sharefilesxp.work.gd
Open in
urlscan Pro
139.59.17.23
Malicious Activity!
Public Scan
Submission: On March 13 via api from US — Scanned from US
Summary
This is the only time sharefilesxp.work.gd was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 139.59.17.23 139.59.17.23 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 142.250.80.74 142.250.80.74 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.86.20 104.16.86.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.188.229 172.67.188.229 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 13.249.59.59 13.249.59.59 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 20.74.48.56 20.74.48.56 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 208.80.154.240 208.80.154.240 | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
1 | 104.21.77.112 104.21.77.112 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 9 |
ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f10.1e100.net
fonts.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-249-59-59.iah50.r.cloudfront.net
auth.services.adobe.com |
ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.eqiad.wikimedia.org
upload.wikimedia.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
work.gd
sharefilesxp.work.gd |
2 MB |
2 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2283 |
78 KB |
2 |
adobe.com
auth.services.adobe.com — Cisco Umbrella Rank: 3773 |
151 KB |
1 |
logo.wine
download.logo.wine — Cisco Umbrella Rank: 273925 |
26 KB |
1 |
hellowork.com
f.hellowork.com — Cisco Umbrella Rank: 309185 |
21 KB |
1 |
cdn-services.com
ns.cdn-services.com |
875 B |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337 |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 |
1 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 |
949 B |
19 | 9 |
Domain | Requested by | |
---|---|---|
9 | sharefilesxp.work.gd |
sharefilesxp.work.gd
|
2 | upload.wikimedia.org | |
2 | auth.services.adobe.com | |
1 | download.logo.wine | |
1 | f.hellowork.com | |
1 | ns.cdn-services.com |
sharefilesxp.work.gd
|
1 | cdn.jsdelivr.net |
sharefilesxp.work.gd
|
1 | cdnjs.cloudflare.com |
sharefilesxp.work.gd
|
1 | fonts.googleapis.com |
sharefilesxp.work.gd
|
19 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
auth.services.adobe.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-23 |
a year | crt.sh |
*.hellowork.com Gandi Standard SSL CA 2 |
2022-04-04 - 2023-04-29 |
a year | crt.sh |
*.wikipedia.org R3 |
2023-02-23 - 2023-05-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://sharefilesxp.work.gd/
Frame ID: 32AC6B1CBC8CD247CABA92A310DF5FFC
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Adobe IDDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
sharefilesxp.work.gd/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 949 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/ |
430 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
init.js
sharefilesxp.work.gd/config/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.6303725c.js
sharefilesxp.work.gd/js/ |
973 KB 973 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.1e6f110f.js
sharefilesxp.work.gd/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.5b226abe.css
sharefilesxp.work.gd/css/ |
645 KB 646 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.72f6d2b2.css
sharefilesxp.work.gd/css/ |
979 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip
ns.cdn-services.com/ |
329 B 875 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
29.7d47d7d1.js
sharefilesxp.work.gd/js/ |
714 B 968 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
322.b2763ed2.js
sharefilesxp.work.gd/js/ |
29 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MichaelSchauer.jpg
auth.services.adobe.com/img/canvas/ |
148 KB 149 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
materialdesignicons-webfont.e9db4005.woff2
sharefilesxp.work.gd/fonts/ |
318 KB 318 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adobe_logo_white.svg
auth.services.adobe.com/img/generic/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gmail-logo-1200x758.jpg
f.hellowork.com/blogdumoderateur/2019/03/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1200px-Microsoft_Office_logo_%282013%E2%80%932019%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/0/0c/Microsoft_Office_logo_%282013%E2%80%932019%29.svg/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1200px-Microsoft_Office_Outlook_%282018%E2%80%93present%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/d/df/Microsoft_Office_Outlook_%282018%E2%80%93present%29.svg/ |
65 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yahoo!_Mail-Logo.wine.png
download.logo.wine/logo/Yahoo!_Mail/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| adblockDetect object| webpackChunkadobe boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.services.adobe.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
download.logo.wine
f.hellowork.com
fonts.googleapis.com
ns.cdn-services.com
sharefilesxp.work.gd
upload.wikimedia.org
104.16.86.20
104.17.25.14
104.21.77.112
13.249.59.59
139.59.17.23
142.250.80.74
172.67.188.229
20.74.48.56
208.80.154.240
0e5c9c430c430273551c46e69d58bec076c4171a41f56ef0411e670a76651a7c
47cd4c2ee2dbb764a95f8eb5a59babfe140207871e27f0a6b9e44a9e89305004
4e7f73b48510402b5c1e5b3801fe84bdff544e55bad85af4df4c2407e307f698
505b412122ce40778f49ae20a7ec48cde61668e40aaa887a0bd366d3cb3aea15
5ae3faecd4c355015d6f3e22fe2ab0b99a8ed68b0be77f6fa315c4629e2f93d9
62175170675734d0960537439d450d22a569ecdc4b3ade979e61a2f22d4ba9d5
688b82121718b312f73c0ea37c08cb66b4d18423f51d5526795d08a5cef6ec59
6dcf40fd04d3387edc5d792b6c7d978af1ba834014f7028765f9342db989f6ee
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
758cad4afb3211839ab227311eac86811c7562993ae3bdd67f9099602c424276
77576f4c230c940d7e805d530487e5f7db2cc7fd35839d44269fa1a549d477e0
85a615f6750c0769f01cbfd6113f86feccd0cc8eea46a74ff9cb845b21f6de5e
85ad13f22cf2a01bb468b042727480e83c543750dbab2bd82017f39245ea7f52
956b947b5c61c21f1a87e4919a500bf6b2fc90763e7f643a7a113c449264cd48
9df2d660ffc601d375fc05a80c7ee885977e88e1acf20893a34e1645cd2e748d
b74cd9c45abbb2d5926beb554db944fd3f7045536c8acd15c42347c5f83f728f
d91c29bcf81c848135875cec80202a9a5c36fbe48e35483a143ce6a177275adc
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
fa15ad97393fc312bd5f06859955c040a8ed2ef22dd12d6dcb95543ca21a255f