storageapi.fleek.co
Open in
urlscan Pro
2606:4700::6812:691
Malicious Activity!
Public Scan
Submitted URL: https://idb.scalingupnutrition.org//wp-admin/vm.html
Effective URL: https://storageapi.fleek.co/203846b8-8514-42ec-894c-b9724cd25a35-bucket/Ed56T/EvGV.html
Submission: On November 12 via manual from US — Scanned from DE
Effective URL: https://storageapi.fleek.co/203846b8-8514-42ec-894c-b9724cd25a35-bucket/Ed56T/EvGV.html
Submission: On November 12 via manual from US — Scanned from DE
Summary
This website contacted 13 IPs
in 5 countries
across 11 domains to perform 39 HTTP transactions.
The main IP is 2606:4700::6812:691, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is storageapi.fleek.co.
The Cisco Umbrella rank of the primary domain is 152309.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2022. Valid for: a year.
This is the only time storageapi.fleek.co was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2022. Valid for: a year.
This is the only time storageapi.fleek.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: US Government (Government) Bank of America (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 46.101.252.20 46.101.252.20 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 2 | 2606:4700::68... 2606:4700::6812:691 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 24 | 2a02:26f0:480... 2a02:26f0:480:c::210:f18c | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:828::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 104.18.27.27 104.18.27.27 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 51.210.156.165 51.210.156.165 | 16276 (OVH) (OVH) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a02:26f0:480... 2a02:26f0:480:297::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 2a02:26f0:340... 2a02:26f0:3400:183::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 2a00:1450:400... 2a00:1450:400c:c0a::9a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 3.232.242.170 3.232.242.170 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 39 | 13 |
1
46.101.252.20
(Frankfurt am Main, Germany)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| idb.scalingupnutrition.org |
1
2a00:1450:4001:827::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
24
2a02:26f0:480:c::210:f18c
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| portal.edd.ca.gov |
2
2a00:1450:4001:828::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
104.18.27.27
(Shahr, Iran, Islamic Republic Of)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| www.visaprepaidprocessing.com |
1
51.210.156.165
(London, United Kingdom)
ASN16276 (OVH, FR)
PTR: server81.trusted-mail.in
ASN16276 (OVH, FR)
PTR: server81.trusted-mail.in
| theshaarchstudio.com |
1
3.232.242.170
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com
| api.ipify.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
ca.gov
portal.edd.ca.gov — Cisco Umbrella Rank: 176950 |
473 KB |
| 2 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1270 c.go-mpulse.net — Cisco Umbrella Rank: 611 |
50 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36 |
20 KB |
| 2 |
fleek.co
storageapi.fleek.co — Cisco Umbrella Rank: 152309 |
9 KB |
| 1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2887 |
260 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
441 B |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304 |
85 KB |
| 1 |
theshaarchstudio.com
theshaarchstudio.com |
624 B |
| 1 |
visaprepaidprocessing.com
www.visaprepaidprocessing.com — Cisco Umbrella Rank: 269957 |
8 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53 |
43 KB |
| 1 |
scalingupnutrition.org
idb.scalingupnutrition.org |
385 B |
| 39 | 11 |
| Domain | Requested by | |
|---|---|---|
| 24 | portal.edd.ca.gov |
storageapi.fleek.co
portal.edd.ca.gov |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | storageapi.fleek.co |
idb.scalingupnutrition.org
storageapi.fleek.co |
| 1 | api.ipify.org |
ajax.googleapis.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | c.go-mpulse.net |
s.go-mpulse.net
|
| 1 | s.go-mpulse.net |
storageapi.fleek.co
|
| 1 | ajax.googleapis.com |
storageapi.fleek.co
|
| 1 | theshaarchstudio.com |
storageapi.fleek.co
|
| 1 | www.visaprepaidprocessing.com |
storageapi.fleek.co
|
| 1 | www.googletagmanager.com |
storageapi.fleek.co
|
| 1 | idb.scalingupnutrition.org | |
| 39 | 12 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.ca.gov |
| www.edd.ca.gov |
| portal.edd.ca.gov |
| edd.ca.gov |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| idb.scalingupnutrition.org R3 |
2022-11-11 - 2023-02-09 |
3 months | crt.sh |
| fleek.co Cloudflare Inc ECC CA-3 |
2022-03-31 - 2023-03-30 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-10-25 - 2023-01-17 |
3 months | crt.sh |
| portal.edd.ca.gov GlobalSign RSA OV SSL CA 2018 |
2021-12-09 - 2023-01-10 |
a year | crt.sh |
| www.visaprepaidprocessing.com Cloudflare Inc ECC CA-3 |
2022-05-07 - 2023-05-07 |
a year | crt.sh |
| theshaarchstudio.com R3 |
2022-10-25 - 2023-01-23 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-10-25 - 2023-01-17 |
3 months | crt.sh |
| akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-15 - 2023-04-19 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-10-25 - 2023-01-17 |
3 months | crt.sh |
| *.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2022-02-07 - 2023-03-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://storageapi.fleek.co/203846b8-8514-42ec-894c-b9724cd25a35-bucket/Ed56T/EvGV.html
Frame ID: 91B07A8D630324B7751F2D06AC437EEC
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
Log In | Benefit Programs OnlinePage URL History Show full URLs
- https://idb.scalingupnutrition.org//wp-admin/vm.html Page URL
- https://storageapi.fleek.co/203846b8-8514-42ec-894c-b9724cd25a35-bucket/Ed56T/EvGV.html Page URL
Detected technologies
DreamWeaver
(Editors)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)
ZURB Foundation
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
URL: http://www.ca.gov/
Search URL Search Domain Scan URL
URL: http://www.edd.ca.gov/
Search URL Search Domain Scan URL
URL: https://portal.edd.ca.gov/WebApp/Login?resource_url=https://portal.edd.ca.gov/WebApp/Home&l=es
Search URL Search Domain Scan URL
URL: http://edd.ca.gov/About_EDD/Contact_EDD.htm
Title: Contact EDD
Title: Contact EDD
Search URL Search Domain Scan URL
URL: http://edd.ca.gov/About_EDD/Conditions_Of_Use.htm
Title: Conditions of Use
Title: Conditions of Use
Search URL Search Domain Scan URL
URL: http://edd.ca.gov/About_EDD/Privacy_Policy.htm
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://edd.ca.gov/About_EDD/Accessibility.htm
Title: Accessibility
Title: Accessibility
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://idb.scalingupnutrition.org//wp-admin/vm.html Page URL
- https://storageapi.fleek.co/203846b8-8514-42ec-894c-b9724cd25a35-bucket/Ed56T/EvGV.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
vm.html
idb.scalingupnutrition.org//wp-admin/ |
170 B 385 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
EvGV.html
storageapi.fleek.co/203846b8-8514-42ec-894c-b9724cd25a35-bucket/Ed56T/ |
44 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
109 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery
portal.edd.ca.gov/WebApp/ |
95 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr
portal.edd.ca.gov/WebApp/ |
11 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eGov_style.css
portal.edd.ca.gov/Resources2015/css/ |
32 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
edd_style.css
portal.edd.ca.gov/Resources2015/css/ |
13 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
colorscheme_oceanside.css
portal.edd.ca.gov/Resources2015/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
edd_colorscheme_oceanside.css
portal.edd.ca.gov/Resources2015/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
768.css
portal.edd.ca.gov/Resources2015/css/ |
398 B 680 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
edd_768.css
portal.edd.ca.gov/Resources2015/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1280.css
portal.edd.ca.gov/Resources2015/css/ |
1 KB 856 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.css
portal.edd.ca.gov/Resources2015/css/ |
29 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eGov_scripts.js
portal.edd.ca.gov/Resources2015/javascript/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
portal.edd.ca.gov/Resources2015/javascript/ |
234 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-common.js
portal.edd.ca.gov/WebApp/Scripts/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jqueryval
portal.edd.ca.gov/WebApp/ |
28 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap
portal.edd.ca.gov/WebApp/ |
42 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common
portal.edd.ca.gov/WebApp/ |
4 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en
portal.edd.ca.gov/WebApp/Content/css/ |
169 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header_ca.gov.png
portal.edd.ca.gov/Resources2015/images/template2013/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header_organization.png
portal.edd.ca.gov/Resources2015/images/template2013/ |
96 KB 96 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header_organization_phone.png
portal.edd.ca.gov/Resources2015/images/template2013/ |
90 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clear.gif
portal.edd.ca.gov/Resources2015/images/template2013/ |
43 B 341 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
www.visaprepaidprocessing.com/content/PRC384/CP384-T03-019/_Images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IE0oaSEE
storageapi.fleek.co/K0m8j1/O5xE/VfcdE/XpZA/OPehx/b1haShLzik/W2poWkgCAw/WCd/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
smtpjs.php
theshaarchstudio.com/wp-admin/js/ |
874 B 624 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
print.css
portal.edd.ca.gov/Resources2015/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GS7SH-P6789-5U7SC-YPZXM-A77ED
s.go-mpulse.net/boomerang/ |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header_background.jpg
portal.edd.ca.gov/Resources2015/images/template2013/oceanside/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nav_shadow.png
portal.edd.ca.gov/Resources2015/images/template2013/ |
175 B 473 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
CaGov.woff
portal.edd.ca.gov/Resources2015/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
CaGov.ttf
portal.edd.ca.gov/Resources2015/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.json
c.go-mpulse.net/api/ |
51 B 323 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 441 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
api.ipify.org/ |
24 B 260 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- portal.edd.ca.gov
- URL
- https://portal.edd.ca.gov/Resources2015/fonts/CaGov.woff
- Domain
- portal.edd.ca.gov
- URL
- https://portal.edd.ca.gov/Resources2015/fonts/CaGov.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: US Government (Government) Bank of America (Banking)67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| html5 object| Modernizr string| serpLocation function| addLoadEvent function| getElementsByClass number| counterC undefined| navRoot function| closeAllPanels function| removeDisplay function| toggle_menu function| toggle_search object| prepareSearchForm function| addGAToDownloadLinks function| startListening function| trackMailto function| trackTelto function| trackExternalLinks function| initPage object| CAGOVTabpanel function| initNavigation function| fluidDialog function| simulateClick object| jQuery1111026794968295016686 function| doAjaxJson function| doAjaxTwo function| getUrlVars function| doAjax function| doAjaxWait function| getAjax function| getVerificationToken function| showSystemError function| hasInStorage function| validate function| checkStorage function| showBrowserSettingsView function| showSearchView function| enableControl number| waitingWaitTime object| Const object| GlobalVals string| ROOT function| setGlobalValues string| BOOMR_API_key object| BOOMR function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| gaplugins object| gaGlobal object| gaData number| BOOMR_configt object| Email function| sendEmail function| sendEmail2 function| sendEmail3 function| sendEmail4 function| sendEmail5 number| BOOMR_onload6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .fleek.co/ | Name: _ga Value: GA1.2.1282512929.1668272394 |
|
| .fleek.co/ | Name: _gid Value: GA1.2.559790887.1668272394 |
|
| .fleek.co/ | Name: _gat_gtag_UA_3419582_31 Value: 1 |
|
| .visaprepaidprocessing.com/ | Name: __cf_bm Value: 9uQbgSlsAxf7S8VPa.djU23bz05osgExxwXJDa6dnHk-1668272394-0-ATV1tEkRzFNYuj9rWmnbBt456neRdEiXwXypj7OTqoshIrBic3S9EwxKv2yegD1DXoaNleLAMyhMWrU3dWzr+ic= |
|
| .visaprepaidprocessing.com/ | Name: __cfruid Value: d422045ffdd33e140d5bd342b54c2edcf6f56ea8-1668272394 |
|
| .storageapi.fleek.co/ | Name: RT Value: "z=1&dm=storageapi.fleek.co&si=4e164244-4ab4-495e-8344-a2741fe4695d&ss=lae6b4n1&sl=1&tt=1x1&rl=1&ld=1x7" |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.ipify.org
c.go-mpulse.net
idb.scalingupnutrition.org
portal.edd.ca.gov
s.go-mpulse.net
stats.g.doubleclick.net
storageapi.fleek.co
theshaarchstudio.com
www.google-analytics.com
www.googletagmanager.com
www.visaprepaidprocessing.com
portal.edd.ca.gov
104.18.27.27
2606:4700::6812:691
2a00:1450:4001:80b::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c0a::9a
2a02:26f0:3400:183::11a6
2a02:26f0:480:297::11a6
2a02:26f0:480:c::210:f18c
3.232.242.170
46.101.252.20
51.210.156.165
02180ad6d7511879b968b438e1c377bd4ecd2c6710d54435b02164811c09ce92
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ab1201017d028508a7875aeb35065d6c487c57fb0fffeda292eda6121fe01db
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
15818e9081cc2d153b1b36f14394573561db99a6a4d3943c36798ff7ce36a83c
2214aa4895c662df8eb41fa759922735ab5c60db9224a3923290bb2a0374e6be
240c7551367ed9d2fe12066b64e1b7d474b95e47a4cecee729941aac875156fb
58f9361b16f85777deafafdd3c142295972bacead6e2179fe202ce005033af1b
5dbd7da88535c734c97c0e290a808c97d48b71ae6af073ea4a2699019f6f067a
6a136acb89179a53c4ba5949f0fae1782dfe30b240f23a21a43ef3bbc918229b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78119ccd5e004bd01f083b55d5a4dad007b0c05457e0a85e8c86fc806f88aaa8
864da5a32712777d5b08ed1a74b05345907c0d3febe685a47e829ea331260bbc
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8df2022041809c1948f5b0b82b6637df8fdb9e29b9245dd2ac561de0c0414228
920059afc6597d221b270f0ab75e9606878f5233cfc0dc1c226167e2ac62b580
94b20059b1569a74855fe451c0e9d8c657071c9a3178213abe1323a228cf900a
95e5df0ff93203ce1d112dea4d63e02bdf4ebee4e28306b6f8e0c05974e23825
986558fa08551f0223800038f96f076db64e7c1855a9d1d184ede59f495f99eb
a23545e1d96a5d1ca83094e26826e2a1ade422170014bcb1ff306795f68bfff4
a2a17f403c22316d5816a0c8987f0718cd69132814f9478ca91cf78b783c00eb
a32d93c3f23567760cc4a0f9f8e156b687769ede3e47a928fac1c2f2c386c96f
a92184baa395e33c593a16331c988f622695fe2c39a9c0baeea9ae25e1ac115d
ad62eb85667532488d032273c196c7ea1c10e0897223c4b66cd38b8c5e5215a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba531802349d847f29e65e1ad2c726b6670b4c3977cf68ef1d4faf03f8ab905d
bba60cc6402a9bef7a2d9ee025b081aee03da3438ab3709d7f6ecd59434da228
bd0e935bdb4b4a82cae92697683b158dd571672549fe1c182d84758789392c94
d07ee203eb35125b3d11eb0c8dcbc93b649b0b7fd43ccdee91ad2e2037892283
d22f436fb891e5690b3da3f173af21bea5ce87ce6070005632daa327a9fd40ba
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef49d3c21cb1e7763f7998d60314694cab35f0de2790445d84830dd19aaa2c54
f2af66415bb61e8f4f27140240d8f350728296bd4047b4aa712551beceb6253c
f5af418c3c6e41b2d56038f6ce270e36959fd2454a10da28fca4e7b2bf5c3332
f8504a7d5fbd9ada9d5d402a90b6f682850fa35e37f58ae100258b3c3f7ede4e