![](/screenshots/b612cb60-7826-4bce-bf3c-9b78b03cf0d4.png)
cold-shape-7837.on.fleek.co
Open in
urlscan Pro
2606:4700::6812:791
Malicious Activity!
Public Scan
Submission: On April 28 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 8th 2024. Valid for: 10 months.
This is the only time cold-shape-7837.on.fleek.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Pulsechain (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2606:4700::68... 2606:4700::6812:791 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 76.76.21.241 76.76.21.241 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 2606:4700::68... 2606:4700::6812:1d48 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:249... 2600:9000:2490:4000:d:696d:d240:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a02:6ea0:c70... 2a02:6ea0:c700::21 | 60068 (CDN77 _) (CDN77 _) | |
1 | 3.123.222.104 3.123.222.104 | 16509 (AMAZON-02) (AMAZON-02) | |
27 | 7 |
ASN16509 (AMAZON-02, US)
s2.coinmarketcap.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-222-104.eu-central-1.compute.amazonaws.com
verify.walletconnect.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
web3modal.com
api.web3modal.com — Cisco Umbrella Rank: 110318 |
33 KB |
8 |
fleek.co
cold-shape-7837.on.fleek.co |
1 MB |
2 |
smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 23158 |
22 KB |
1 |
walletconnect.com
verify.walletconnect.com — Cisco Umbrella Rank: 44858 |
|
1 |
coinmarketcap.com
s2.coinmarketcap.com — Cisco Umbrella Rank: 34622 |
3 KB |
1 |
pulsechain.com
bridge.pulsechain.com |
4 KB |
27 | 6 |
Domain | Requested by | |
---|---|---|
14 | api.web3modal.com |
cold-shape-7837.on.fleek.co
|
8 | cold-shape-7837.on.fleek.co |
cold-shape-7837.on.fleek.co
|
2 | web-sdk.smartlook.com |
cold-shape-7837.on.fleek.co
web-sdk.smartlook.com |
1 | verify.walletconnect.com |
cold-shape-7837.on.fleek.co
|
1 | s2.coinmarketcap.com |
cold-shape-7837.on.fleek.co
|
1 | bridge.pulsechain.com |
cold-shape-7837.on.fleek.co
|
27 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
t.me |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fleek.co Cloudflare Inc ECC CA-3 |
2024-03-08 - 2024-12-31 |
10 months | crt.sh |
bridge.pulsechain.com R3 |
2024-03-16 - 2024-06-14 |
3 months | crt.sh |
web3modal.com E1 |
2024-04-06 - 2024-07-05 |
3 months | crt.sh |
*.coinmarketcap.com Amazon RSA 2048 M02 |
2024-03-06 - 2025-04-03 |
a year | crt.sh |
1688964705.rsc.cdn77.org R3 |
2024-02-23 - 2024-05-23 |
3 months | crt.sh |
verify.walletconnect.com Amazon RSA 2048 M02 |
2024-02-05 - 2025-03-05 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://cold-shape-7837.on.fleek.co/
Frame ID: 1239B90A3FEE04A9E67A7D19C7C0DF91
Requests: 22 HTTP requests in this frame
Frame:
https://verify.walletconnect.com/c988df5607661f137594c5f7177cb786
Frame ID: 5CB2378A0FF63D4DEE9BE7568ABA1531
Requests: 1 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cold-shape-7837.on.fleek.co/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7777133e901cd5ed-s.p.woff2
cold-shape-7837.on.fleek.co/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d869208648ca5469-s.p.woff2
cold-shape-7837.on.fleek.co/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
bridge.pulsechain.com/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
cold-shape-7837.on.fleek.co/ |
452 KB 302 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.0e5f8c7f.js
cold-shape-7837.on.fleek.co/static/js/ |
2 MB 715 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cfbf5e73.css
cold-shape-7837.on.fleek.co/static/css/ |
464 KB 302 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
getWallets
api.web3modal.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
692ed6ba-e569-459a-556a-776476829e00
api.web3modal.com/public/getAssetImage/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
api.web3modal.com/public/getAssetImage/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1027.png
s2.coinmarketcap.com/static/img/coins/64x64/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
32 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
getWallets
api.web3modal.com/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
692ed6ba-e569-459a-556a-776476829e00
api.web3modal.com/public/getAssetImage/ |
0 2 KB |
Fetch
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
api.web3modal.com/public/getAssetImage/ |
0 5 KB |
Fetch
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
306 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recorder.js
web-sdk.smartlook.com/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.87195141c8c1f9ffd4f3.js
web-sdk.smartlook.com/es6/ |
66 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
5195e9db-94d8-4579-6f11-ef553be95100
api.web3modal.com/getWalletImage/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
7677b54f-3486-46e2-4e37-bf8747814f00
api.web3modal.com/getWalletImage/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5195e9db-94d8-4579-6f11-ef553be95100
api.web3modal.com/getWalletImage/ |
0 8 KB |
Fetch
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7677b54f-3486-46e2-4e37-bf8747814f00
api.web3modal.com/getWalletImage/ |
0 5 KB |
Fetch
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3913df81-63c2-4413-d60b-8ff83cbed500
api.web3modal.com/getWalletImage/ |
0 3 KB |
Fetch
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
api.web3modal.com/getWalletImage/ |
0 9 KB |
Fetch
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
3913df81-63c2-4413-d60b-8ff83cbed500
api.web3modal.com/getWalletImage/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
api.web3modal.com/getWalletImage/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
cold-shape-7837.on.fleek.co/ |
3 KB 3 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c988df5607661f137594c5f7177cb786
verify.walletconnect.com/ Frame 5CB2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
cold-shape-7837.on.fleek.co/ |
3 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Pulsechain (Crypto)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| webpackChunkairdrop string| __reactRouterVersion object| litPropertyMetadata object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| Buffer object| global object| process function| CoinbaseWalletSDK function| CoinbaseWalletProvider function| WalletLink function| WalletLinkProvider function| smartlook object| webpackChunk_smartlook_recorder0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.web3modal.com
bridge.pulsechain.com
cold-shape-7837.on.fleek.co
s2.coinmarketcap.com
verify.walletconnect.com
web-sdk.smartlook.com
2600:9000:2490:4000:d:696d:d240:93a1
2606:4700::6812:1d48
2606:4700::6812:791
2a02:6ea0:c700::21
3.123.222.104
76.76.21.241
0765facd2f2bf903d277f631ee93982594d5212cd3353d4afebc33a1271a97ad
09cc222664f6c51078eefc6753e76fe3b914b5af02e12d5eaf98c10079020ece
1b376630c23f2c14e35a79569d88dc87ac4abef2d00524a1ca1a6643500b42d2
423331028a48fcaf399c30878d897c0e26c16eca814cae40e861cefbf2240e95
442e5997216d698fb494e744b63df3a1bcba95dcf3e152619aef465be3eacf85
4b98d46073333fc6c07ad9afdd8f25e866987ede238b28f210f6daa556356bce
56db96539311a1165f6fbcfb7f7d64014d797ba009f9f3e61add4692e4b31b05
9b7d3c7c23ec618a2be7f23a0812bf4167d67a09d34f24d5fa4cb79a1d6aadee
c9130f8e3a62224d2e62ff966fb52c11947a273fc1ab2aa8b56639c0b56f1bb4
cc10601b32badb81b6d61f734841e906baa280cdaf1ca64a3b173ed2a4a69d19
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d21db92cba4a4c365183a35cea052d125b0ff145c6d21919d139f4c3578093
eebe29898b8b7de5c9e47daab474152be8095e3ab42d768b84b085c5a12b95c6
f32262c39532eab56a6ff5fb14522c1c7564f6adfc173d74f23b67a95611bd8b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149