ipfs.io
Open in
urlscan Pro
2602:fea2:2::1
Malicious Activity!
Public Scan
Submission: On May 29 via manual from DZ — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.
This is the only time ipfs.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2602:fea2:2::1 2602:fea2:2::1 | 40680 (PROTOCOL) (PROTOCOL) | |
12 | 129.93.162.39 129.93.162.39 | 7896 (NU-AS) (NU-AS) | |
23 | 2 |
ASN7896 (NU-AS, US)
PTR: cse-mail.unl.edu
cse-mail.unl.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
unl.edu
cse-mail.unl.edu |
574 KB |
11 |
ipfs.io
ipfs.io — Cisco Umbrella Rank: 65949 |
49 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
12 | cse-mail.unl.edu |
ipfs.io
cse-mail.unl.edu |
11 | ipfs.io |
ipfs.io
|
23 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ipfs.io GTS CA 1P5 |
2024-04-16 - 2024-07-15 |
3 months | crt.sh |
cse-mail.unl.edu InCommon RSA Server CA 2 |
2024-04-18 - 2025-05-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ipfs.io/ipfs/QmP986sBREsdejN3qCe32FhkJ5SCje9Q3vFrPjW2qWAAWR?filename=xxdex(2).html
Frame ID: 0331E973696F8DF7FED8A5F5002BEB98
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Roundcube Webmail :: Welcome to Roundcube WebmailDetected technologies
RoundCube (Web Mail) ExpandDetected patterns
- <title>RoundCube
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
QmP986sBREsdejN3qCe32FhkJ5SCje9Q3vFrPjW2qWAAWR
ipfs.io/ipfs/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
cse-mail.unl.edu/webmail/skins/larry/ |
42 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.8.18.custom.css
cse-mail.unl.edu/webmail/plugins/jqueryui/themes/larry/ |
39 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui.js
cse-mail.unl.edu/webmail/skins/larry/ |
32 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cse-mail.unl.edu/webmail/program/js/ |
93 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
cse-mail.unl.edu/webmail/program/js/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
cse-mail.unl.edu/webmail/program/js/ |
109 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.8.18.custom.min.js
cse-mail.unl.edu/webmail/plugins/jqueryui/js/ |
205 KB 206 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundcube_logo.png
cse-mail.unl.edu/webmail/skins/larry/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linen.jpg
cse-mail.unl.edu/webmail/skins/larry/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linen_login.jpg
cse-mail.unl.edu/webmail/skins/larry/images/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_shadow.png
cse-mail.unl.edu/webmail/skins/larry/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ajaxloader.gif
ipfs.io/ipfs/skins/larry/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
buttons.png
ipfs.io/ipfs/skins/larry/images/ |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
addcontact.png
ipfs.io/ipfs/skins/larry/images/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
filetypes.png
ipfs.io/ipfs/skins/larry/images/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
listicons.png
ipfs.io/ipfs/skins/larry/images/ |
638 B 638 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
messages.png
ipfs.io/ipfs/skins/larry/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
quota.png
ipfs.io/ipfs/skins/larry/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
selector.png
ipfs.io/ipfs/skins/larry/images/ |
7 KB 7 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
splitter.png
ipfs.io/ipfs/skins/larry/images/ |
7 KB 7 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
watermark.jpg
ipfs.io/ipfs/skins/larry/images/ |
7 KB 7 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
cse-mail.unl.edu/webmail/skins/larry/images/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| rcube_mail_ui function| rcube_scroller function| rcube_splitter function| $ function| jQuery number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_layer function| rcube_check_email function| rcube_clone_object function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie function| rcube_console object| bw object| Base64 function| rcube_webmail object| rcmail object| jQuery1720972241067548012 function| DP_jQuery_1716975618057 object| UI object| img0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cse-mail.unl.edu
ipfs.io
129.93.162.39
2602:fea2:2::1
04de013b042482b847e6853fb36422bc39a96c46e011bb4652aec323371c3349
0bcbe1fedf6c7cabd5e91552f247e28ffc02e6f2dbb5d35b5000acd0b760b9e3
31a16a16a6a9eb527ff143ca39a012b59c9559338b40daba3c84b3483229384c
37ea4fc4484298275a967d614820d257b7689a81dcf5ce5aaf5867f4a57141dd
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a7c47e4b61a7216148477328ee1ec117c7d5e087cc481dcc284bf6f183089a6
5357cd9df233dfd3b261ddfbaa3a8c89a093f8ec0700cd6ccff6ab5d5c39073c
573d13341b17ca8f266be07adcc3a2c906717293c4e4bccfa880858b3d502b09
6d275ca36b838052d7aeecb00406839b3864d17334cd4273fb2d0ee45bdd4a0c
71f836963b9b4ff4b1cb7325d32970382f3a4f9574d530e39dee49ca4b2604ff
7f519e93cc2578cc59a9fe3fac33b04a8161ddd073f0857fd905dc94dd7775b7
8436b8d56ce0596f7df21bb46cac82344d082d6a1f481bd9ad3e08fe7834bf25
8744dcaf4b30067accf0ebd1f525a5db1b27f63bbb5510a04e338f2274d4fecd
9231614f0a69ccf3903bf3ef15bf20d6bfee04415eff3dd1e6ffb455f8ec07f8
96e2c800ebb36d2013ec95994f1847034e557734a13dd0675934fdf3f408b276
9a70b1723f50686abc8ef338d9854b33f1bf0a38e4af95b2f38832598e97264a
cc3f184cf37c0d616090c41166e16b1b73208eaadf5f6dbae35ab0e44bc75f0a
d90746d3397049a1294abc8d5777ec8844761acaac233914f6d4d1f69f64ed90
e7084e78f15f9480be313f6e7b7b5bb99b4f005e569984b32e0880a72ae803c3
f38f53a28fe9992933dbc4ba83a76eb55e7c30c6fe84981df683ace83735ad43
f5ee5be7bdf8453624068839cc035bc83962c6850db1b27fad0ef555bafda8dc