www.enigmasoftware.com Open in urlscan Pro
18.66.122.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.enigmasoftware.com/phishing-attacks-target-linkedin-users/
Submission: On October 03 via api (October 3rd 2024, 1:19:45 pm UTC) from IN — Scanned from DE

Summary HTTP 60 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 18 domains to perform 60 HTTP transactions. The main IP is 18.66.122.46, located in United States and belongs to AMAZON-02, US. The main domain is www.enigmasoftware.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 31st 2024. Valid for: a year.

This is the only time www.enigmasoftware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	18.66.122.46 18.66.122.46	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:235... 2600:9000:235a:be00:17:a556:9bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:4800:4:d7e1:700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:8000:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	18.66.112.89 18.66.112.89	16509 (AMAZON-02) (AMAZON-02)
1	54.171.122.26 54.171.122.26	16509 (AMAZON-02) (AMAZON-02)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	162.159.153.247 162.159.153.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
60	24

20 18.66.122.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-46.fra60.r.cloudfront.net

www.enigmasoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:235a:be00:17:a556:9bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

myaccount.enigmasoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4800:4:d7e1:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:8000:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.122.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	enigmasoftware.com www.enigmasoftware.com myaccount.enigmasoftware.com	209 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 862 psb.taboola.com — Cisco Umbrella Rank: 5951 trc.taboola.com — Cisco Umbrella Rank: 686 trc-events.taboola.com — Cisco Umbrella Rank: 2720	24 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 5671	4 KB
2	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4482	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 6617 q.quora.com — Cisco Umbrella Rank: 5041	15 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 712	8 KB
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 15419 tr.lfeeder.com — Cisco Umbrella Rank: 26210	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	231 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1568	508 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	550 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 23281	5 KB
60	18

	Domain	Requested by
20	www.enigmasoftware.com	www.enigmasoftware.com
4	trc-events.taboola.com	cdn.taboola.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	js.zi-scripts.com	www.enigmasoftware.com js.zi-scripts.com
3	myaccount.enigmasoftware.com	www.enigmasoftware.com
2	ws.zoominfo.com	js.zi-scripts.com
2	www.facebook.com
2	connect.facebook.net	www.enigmasoftware.com connect.facebook.net
2	s.yimg.com	www.enigmasoftware.com s.yimg.com
2	www.googletagmanager.com	www.enigmasoftware.com www.googletagmanager.com
1	px4.ads.linkedin.com
1	q.quora.com
1	a.quora.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	sp.analytics.yahoo.com	www.enigmasoftware.com
1	tr.lfeeder.com	www.enigmasoftware.com
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	www.google.de	www.enigmasoftware.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	r.wdfl.co	www.enigmasoftware.com
1	cdn.taboola.com	www.enigmasoftware.com
1	sc.lfeeder.com	www.enigmasoftware.com
60	25

This site contains links to these domains. Also see Links.

Domain
myaccount.enigmasoftware.com
www.enigmasoftware.de
www.enigmasoftware.es
www.enigmasoftware.fr
www.enigmasoftware.jp
dl.enigmasoftware.com
purchase.enigmasoftware.com

Subject Issuer	Validity	Valid
enigmasoftware.com Amazon RSA 2048 M02	`2024-03-31` - `2025-04-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.lfeeder.com Amazon RSA 2048 M02	`2024-02-20` - `2025-03-20`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-08-26` - `2024-10-16`	2 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
r.wdfl.co Amazon RSA 2048 M02	`2024-08-02` - `2025-08-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
zi-scripts.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
quora.com WR1	`2024-09-15` - `2024-12-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-12` - `2024-10-10`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
zoominfo.com E5	`2024-09-14` - `2024-12-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.enigmasoftware.com/phishing-attacks-target-linkedin-users/
Frame ID: C195FC5120F2BCE789566BA16439B236
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beware: New Phishing Attacks Target LinkedIn Users