Site to check out weird or suspect URLs

Originally published at: https://boingboing.net/2020/08/20/site-to-check-out-weird-or-sus.html

11 Likes

I would recommend URLScan https://urlscan.io/ as well. It’s a tool I often use when investigating suspect links as it brings in reputation info, the various different connections out, the modules it loads and provides a handy screenshot of the page.

In addition to that, I recommend Talos https://talosintelligence.com/ if you want to look up info about a domain or IP address.

Edit: Oh, and who can forgot your friend and mine, VirusTotal https://www.virustotal.com/ for scanning links to file and the actual files themselves for malicious fingerprints

12 Likes

+1 on the Talos link- It’s what used to be called Senderbase before Cisco merged that site in with their Talos acquisition. It’s been my go to for determining reputation, if a given IP is on any blocklists (and which ones), geolocation, network owner, etc.

1 Like

There’s also unfurl https://dfir.blog/unfurl which might of use by somebody and isn’t just limited to URLs.

1 Like

https://isolation.site:8015/?url=http%3A%2F%2Fwww.5z8.info%2Fxxx_r4k9fq_inject_worm&ran=0.45211448424197065#

hey, it works! (suspicious url courtesy of http://www.shadyurl.com)

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.