urlscan.io logo urlscan.io
SecurityTrails logo

storageapi.fleek.co Open in urlscan Pro
2606:4700::6812:691  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Effective URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Submission: On September 16 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 9 HTTP transactions. The main IP is 2606:4700::6812:691, located in United States and belongs to CLOUDFLARENET, US. The main domain is storageapi.fleek.co. The Cisco Umbrella rank of the primary domain is 211450.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2022. Valid for: a year.
This is the only time storageapi.fleek.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2001:67c:4e8:... 62041 (TELEGRAM)
1 2606:4700:303... ()
9 8
2    2606:4700::6812:691 (United States)

ASN13335 (CLOUDFLARENET, US)
storageapi.fleek.co
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700:20::681a:8c0 (United States)

ASN13335 (CLOUDFLARENET, US)
json.geoiplookup.io
1    2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)
api.telegram.org
1    2606:4700:3036::ac43:dacd (None, )

ASN- ()
api.screenshotmachine.com
Apex Domain
Subdomains		 Transfer
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
13 KB
2 fleek.co
storageapi.fleek.co — Cisco Umbrella Rank: 211450
164 KB
1 screenshotmachine.com
api.screenshotmachine.com
7 KB
1 telegram.org
api.telegram.org — Cisco Umbrella Rank: 45254
269 B
1 geoiplookup.io
json.geoiplookup.io — Cisco Umbrella Rank: 49011
1007 B
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2290
15 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
31 KB
0 Failed
function sub() { [native code] }. Failed
9 8
Domain Requested by
2 cdnjs.cloudflare.com storageapi.fleek.co
2 storageapi.fleek.co 1 redirects
1 api.screenshotmachine.com
1 api.telegram.org storageapi.fleek.co
1 json.geoiplookup.io ajax.googleapis.com
1 stackpath.bootstrapcdn.com storageapi.fleek.co
1 ajax.googleapis.com storageapi.fleek.co
0 www. Failed
9 8

This site contains no links.

Subject Issuer Validity Valid
fleek.co
Cloudflare Inc ECC CA-3		 2022-03-31 -
2023-03-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
api.telegram.org
Go Daddy Secure Certificate Authority - G2		 2022-03-24 -
2023-04-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Frame ID: 3FE5D3B559922C1472ACD84F9DB71B80
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Connecting to Email Provider

Page URL History Show full URLs

  1. http://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html HTTP 301
    https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

89 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

231 kB
Transfer

1139 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html HTTP 301
    https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request acs.html
storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/
Redirect Chain
  • http://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
  • https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
897 KB
164 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2303a29a9eb73ed747e21b6ab3317987010613f9cc357ee174eafcfb93e4ce35
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74b5c2752ddc6937-FRA
content-encoding
gzip
content-security-policy
block-all-mixed-content
content-type
text/html
date
Fri, 16 Sep 2022 01:16:57 GMT
last-modified
Thu, 15 Sep 2022 21:53:23 GMT
server
cloudflare
vary
Origin
x-amz-request-id
1715325E17B4647C
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
74b5c2745b999188-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 16 Sep 2022 01:16:56 GMT
Expires
Fri, 16 Sep 2022 02:16:56 GMT
Location
https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
truncated
/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5820ce3812f13eb3875a0e614b7b540a4c92c4e3a6c4a59786f92f78e0cc7b3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
text/css
truncated
/ 		8 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50342d05c86b5f00f66fe3ab5a63e55197a3c0a5aff838d2c9ad0e5a0e5ff4b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://storageapi.fleek.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 16 Sep 2022 00:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 00:28:47 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://storageapi.fleek.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 16 Sep 2022 01:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2513804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6458
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRKGsmbaAZ8hHNRLxy82NGSl5rb%2BfVPDjydTV8DD6Jco61OZVW6cHtO3jturnlX6xi5v%2F%2F9WLhPYuhL8%2FwskvPBg%2F3NYvATd0HUnAL2SnZNd7DyGfLtaJg8Fj8nbedjF%2F02QkgfgTn1hdQI9eIblidXR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74b5c2808a02bb41-FRA
expires
Wed, 06 Sep 2023 01:16:58 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://storageapi.fleek.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 16 Sep 2022 01:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
17231897
cdn-cachedat
11/15/2021 23:30:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
server
cloudflare
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a35b0179a28ed953258d0fb41376a09c
cf-ray
74b5c280782c9125-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
detect.min.js
cdnjs.cloudflare.com/ajax/libs/Detect.js/2.2.2/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Detect.js/2.2.2/detect.min.js
Requested by
Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a67790ce6b6632c0c1780e5c9edadfd7b5e306705213dfa36979d9508fe645
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://storageapi.fleek.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 16 Sep 2022 01:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1231556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5982
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:03:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cee-6673"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4%2BjR%2FUAox6hEAHugMqbIxrFeILuymuvi5nd2X4mAnAsXDBJU1ECOASNVosX474ThAMTgmf9v2%2Bj3JRmAL%2FndFAyTLT3AfsZP6QaLXmb%2FKKjzmG4R7p0ZlMRmOltEqpDyCZblWeMj4NYW4H7j0vlEYKi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74b5c2808a04bb41-FRA
expires
Wed, 06 Sep 2023 01:16:58 GMT
truncated
/ 		555 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f553f07040ccaa21c9fa7c4ec02e97aff4999acee2bd4bdf9860100a1ea08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aba082654ed9a884ee14954d8a4085aff721d03989fcc16934f4d03cf6a55229

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
/
json.geoiplookup.io/ 		629 B
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://json.geoiplookup.io/?callback=jQuery351041007967655617916_1663291018382&_=1663291018383
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Octolus
Resource Hash
5eca3998a46e6ac97e1e55c0abf4268c81ad3d9c9934f9d01a77c6e176952c7b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storageapi.fleek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:16:59 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Octolus
x-ratelimit-remaining
10000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 16 Sep 2022 01:16:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGhJKsHFV4PliYV5CJ1Un6fSbHyFqL4oqbOEx%2BZ6UYP5PowM4n4L5qi%2BpWeqmvPBryX10ZQIjrSp%2BJbbzbhD4o02arfqZePwJJOFHZ3scvVcEaQS2RngOM%2FKQeSdb8cdVsOE5M8%2FVWiLNYjVGU3e3P8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-ratelimit-limit
10000
cf-ray
74b5c28219939b9b-FRA
getupdates
api.telegram.org/bot5677573243:AAFS8J2-V7PNmyIabqpR1RTVPLtmGYeVYYI/ 		23 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot5677573243:AAFS8J2-V7PNmyIabqpR1RTVPLtmGYeVYYI/getupdates
Requested by
Host: storageapi.fleek.co
URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2321bd0dcab3570cb4b36871411be2b13d70ccbaca5db547ed054b87ee563684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storageapi.fleek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:17:01 GMT
server
nginx/1.18.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
content-length
23
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a6beae164a3397dd506f59af5261bb7662b9344a3225c0f4d7f857f54f4db13

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
www./ 		0
0
/
api.screenshotmachine.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.screenshotmachine.com/?key=a6f88e&url=https%3A%2F%2F&device=desktop&dimension=1920x1080&format=jpg&cacheLimit=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:dacd -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3295413bcfbb4ef915cd8efce8031056ddcb8c4d7cdc8434f7e7950b6b48dd21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storageapi.fleek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:17:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-description
File Transfer
content-transfer-encoding
binary
x-screenshotmachine-response
invalid_url
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6357
pragma
public
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meCLNvPNYMnRLKW26LLxI7phZ5nqSeW5a5nWgxcfXfuA7u6xyeDNPmoEYIqganrxRtakrO%2FLLpt7dOvY%2BxVDe5liwD2Nl3%2BFkLfDveJDCeLDnYr7JGguU2Zu6lUT8CR9i4hJgSwfjTXO2GbESxSGKbnPrQYyuSHJ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate, post-check=0, pre-check=0
cf-ray
74b5c296ccdc9290-FRA
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.
URL
https://www./favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| Popper object| bootstrap function| forEach function| detect string| dri function| _0xb4a949 function| _0xd5a13b function| _0x43a902 function| _0x5e9f40 function| _0x3c525f function| _0xfee98e function| _0x336814 function| _0x43a72a function| _0x2f5ee7 object| d string| today string| date object| result function| _0x3387 function| _0x391d string| browser string| tnk function| _0x2ba3cc function| _0x2dea10 string| curHour number| curMinute number| curSeconds string| curMeridiem string| details

0 Cookies

7 Console Messages

Source Level URL
Text
javascript warning URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/Detect.js/2.2.2/detect.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html
Message:
Mixed Content: The page at 'https://storageapi.fleek.co/c0c77e31-17da-4399-b3c2-753b55a88e01-bucket/acs.html' was loaded over HTTPS, but requested an insecure element 'http://www./favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www./favicon.ico
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block