urlscan.io logo urlscan.io
SecurityTrails logo

deep-vr-few.on-fleek.app Open in urlscan Pro
172.67.73.189  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://deep-vr-few.on-fleek.app/
Submission: On October 29 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 172.67.73.189, located in United States and belongs to CLOUDFLARENET, US. The main domain is deep-vr-few.on-fleek.app.
TLS certificate: Issued by E6 on October 28th 2024. Valid for: 3 months.
This is the only time deep-vr-few.on-fleek.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
5 172.67.73.189 13335 (CLOUDFLAR...)
2 142.251.40.234 15169 (GOOGLE)
7 2
Apex Domain
Subdomains		 Transfer
5 on-fleek.app
deep-vr-few.on-fleek.app
meta-verified-program.on-fleek.app
108 KB
2 googleapis.com
firebasestorage.googleapis.com — Cisco Umbrella Rank: 7245
21 KB
7 2
Domain Requested by
3 deep-vr-few.on-fleek.app
2 firebasestorage.googleapis.com
2 meta-verified-program.on-fleek.app deep-vr-few.on-fleek.app
7 3

This site contains no links.

Subject Issuer Validity Valid
*.on-fleek.app
E6		 2024-10-28 -
2025-01-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://deep-vr-few.on-fleek.app/
Frame ID: 6DB4433A2C8ED1B288A55808CC398BB7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Verified Badge Site

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

129 kB
Transfer

453 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
deep-vr-few.on-fleek.app/ 		722 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deep-vr-few.on-fleek.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32524e226a5bc92b2803efde2a0e009b8b3c080a958520a266689013ae66767a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
access-control-max-age
86400
cache-control
max-age=60, stale-while-revalidate=3600
cf-cache-status
DYNAMIC
cf-ray
8da3e9990e4ca1fe-YYZ
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Tue, 29 Oct 2024 14:39:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7X5gVNdTqrYXXmjllf9VdDGCZw4UrH6ACsNDT7oDVYKJ53QO2rxZ1LAmJj%2Fx861PKxAAabA1HJo1XvE6pUEOAMwI0PEu%2BNrD2ojkztsUIzHNj96FX9at9IrofTT5bAfuAMBYb7NEtcY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache-status
MISS
x-content-type-options
nosniff
x-ipfs-path
/ipfs/bafybeiayay3uk7mkoohblwq423gmzzzdh7xgmzpjgtizsilbhelnqzzcnq/
x-ipfs-roots
bafybeiayay3uk7mkoohblwq423gmzzzdh7xgmzpjgtizsilbhelnqzzcnq
x-request-id
eb5be26a1185440143b93a1dcc5b0ca0
x-xss-protection
0
main.72bdbbe3.js
meta-verified-program.on-fleek.app/static/js/ 		203 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meta-verified-program.on-fleek.app/static/js/main.72bdbbe3.js
Requested by
Host: deep-vr-few.on-fleek.app
URL: https://deep-vr-few.on-fleek.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e11bad9f30a3c990d991af0c838d6e67525505b381b139a2664cdb25bd6964
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://deep-vr-few.on-fleek.app/

Response headers

access-control-max-age
86400
x-request-id
621e9d2683b1bea6fa4b15c00cc56d67
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
content-encoding
br
cf-cache-status
HIT
etag
W/"bafkreiax4en23hzqupezbwmrv4gihdlom5jfkbntqgyttitgjtnslpljmq"
age
29861
x-ipfs-path
/ipfs/bafybeid7wtw6eeet6kgmq75gb3z2ccbtkmpju62sekn26enhgd74s3meqi/static/js/main.72bdbbe3.js/
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kk1bBDYq%2F0ZO88cF9Y%2BgytbTfOcMM75fHnHUAGfhTBIUMai1MbxQCrTskF1i8D29hYOvTs8ybll3WBEk75Skel3OIz%2FnYgpn7P4XbVLF3sLUfrfQdHEiDm5arwcLHwt90ENdwWUVYvi3572hYLMgqiSRDHM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
date
Tue, 29 Oct 2024 14:39:00 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-ipfs-roots
bafybeid7wtw6eeet6kgmq75gb3z2ccbtkmpju62sekn26enhgd74s3meqi,bafybeiecc67lzhnubzjjqtwhnnwas42xlnxt55jyodvxv6tok47spjvfie,bafybeibvrtekvu5gzbq4ezp4dwviw6xahpwc7twoazt3oo3yj4nnvy27bm,bafkreiax4en23hzqupezbwmrv4gihdlom5jfkbntqgyttitgjtnslpljmq
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
max-age=60, stale-while-revalidate=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8da3e99c0959a1fe-YYZ
access-control-allow-origin
*
x-xss-protection
0
server
cloudflare
main.703b8347.css
meta-verified-program.on-fleek.app/static/css/ 		229 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meta-verified-program.on-fleek.app/static/css/main.703b8347.css
Requested by
Host: deep-vr-few.on-fleek.app
URL: https://deep-vr-few.on-fleek.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c446b92cc6e9b84d8240d8f7be626560807046461ce7710ba1db8cda7a376ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://deep-vr-few.on-fleek.app/

Response headers

access-control-max-age
86400
x-request-id
42abce26b9bb1050ccbad925a7267a1c
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
content-encoding
br
cf-cache-status
HIT
etag
W/"bafkreib4irvzftdotocnqjanr556mjswbadqizdbzz3rboq5xdg2pi3w5q"
age
29861
x-ipfs-path
/ipfs/bafybeid7wtw6eeet6kgmq75gb3z2ccbtkmpju62sekn26enhgd74s3meqi/static/css/main.703b8347.css/
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzYvn%2FNYs4%2BiZlDDHhmEIUfBrJaoVQsqSXm9VVz9VrIu6lkFVCQ29rcV4sKrAyz3xVRS2ev5zv2GQg565lDT%2FPNTmlcXVDXKQNqCxrwGW%2FogFdWiALftIh%2FwT7iz4KC%2Bv8sotRiRgnwNUS9sQw%2Fu4TtpJXU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
date
Tue, 29 Oct 2024 14:39:00 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-ipfs-roots
bafybeid7wtw6eeet6kgmq75gb3z2ccbtkmpju62sekn26enhgd74s3meqi,bafybeiecc67lzhnubzjjqtwhnnwas42xlnxt55jyodvxv6tok47spjvfie,bafybeidfjniennmm7tlw5x62735o65mfvh2ggoex4ynzzuffhbt3maeoae,bafkreib4irvzftdotocnqjanr556mjswbadqizdbzz3rboq5xdg2pi3w5q
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
max-age=60, stale-while-revalidate=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8da3e99bf94aa1fe-YYZ
access-control-allow-origin
*
x-xss-protection
0
server
cloudflare
svg-image-1.svg
firebasestorage.googleapis.com/v0/b/contactvehicleapp-7d7a0.appspot.com/o/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firebasestorage.googleapis.com/v0/b/contactvehicleapp-7d7a0.appspot.com/o/svg-image-1.svg?alt=media&token=fd376762-b836-495d-abdf-71b58a2cecae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
UploadServer /
Resource Hash
8662a9e6bf4b793ab005176a36ac5151fc2ef9d7fca342075b5041651c1fed36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://deep-vr-few.on-fleek.app/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=2DTeDg==, md5=bvOnHwy2HRHQ5adE/8ZwOA==
etag
"6ef3a71f0cb61d11d0e5a744ffc67038"
x-goog-stored-content-encoding
identity
expires
Tue, 29 Oct 2024 14:39:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
13654
date
Tue, 29 Oct 2024 14:39:01 GMT
last-modified
Sat, 27 Jul 2024 14:43:07 GMT
content-type
image/svg+xml
content-disposition
inline; filename*=utf-8''svg-image-1.svg
x-guploader-uploadid
AHmUCY3_LVFRg6cB7SkHAYYG0jMHwSNJuNv4RdUYHwlrTthhOAqEWBhs_uybsCLORgmoJpte3hcVkWvdFQ
cache-control
private, max-age=0
x-goog-storage-class
STANDARD
x-goog-meta-firebasestoragedownloadtokens
fd376762-b836-495d-abdf-71b58a2cecae
accept-ranges
bytes
x-goog-generation
1722091387077994
content-length
13654
server
UploadServer
secondtick.png
firebasestorage.googleapis.com/v0/b/contactvehicleapp-7d7a0.appspot.com/o/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firebasestorage.googleapis.com/v0/b/contactvehicleapp-7d7a0.appspot.com/o/secondtick.png?alt=media&token=72a304b3-4767-4306-917d-4181f6b576af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
UploadServer /
Resource Hash
6afa71ffe1c81cf6fc9580312d8543be200b24a6dbae24784617cb595117e092

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://deep-vr-few.on-fleek.app/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=vx6fbg==, md5=jpY1Y5ibhwO6nAjkQsJwoQ==
etag
"8e963563989b8703ba9c08e442c270a1"
x-goog-stored-content-encoding
identity
expires
Tue, 29 Oct 2024 14:39:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6899
date
Tue, 29 Oct 2024 14:39:01 GMT
last-modified
Sat, 27 Jul 2024 14:36:05 GMT
content-type
image/png
content-disposition
inline; filename*=utf-8''secondtick.png
x-guploader-uploadid
AHmUCY01XQuhC4wAPyUY26XgYh4yPQ02lCojsh6SAuS5dQwC4cl8yXz-VxuC_hiMSx-08-F53UaRAPrZ4g
cache-control
private, max-age=0
x-goog-storage-class
STANDARD
x-goog-meta-firebasestoragedownloadtokens
72a304b3-4767-4306-917d-4181f6b576af
accept-ranges
bytes
x-goog-generation
1722090965002036
content-length
6899
server
UploadServer
mainlogo.1e021de7020fcdab170b.png
deep-vr-few.on-fleek.app/static/media/ 		222 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deep-vr-few.on-fleek.app/static/media/mainlogo.1e021de7020fcdab170b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b10e4b3afbee4f3044e96e0286b31945f476c8ad89b51ff36a1dde28eefb9d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://deep-vr-few.on-fleek.app/

Response headers

access-control-max-age
86400
x-request-id
033c72c683130017bdfc71b969c0de08
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
content-encoding
br
cf-cache-status
DYNAMIC
x-ipfs-path
/ipfs/bafybeiayay3uk7mkoohblwq423gmzzzdh7xgmzpjgtizsilbhelnqzzcnq/static/media/mainlogo.1e021de7020fcdab170b.png/
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15Z0%2FIjKcvP7ZX7F64zaTlY3DoKh4qHLXVX2zUznKuTd84BKB98lmlMvuLObOAn2pzJ9Vuu1ivGByBiIhKTIo8HYvPL6Jq1KvVaCLbUcTpiHInk8GOl3acVxA%2Br3ZTPNfhgGa1Rk%2BBGQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
date
Tue, 29 Oct 2024 14:39:00 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
max-age=60, stale-while-revalidate=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8da3e99d1a5da1fe-YYZ
access-control-allow-origin
*
x-xss-protection
0
server
cloudflare
favicon.ico
deep-vr-few.on-fleek.app/ 		192 B
528 B 		Other
General
Check archive.org
Download Go to
Full URL
https://deep-vr-few.on-fleek.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce945cbdc144f96f64a8ad90ca34dd7c20952ce05ee345242376a336c120f7ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://deep-vr-few.on-fleek.app/

Response headers

access-control-max-age
86400
x-request-id
9d908b42f4f6022f3434b1197fbdc487
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
content-encoding
br
cf-cache-status
DYNAMIC
x-ipfs-path
/ipfs/bafybeiayay3uk7mkoohblwq423gmzzzdh7xgmzpjgtizsilbhelnqzzcnq/favicon.ico/
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXiLXFrwkCRZUwSzj0ML1aUHynlvgAuJrfrqRSEo%2Bog%2BKu2dVlBhBPhzQEPAswF9J3fv4yogS34f7fqhdRpH88m7hv63nVyL7Pdm%2BrIKliene%2BenK7JJA98Hz5W5dzytCV2edUWZstamQg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
date
Tue, 29 Oct 2024 14:39:01 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
max-age=60, stale-while-revalidate=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8da3e99e6bbca1fe-YYZ
access-control-allow-origin
*
x-xss-protection
0
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://deep-vr-few.on-fleek.app/static/media/mainlogo.1e021de7020fcdab170b.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://deep-vr-few.on-fleek.app/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0