ipfs.eth.aragon.network
Open in
urlscan Pro
146.190.204.125
Malicious Activity!
Public Scan
Submission: On June 30 via api from LU — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.
This is the only time ipfs.eth.aragon.network was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: 1&1 Ionos (Telecommunication) Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 146.190.204.125 146.190.204.125 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 195.20.251.98 195.20.251.98 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
2 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
5 | 213.165.66.58 213.165.66.58 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
13 | 6 |
ASN14061 (DIGITALOCEAN-ASN, US)
ipfs.eth.aragon.network |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
uicdn.net
ce1.uicdn.net — Cisco Umbrella Rank: 245107 |
259 KB |
3 |
aragon.network
ipfs.eth.aragon.network — Cisco Umbrella Rank: 928177 |
508 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
4 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 816 |
24 KB |
1 |
ionos.com
tif.ionos.com — Cisco Umbrella Rank: 460509 mail.ionos.com Failed |
2 KB |
13 | 5 |
Domain | Requested by | |
---|---|---|
5 | ce1.uicdn.net |
ipfs.eth.aragon.network
|
3 | ipfs.eth.aragon.network |
ipfs.eth.aragon.network
|
2 | cdnjs.cloudflare.com |
ipfs.eth.aragon.network
|
1 | code.jquery.com |
ipfs.eth.aragon.network
|
1 | tif.ionos.com |
ipfs.eth.aragon.network
|
0 | mail.ionos.com Failed | |
13 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ionos.com |
ias.ionos.com |
my.ionos.com |
hidrive.ionos.com |
archive.ionos.com |
www.ionos-status.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ipfs.eth.aragon.network R3 |
2024-06-06 - 2024-09-04 |
3 months | crt.sh |
*.ionos.com GeoTrust TLS RSA CA G1 |
2023-08-18 - 2024-09-17 |
a year | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
ce1.uicdn.net GeoTrust RSA CA 2018 |
2024-03-20 - 2025-03-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ipfs.eth.aragon.network/ipfs/bafybeiamokwi7oluik6xpwt6ovnwtftwrohno27rqqakrs5rdxxwkgrfg4
Frame ID: C89B805352A21C1B9A413892966FBA0C
Requests: 13 HTTP requests in this frame
Frame:
https://ipfs.eth.aragon.network/ipfs/Webmail%20Login%20_%20IONOS%20by%201&1_files/robots.html
Frame ID: 6F4D22BA418099B159E611EB8B49399A
Requests: 1 HTTP requests in this frame
14 Outgoing links
These are links going to different origins than the main page.
Title: Webmail
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: iOS
Search URL Search Domain Scan URL
Title: Android
Search URL Search Domain Scan URL
Title: Thunderbird
Search URL Search Domain Scan URL
Title: Outlook
Search URL Search Domain Scan URL
Title: Apple Mail
Search URL Search Domain Scan URL
Title: email programs (POP/IMAP)
Search URL Search Domain Scan URL
Title: My IONOS
Search URL Search Domain Scan URL
Title: HiDrive
Search URL Search Domain Scan URL
Title: Email archiving
Search URL Search Domain Scan URL
Title: All Systems Operational
Search URL Search Domain Scan URL
Title: 1&1 IONOS Inc. • 2020
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
bafybeiamokwi7oluik6xpwt6ovnwtftwrohno27rqqakrs5rdxxwkgrfg4
ipfs.eth.aragon.network/ipfs/ |
506 KB 507 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
70000.js
tif.ionos.com/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
md5.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mail-archiving-de-warning-promo.svg
ipfs.eth.aragon.network/ipfs/Webmail%20Login%20_%20IONOS%20by%201&1_files/ |
151 B 151 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
robots.html
ipfs.eth.aragon.network/ipfs/Webmail%20Login%20_%20IONOS%20by%201&1_files/ Frame 6F4D |
127 B 155 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-regular.woff
ce1.uicdn.net/exos/fonts/open-sans/ |
62 KB 63 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
320 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exos-icon-font.woff
ce1.uicdn.net/exos/icons/ |
50 KB 50 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overpass-regular.woff
ce1.uicdn.net/exos/fonts/overpass/ |
42 KB 42 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-bold.woff
ce1.uicdn.net/exos/fonts/open-sans/ |
62 KB 62 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overpass-bold.woff
ce1.uicdn.net/exos/fonts/overpass/ |
41 KB 41 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
mail.ionos.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mail.ionos.com
- URL
- https://mail.ionos.com/img/favicon.ico
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: 1&1 Ionos (Telecommunication) Generic Email (Online)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| event object| fence object| sharedStorage object| NSfTIF object| CryptoJS boolean| loading string| href object| regex object| md5 function| $ function| jQuery number| count string| hash string| encoded_string function| sendmails0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
ce1.uicdn.net
code.jquery.com
ipfs.eth.aragon.network
mail.ionos.com
tif.ionos.com
mail.ionos.com
104.17.25.14
146.190.204.125
195.20.251.98
213.165.66.58
2a04:4e42::649
0616a31592529fb525435bc634e7b45d09d609706f3e46d503f76d9e89cb9f21
255df24debd0e9228aad2e5c11baededff3fdf49babf0c63b860f3aec67683b0
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
6b7fc9bedc004b27eb1381f3f8686363d897b5ccfed5d302a04949e27ae4b7b3
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9
80d0635fe9783bec07a43419deb4e9969bf30a78f008386826c9723b7651f43c
97dc67431dbd3360ea838fecad611a30f540f8389bbd15b89a1e14ba8dbb54aa
ac93a0b9313837ed6b0b119de837a620de8440aa2a859ed2f182310a03cd251e
c8e1724edab4d29c68d698c71f04db98774a5ba4fb432e4d37bfb0beecdac987
cf83744b09d163a6ad15e07ec454265536810c336a647c7a1aaaadfa8abb36a8
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1