216986295bcb76046de8621299ba40fa4d30b10fc7e3a1d944614be990aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da1a779d69b7b9ad6c26f0fa842485033df53c9f466355eaf39c2b15c27c342d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f8c3c0c879c09e0fcbd42e7931cd498b1d105cadf50f5af9a7a946f2c5f4de8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Primary Request index.html Show response
storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/ 181 KB
45 KB 200ms
199ms Document
text/html 2606:4700::6812:691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html

Requested by

Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:691 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a96a2810a87f35a1d88045b1c1a0937353353109ca206465c9cf4a659d5960

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 726af9da8fd29a30-FRA
content-encoding: gzip
content-security-policy: block-all-mixed-content
content-type: text/html
date: Wed, 06 Jul 2022 20:09:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 05 Jul 2022 13:11:26 GMT
server: cloudflare
vary: Origin
x-amz-request-id: 16FF565CCE532E7F
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.5.2.min.js Show response
maxcdn.bootstrapcdn.cloud/ 94 KB
32 KB 308ms
308ms Script
application/javascript 68.65.123.205
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.123.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server153-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f5e4edf50b6322d646c8bce6c7e3f93dd7a18936066b0b4e57159a1fd56c949a

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 06 Jul 2022 20:09:04 GMT
content-encoding: br
last-modified: Sat, 21 May 2022 01:26:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32991
expires: Wed, 13 Jul 2022 20:09:04 GMT

GET
H2 200 jquery-3.5.2.min.js Show response
maxcdn.bootstrapcdn.rest/ 94 KB
34 KB 20ms
18ms Script
application/javascript 2606:4700:3034::ac43:bc80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.rest/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bc80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27559131cafa856f802326f5cb0345b5d5b88539dde5a3d81a869a30b20d8a65

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 06 Jul 2022 20:09:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 May 2022 01:27:53 GMT
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFA6uqu2SWGOyxQXn6mEX9%2FhaNaOI3M8jCzOzTaGuwWgyHDPmYzupQurK4LW7fPiWTzraMEvfjpLy%2BX2ITxQLdQZNkXc03dvsGujehZyx8eTpGs4GXp6DseywBnMd%2F9rIHCi4BWLZY%2FaUiHBF4%2BEMY%2FDqxYlO18%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726af9dcea2cbbb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.2.min.js Show response
code.jquery.quest/ 94 KB
34 KB 39ms
38ms Script
application/javascript 2606:4700:3033::6815:5dea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.quest/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5dea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04087cffa7cba5f58788034ad7d72c3e01d6b8cd17c7dc16e8a47d1df7468d8b

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 06 Jul 2022 20:09:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 May 2022 01:31:54 GMT
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqfsfkY2vPni%2Bdo5pKeWKLQeDhz0cqr0%2BwfXZPDW%2FLpJSS1SoOFXagXsKV9pyr4KdNNdgFEbNa14MnAV%2FHRtdIYDQON%2BxEuwlpfT%2BvHK59K0psRNw9Ww7YWF4YEOzMZ%2FbxEkyGtx8xQNurwVZ2vK4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726af9dce9959968-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK jquery-3.5.2.min.js Show response
code.jquery.com.de/ 94 KB
94 KB 221ms
220ms Script
application/javascript 38.34.185.163
ENZUINC-

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com.de/jquery-3.5.2.min.js?540885773
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.185.163 Tokyo, Japan, ASN18978 (ENZUINC-, US),
Reverse DNS: 163.185-34-38.rdns.scalabledns.com
Software: Apache /
Resource Hash: 3da614ba1c1257ff6d16eb9e21b0a62995c0ac73cc85944cde23fbb9fe63e7d6

Request headers

Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 06 Jul 2022 20:09:04 GMT
Last-Modified: Sat, 21 May 2022 01:30:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 96430

GET
H2 200 back.jpg
i.postimg.cc/jSY8DXQL/ 50 KB
51 KB 17ms
17ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/jSY8DXQL/back.jpg
Requested by: Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: aabfc66455c2b1ece2ea0849c7de0755eb55fa3ed4ac007cc70a8840eb3f5338

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storageapi.fleek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:09:05 GMT
last-modified: Thu, 12 May 2022 20:20:28 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 51498
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 923 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86247a422f510be47b0749974bfe3119b8b826f22ecaca4231913dcae00e31ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2e216986295bcb76046de8621299ba40fa4d30b10fc7e3a1d944614be990aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da1a779d69b7b9ad6c26f0fa842485033df53c9f466355eaf39c2b15c27c342d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f8c3c0c879c09e0fcbd42e7931cd498b1d105cadf50f5af9a7a946f2c5f4de8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET index.php
code.jquery.com.de/tkv/ 0
0

GET
H/1.1 200
OK ip.php Show response
code.jquery.com.de/ 34 B
339 B 1724ms
373ms XHR
application/json 38.34.185.163
ENZUINC-

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com.de/ip.php
Requested by: Host: code.jquery.com.de
URL: https://code.jquery.com.de/jquery-3.5.2.min.js?540885773
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.185.163 Tokyo, Japan, ASN18978 (ENZUINC-, US),
Reverse DNS: 163.185-34-38.rdns.scalabledns.com
Software: Apache /
Resource Hash: 3361d0a0957de909be153d02ff4424a901496c57db8157d10c45e2079f332ceb

Request headers

Accept: */*
Referer: https://storageapi.fleek.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 20:09:07 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: Authorization, Content-Type
Keep-Alive: timeout=5, max=100

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com.de
URL: https://code.jquery.com.de/tkv/index.php?dt=3PzbKStEePXNFdbPJWxtZhmfc

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.rest/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.quest/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com.de/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.rest/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.quest/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://storageapi.fleek.co/38d1d578-cb68-4fc6-b496-bdf2b7d11a3b-bucket/auto/index.html(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com.de/jquery-3.5.2.min.js?540885773, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com.de
code.jquery.quest
i.postimg.cc
maxcdn.bootstrapcdn.cloud
maxcdn.bootstrapcdn.rest
storageapi.fleek.co
code.jquery.com.de
141.94.200.42
2606:4700:3033::6815:5dea
2606:4700:3034::ac43:bc80
2606:4700::6812:691
38.34.185.163
68.65.123.205
04087cffa7cba5f58788034ad7d72c3e01d6b8cd17c7dc16e8a47d1df7468d8b
27559131cafa856f802326f5cb0345b5d5b88539dde5a3d81a869a30b20d8a65
3361d0a0957de909be153d02ff4424a901496c57db8157d10c45e2079f332ceb
3da614ba1c1257ff6d16eb9e21b0a62995c0ac73cc85944cde23fbb9fe63e7d6
7f8c3c0c879c09e0fcbd42e7931cd498b1d105cadf50f5af9a7a946f2c5f4de8
86247a422f510be47b0749974bfe3119b8b826f22ecaca4231913dcae00e31ce
aabfc66455c2b1ece2ea0849c7de0755eb55fa3ed4ac007cc70a8840eb3f5338
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83
b2e216986295bcb76046de8621299ba40fa4d30b10fc7e3a1d944614be990aaf
d9a96a2810a87f35a1d88045b1c1a0937353353109ca206465c9cf4a659d5960
da1a779d69b7b9ad6c26f0fa842485033df53c9f466355eaf39c2b15c27c342d
f5e4edf50b6322d646c8bce6c7e3f93dd7a18936066b0b4e57159a1fd56c949a

storageapi.fleek.co Open in urlscan Pro 2606:4700::6812:691 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

584 kBTransfer

1255 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

27 JavaScript Global Variables

0 Cookies

10 Console Messages

Security Headers

Indicators

storageapi.fleek.co Open in urlscan Pro
2606:4700::6812:691 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

584 kB
Transfer

1255 kB
Size

0
Cookies

14 HTTP transactions
10 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!