Originally published at: https://boingboing.net/2020/08/20/site-to-check-out-weird-or-sus.html
…
I would recommend URLScan https://urlscan.io/ as well. It’s a tool I often use when investigating suspect links as it brings in reputation info, the various different connections out, the modules it loads and provides a handy screenshot of the page.
In addition to that, I recommend Talos https://talosintelligence.com/ if you want to look up info about a domain or IP address.
Edit: Oh, and who can forgot your friend and mine, VirusTotal https://www.virustotal.com/ for scanning links to file and the actual files themselves for malicious fingerprints
+1 on the Talos link- It’s what used to be called Senderbase before Cisco merged that site in with their Talos acquisition. It’s been my go to for determining reputation, if a given IP is on any blocklists (and which ones), geolocation, network owner, etc.
There’s also unfurl https://dfir.blog/unfurl which might of use by somebody and isn’t just limited to URLs.
hey, it works! (suspicious url courtesy of http://www.shadyurl.com)
This topic was automatically closed after 5 days. New replies are no longer allowed.