ipfs.io
Open in
urlscan Pro
209.94.90.1
Malicious Activity!
Public Scan
Submission: On August 06 via api from US — Scanned from CA
Summary
TLS certificate: Issued by WE1 on June 14th 2024. Valid for: 3 months.
This is the only time ipfs.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 209.94.90.1 209.94.90.1 | 40680 (PROTOCOL) (PROTOCOL) | |
2 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
2 | 18.173.166.38 18.173.166.38 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 142.251.174.104 142.251.174.104 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.111.99 142.251.111.99 | 15169 (GOOGLE) (GOOGLE) | |
7 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-166-38.mia3.r.cloudfront.net
logo.clearbit.com |
ASN15169 (GOOGLE, US)
PTR: qc-in-f104.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: bk-in-f99.1e100.net
t3.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
clearbit.com
logo.clearbit.com — Cisco Umbrella Rank: 46929 |
1000 B |
2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
30 KB |
2 |
ipfs.io
ipfs.io — Cisco Umbrella Rank: 90575 |
10 KB |
1 |
gstatic.com
t3.gstatic.com |
667 B |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 10 |
18 B |
7 | 5 |
Domain | Requested by | |
---|---|---|
2 | logo.clearbit.com |
ipfs.io
|
2 | code.jquery.com |
ipfs.io
|
2 | ipfs.io |
ipfs.io
|
1 | t3.gstatic.com | |
1 | www.google.com | 1 redirects |
7 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ipfs.io WE1 |
2024-06-14 - 2024-09-12 |
3 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
clearbit.com Amazon RSA 2048 M03 |
2024-01-22 - 2025-02-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ipfs.io/ipfs/QmVb1cwRjaGw4uARLvzL78TCp121P7v8v58dCz2rRaVqTY/TATDTSSDSSTSYHS.html
Frame ID: BEC1E242DC77FC502B02BDEC5016551E
Requests: 4 HTTP requests in this frame
Frame:
https://ipfs.io/ipfs/QmVb1cwRjaGw4uARLvzL78TCp121P7v8v58dCz2rRaVqTY/TATDTSSDSSTSYHS.html
Frame ID: 065E1B2BD935EEB20EF1403D2F1E47B0
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://www.google.com/s2/favicons?domain=microsoft.com HTTP 301
- https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://microsoft.com&size=16
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
TATDTSSDSSTSYHS.html
ipfs.io/ipfs/QmVb1cwRjaGw4uARLvzL78TCp121P7v8v58dCz2rRaVqTY/ |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
live.com
logo.clearbit.com/ |
618 B 1000 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TATDTSSDSSTSYHS.html
ipfs.io/ipfs/QmVb1cwRjaGw4uARLvzL78TCp121P7v8v58dCz2rRaVqTY/ Frame 065E |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
code.jquery.com/ Frame 065E |
85 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
live.com
logo.clearbit.com/ Frame 065E |
618 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faviconV2
t3.gstatic.com/ Redirect Chain
|
123 B 667 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery function| stopHtmlRender function| randomString function| isBase64 function| _0x23c5db function| _0x5dde function| _0x2cf3 function| checkImage0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
ipfs.io
logo.clearbit.com
t3.gstatic.com
www.google.com
142.251.111.99
142.251.174.104
151.101.194.137
18.173.166.38
209.94.90.1
352a123b5fc60b04834709b12bd417da8aec2c4319e6486c31f6826e9e591eed
3ea2a9db3120e97f8d78629056c4c7ceaa88a5384d5522e6ed09395584527b87
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a1fab8fc3cf9fb9554b6d0fcab8236be7a22ceadec82ce0704cf79d3973c1139