urlscan.io logo urlscan.io
SecurityTrails logo

fly.storage.tigris.dev Open in urlscan Pro
2a09:8280:1::24:a5c5  Public Scan

Go To Rescan Add Verdict Report
URL: https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html
Submission Tags: @phish_report
Submission: On October 18 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2a09:8280:1::24:a5c5, located in United States and belongs to FLY, US. The main domain is fly.storage.tigris.dev. The Cisco Umbrella rank of the primary domain is 589714.
TLS certificate: Issued by E5 on September 9th 2024. Valid for: 3 months.
This is the only time fly.storage.tigris.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a09:8280:1::... 40509 (FLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 3
Apex Domain
Subdomains		 Transfer
3 tigris.dev
fly.storage.tigris.dev — Cisco Umbrella Rank: 589714
79 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
2 KB
4 2
Domain Requested by
3 fly.storage.tigris.dev fly.storage.tigris.dev
1 cdn.jsdelivr.net fly.storage.tigris.dev
4 2

This site contains no links.

Subject Issuer Validity Valid
fly.storage.tigris.dev
E5		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html
Frame ID: 41434E35EDB29C5D09A183C4D905D318
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Our Organisation Fax Portal.xls

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

4
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

81 kB
Transfer

129 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request AbsaOnlinePop.html
fly.storage.tigris.dev/crimson-darkness-23/ 		78 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::24:a5c5 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Tigris OS /
Resource Hash
5bd12559777d39e8d91b67c410545923e89c854682b7e0fb8da98352710caee0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-expose-headers
*
content-length
79546
content-type
text/html
date
Fri, 18 Oct 2024 09:01:59 GMT
etag
"d24369610a73aa9deaf5f50e9f43b712"
last-modified
Sun, 13 Oct 2024 14:03:31 GMT
server
Tigris OS
server-timing
total;dur=198,cache;desc=miss;dur=4, server;desc=meta;dur=32, block;desc=cache;dur=45
x-amz-content-sha256
5bd12559777d39e8d91b67c410545923e89c854682b7e0fb8da98352710caee0
x-amz-date
20241013T140330Z
x-amz-request-id
1729242119224034275
x-tigris-regions
jnb
x-tigris-served-from
fra
truncated
/ 		46 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ef546a131a2afbf63fac84b5da85b85799e16d183e96f721539d6b7d90697bc

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/jpeg
email.min.js
cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/email.min.js
Requested by
Host: fly.storage.tigris.dev
URL: https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
249f5139f01396e20b067fbe6db17315981fb1c36c64d64df224bcf0f8750eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://fly.storage.tigris.dev/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"80a-PXSZ1xOJiieY9EnYs1KNQJRHUgg"
age
9991
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1qdWIgnwHZtT%2BP3E4ENhKpD4kYDVYqjBW4ascX%2FmJq3ZZQgu8R%2BTKqjXYZWQJkUt2vWM3%2BfTqTJ0JHRYs9qMnT5MaMz7%2FW6wrMMHmd76xVw2QccT9Eur%2Fh1q8ZLOJU5%2BVnfgI6W8HI1JOHi%2FXU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 09:01:59 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220134-FRA, cache-lga21931-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d4758cffb084c80-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1034
server
cloudflare
x-jsd-version
3.12.1
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f15acadfe2062d3b17b0cf6a69545d9ca811080b299d5e6dc1a2a556049f827

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/png
index_Form1_bkgrnd.png
fly.storage.tigris.dev/crimson-darkness-23/images/ 		325 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.storage.tigris.dev/crimson-darkness-23/images/index_Form1_bkgrnd.png
Requested by
Host: fly.storage.tigris.dev
URL: https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::24:a5c5 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Tigris OS /
Resource Hash
c115267cb0af3d71bda1fc32df159ef9e2cbe3fe35262a2c2a3a7603b43f0d71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-expose-headers
*
access-control-allow-methods
*
x-amz-request-id
1729242119738334267
access-control-allow-origin
*
server-timing
total;dur=237,cache;desc=miss;dur=8, server;desc=miss;dur=211
content-length
325
date
Fri, 18 Oct 2024 09:01:59 GMT
content-type
application/xml
server
Tigris OS
access-control-allow-headers
*
favicon.ico
fly.storage.tigris.dev/ 		223 B
314 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fly.storage.tigris.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::24:a5c5 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Tigris OS /
Resource Hash
ae9c7c0689b46e7c5f6a30c2b11386bffb31df90c1abf8995cc641c85080f4f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
1729242120048162025
server-timing
total;dur=97
content-length
223
date
Fri, 18 Oct 2024 09:02:00 GMT
content-type
application/xml
server
Tigris OS

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ValidateForm1 object| emailjs function| submitForm

0 Cookies

4 Console Messages

Source Level URL
Text
recommendation warning URL: https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html
Message:
[DOM] Found 2 elements with non-unique id #pppp: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://fly.storage.tigris.dev/crimson-darkness-23/AbsaOnlinePop.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://fly.storage.tigris.dev/crimson-darkness-23/images/index_Form1_bkgrnd.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fly.storage.tigris.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()