malicious.link
Open in
urlscan Pro
161.35.59.126
Public Scan
Submission: On November 02 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by R3 on September 3rd 2022. Valid for: 3 months.
This is the only time malicious.link was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 161.35.59.126 161.35.59.126 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
malicious.link
malicious.link |
514 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361 |
2 KB |
6 | 2 |
Domain | Requested by | |
---|---|---|
5 | malicious.link |
malicious.link
|
1 | cdnjs.cloudflare.com |
malicious.link
|
6 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
gohugo.io |
github.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
malicious.link R3 |
2022-09-03 - 2022-12-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://malicious.link/
Frame ID: F0BA7C439BF052F7D47025ACC4325656
Requests: 6 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Hugo
Search URL Search Domain Scan URL
Title: Djordje Atlialp
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
malicious.link/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/ |
33 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.a6537515292628f292bc89dc1bb6a3480b72f307b458bdd65364ae5b8b20399d.css
malicious.link/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.188af889e916d7182e7bf4af7bed9ff4c9b70dd61a69188cb044d25745a4ffc32b82cbec846336503520a7716e619cb46848931205cfa3176a691ff9152d4947.js
malicious.link/ |
315 KB 316 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-UI-Regular.woff2
malicious.link/fonts/ |
86 KB 87 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-UI-Bold.woff2
malicious.link/fonts/ |
93 KB 94 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _self object| Prism object| typescript object| metaThemeColor0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src https: |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
malicious.link
161.35.59.126
2606:4700::6811:180e
0f0a4e85d029da926665305441ece011b184f55a65eb316c05a7d10aa7526155
1e2fb3bf9aee4d8638513f6c8d5ddf021ae5f00932e7036bd67f213db690553c
49838d7356542f97ad5cfedd3dcd442c7bb412930ee6c2fbc0dd3537b72077b4
801af1a2d0347e385f784b33bacd30bc75f5e3f8ef728773a2994ba2611db251
d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9
d5396412f09c973aea8502a9ac47b7bb0266af77026f2675a8b3ecc97de818d2