ipfs.eth.aragon.network
Open in
urlscan Pro
146.190.204.125
Malicious Activity!
Public Scan
Submission: On May 17 via api from LU — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 7th 2024. Valid for: 3 months.
This is the only time ipfs.eth.aragon.network was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 146.190.204.125 146.190.204.125 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::2001 | 15169 (GOOGLE) (GOOGLE) | |
6 | 5 |
ASN14061 (DIGITALOCEAN-ASN, US)
ipfs.eth.aragon.network |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 44 |
193 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 776 |
78 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
14 KB |
1 |
aragon.network
ipfs.eth.aragon.network — Cisco Umbrella Rank: 765845 |
40 KB |
0 |
lopapscop.ws
Failed
wctrjw96lr.lopapscop.ws Failed |
|
6 | 5 |
Domain | Requested by | |
---|---|---|
2 | lh3.googleusercontent.com | |
1 | code.jquery.com |
ipfs.eth.aragon.network
|
1 | cdnjs.cloudflare.com |
ipfs.eth.aragon.network
|
1 | ipfs.eth.aragon.network | |
0 | wctrjw96lr.lopapscop.ws Failed |
code.jquery.com
|
6 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ipfs.eth.aragon.network R3 |
2024-04-07 - 2024-07-06 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.googleusercontent.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ipfs.eth.aragon.network/ipfs/bafkreidh6a4hncy5kbo4jhmbdzj4oz7axs3iydshu7g45bbjguahhuhezm
Frame ID: DB96DEDCD3958C65336FA2FB1C3F92B3
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
bafkreidh6a4hncy5kbo4jhmbdzj4oz7axs3iydshu7g45bbjguahhuhezm
ipfs.eth.aragon.network/ipfs/ |
40 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ |
47 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.9.1.js
code.jquery.com/ |
262 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AJFCJaXhZo6cUCNh1ssNQzSV3jc1ppd5Vt2HN5GjHL82rJR25OrOigrMWVvBpwQN6BD4T_qHdwh2spOZ9bKA-BqcHsttYMUy5sxc-E99nKe9pgDJsCX0icydpRhjm97W_S4_6cism2sTCOp-Oxa807yjCEw=w1580-h720-s-no
lh3.googleusercontent.com/pw/ |
192 KB 193 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AMWts8CjWLE-4lSHnzZVyyi38RiG_iHUev92wvk3GXVlZur4_v68tJc5TxPcsfc6Vo4P2_Sa5_Dg4wBjO9x0q0xYFQKyjpg1zURhvOLxyPhDhPJg_Z8XDFduSWtavIhhZp_z9dX4zrOp2jk9GCWUmL_6qus=s128-no
lh3.googleusercontent.com/pw/ |
330 B 439 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
wctrjw96lr.lopapscop.ws/obufsssssssscaaatoion/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- wctrjw96lr.lopapscop.ws
- URL
- https://wctrjw96lr.lopapscop.ws/obufsssssssscaaatoion/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)156 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| CryptoJS string| ykyqsvWn function| _0x5016 function| _0x263e01 function| _0x3e042d function| _0x4d526d function| _0x564986 function| _0x56c307 function| _0x480662 function| _0x518f10 function| _0x260ff3 function| _0x404465 function| _0x48a618 function| _0x5a4b1e function| _0x2f57d1 function| _0x321d9a function| _0x4bd58e function| _0x27b778 function| _0x567761 function| _0x514f34 function| _0x18e531 function| _0x1f7969 function| _0x34de6a function| _0x3de8e9 function| _0x578458 function| _0x14e5b2 function| _0x6a78f3 function| _0x22dc3f function| _0x574c40 function| _0x1eab75 function| _0x4e651d function| _0x390dbe function| _0x164006 function| _0x49b9a1 function| _0x5cff50 function| _0x212d00 function| _0xe0b83b function| _0x26a5b6 function| _0x322902 function| _0x309682 function| _0x2d603a function| _0x540fec function| _0x435ed7 function| _0x2fdb0c function| _0x15a017 function| _0x139825 function| _0x2c094d function| _0x4180d6 function| _0x50b58a function| _0x7c7c83 function| _0x24b75f function| _0xc0937a function| _0x6b1979 function| _0x178297 function| _0x37a7c8 function| _0x215b36 function| _0x47e3ee function| _0x21c86b function| _0x2b0709 function| _0x3238f8 function| _0x3c9feb function| _0x3c1fdf function| _0x4f7fc8 function| _0xb41538 function| _0x3edc28 function| _0x4a2643 function| _0x398fa4 function| _0x53ba0a function| _0x1b2934 function| _0x58c791 function| _0x4d1a0b function| _0x457c2c function| _0x52687e function| _0x4dde9e function| _0x5a8606 function| _0x31cc07 function| _0x280cb2 function| _0x2c7d8e function| _0x5aecc0 function| _0x399177 function| _0x2dffca function| _0x3653b7 function| _0x378d5c function| _0xd43a15 function| _0x1cb69d function| _0x1d3744 function| _0x519cfb function| _0x21bf22 function| _0x53f5cd function| _0x43089c function| _0x58ef64 function| _0xc2e02 function| _0x6616bf function| _0x504a8f function| _0x4a8035 function| _0x13ea32 function| _0x2c252c function| _0xbb1a83 function| _0x5f1738 function| _0x2fc31b function| _0x520cb6 function| _0xf56198 function| _0x11eef6 function| _0x3039a9 function| _0xd9ed9 function| _0xceb537 function| _0x2fd0b3 function| _0x464e8e function| _0x3bf0ce function| _0x12e635 function| _0x2257c7 function| _0x51bcf2 function| _0x168e88 function| _0x45bf43 function| _0x1f1c20 function| _0x3deda8 function| _0x2bcd8d function| _0x4f3601 function| _0x48cf47 function| _0x1c812b function| _0x244db8 function| _0x145789 function| _0x415bf2 function| _0x36172a function| _0x24cbd6 function| _0x366ecf function| _0x1de213 function| _0x43c67b function| _0x21fb9f function| _0x399d6d function| _0x3b9de1 function| _0x8e5a4 function| _0x501643 function| _0x3054be function| _0x1edc46 function| _0x29ab91 function| _0x21e592 function| _0x540e12 function| _0x33e291 function| _0x7a78f4 function| _0x3f8685 function| _0x19ca2b function| _0x46ed64 function| _0x3f1b45 function| _0x42f739 function| _0x44f88e function| _0x381b object| _0x74bf string| IGOBZL string| cbbg string| kaka90nal string| ka45k459final2 string| kak0011afinal number| countttingerr function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
code.jquery.com
ipfs.eth.aragon.network
lh3.googleusercontent.com
wctrjw96lr.lopapscop.ws
wctrjw96lr.lopapscop.ws
104.17.25.14
146.190.204.125
2a00:1450:4001:812::2001
2a04:4e42:200::649
67f038768b1d505dc49d811e53c767e0bcb68c0e47a7cdce8429350073d0e4cb
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
c51ecfdbb39612d629bbbfa57896c63dc52971d7bcf78f1795944be16274a8eb
fea8fbaec75213e1af8005edfcdc94e7b5d7dca6ddb4e262d66e4756bda96d54