storageapi.fleek.co
Open in
urlscan Pro
2606:4700::6812:791
Malicious Activity!
Public Scan
Submission: On December 06 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2022. Valid for: a year.
This is the only time storageapi.fleek.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700::68... 2606:4700::6812:791 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2a02:26f0:170... 2a02:26f0:1700:787::25cb | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
23 | 4 |
ASN20940 (AKAMAI-ASN1, NL)
keycloak.mydhli.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
mydhli.com
keycloak.mydhli.com |
899 KB |
2 |
fleek.co
storageapi.fleek.co — Cisco Umbrella Rank: 205006 |
34 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 361 |
30 KB |
23 | 3 |
Domain | Requested by | |
---|---|---|
7 | keycloak.mydhli.com |
storageapi.fleek.co
keycloak.mydhli.com |
2 | storageapi.fleek.co |
storageapi.fleek.co
|
1 | ajax.googleapis.com |
storageapi.fleek.co
|
23 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fleek.co Cloudflare Inc ECC CA-3 |
2022-03-31 - 2023-03-30 |
a year | crt.sh |
logistics.dhl DPDHL Global TLS CA - I5 |
2022-10-05 - 2023-10-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://storageapi.fleek.co/00b7a4e8-78a6-4310-8960-f7d2316983a4-bucket/dhlservice/index.html
Frame ID: 8A7731998EF3DED17417E8A97797B50B
Requests: 23 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
storageapi.fleek.co/00b7a4e8-78a6-4310-8960-f7d2316983a4-bucket/dhlservice/ |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly.css
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/css/ |
217 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly-additions.css
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/css/ |
257 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zocial.css
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/lib/zocial/ |
43 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.v2.js
storageapi.fleek.co/00b7a4e8-78a6-4310-8960-f7d2316983a4-bucket/dhlservice/ |
88 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-login.jpg
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/img/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-pic@2x.jpg
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/img/ |
753 KB 755 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl-logo.svg
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Regular-webfont.woff2
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-ExtraBold-webfont.woff2
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Light-webfont.woff2
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Bold-webfont.woff2
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Delivery_W_Bd.woff
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Bold-webfont.woff
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-ExtraBold-webfont.woff
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Light-webfont.woff
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Regular-webfont.woff
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Bold-webfont.ttf
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-ExtraBold-webfont.ttf
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Light-webfont.ttf
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Regular-webfont.ttf
keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-ExtraBold-webfont.woff2
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Bold-webfont.woff2
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/fonts/Delivery_W_Bd.woff
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Bold-webfont.woff
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-ExtraBold-webfont.woff
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Bold-webfont.ttf
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-ExtraBold-webfont.ttf
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.ttf
- Domain
- keycloak.mydhli.com
- URL
- https://keycloak.mydhli.com/auth/resources/spogr/login/mydhli-portal/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| url string| hash string| hasherror string| email string| error number| count undefined| my_email undefined| ind undefined| my_slice undefined| mainPage string| msg object| alertt function| showEl function| hideEl0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
26 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | block-all-mixed-content |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
keycloak.mydhli.com
storageapi.fleek.co
keycloak.mydhli.com
2606:4700::6812:791
2a00:1450:4001:810::200a
2a02:26f0:1700:787::25cb
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ccfbfeb715ec5990cb233658f966dcde83526c5626c302b67eb18d6984c3ae8
2d1a385e98a7ed423b016472290eed31aca521035a10452de872d5de51841559
55b99501dcfe818556c25a73c5d2e8d2d4e5b92faa0290a23b30d480a78e2b6c
6274e97588ea24e54010c6657bf49ef9f1b40858bcde5e2338afb79a7546e667
6ed00afe62833909e3371137aa6024732fe3b65da0c3001093267823b2770649
96181ee7c3977ca0effdd2540b4c6755441c1cf10d451e96fa07040ac0f78c48
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
c51b488c73b789c0c58e43e040702540f24abc5fccc228302eb44933783f401c
ff337272b931c08618213ad9ebff395d44e6f8a92d23a9b74768639e8cd12190