new10.drivehub.cfd

Name: URL Security Scans for new10.drivehub.cfd
Creator: URLert
License: https://www.urlert.com/terms

Potentially Malicious Low Traffic Tranco #3,355,013

URLert Intelligence Note

🚨 Critical Threat: OAuth Credential Harvesting

Risk Category: Malicious / Credential Theft

URLert.com has classified drivehub.cfd as a high-risk domain actively engaged in deceptive OAuth credential harvesting. This site is designed to masquerade as a legitimate Google Drive file management tool to trick users into granting broad, unauthorized access to their Google account data.

Our security analysis and community reports have identified the following critical risks:

Deceptive OAuth Requests: The site utilizes a fake interface to prompt users for Google permissions. Granting these requests may allow attackers to access, download, or delete private files stored in your Google Drive.
Evasion Tactics: Admin observations indicate the site employs a "front" landing page—appearing as a benign blog—to hide its malicious functionality and evade detection by automated security scanners.
Malicious Lures: Community reports suggest the domain is frequently associated with the distribution of pirated content, which serves as a lure to attract unsuspecting users to the credential-harvesting interface.
Infrastructure: Despite being over 1,000 days old, the domain maintains a low reputation score and utilizes Cloudflare services to mask its origin server.

Recommendation: Do NOT authorize any Google OAuth requests from this domain. If you have previously granted permissions to "Drivehub," immediately revoke access via your Google Account Security settings (Security > Third-party apps with account access) and perform a security audit of your files.

new10.drivehub.cfd is classified as a potentially malicious site, focusing on oauth credential harvesting. Drivehub.cfd is a deceptive website that masquerades as a Google Drive file management tool. It uses a fake interface to trick users into granting unauthorized access to their Google account data.

phishingcredential harvestingmaliciousoauth abuse

Network Infrastructure

Historical and current IP address mappings for this domain.

IP Address / Infrastructure	Status	Subdomains	Last Seen
172.67.202.148 CLOUDFLARENET (AS13335)	Active	new10.drivehub.cfd drivehub.cfd	Today
104.21.69.14 CLOUDFLARENET (AS13335)	Active	new10.drivehub.cfd drivehub.cfd	Today

172.67.202.148

CLOUDFLARENET (AS13335)

Active

new10.drivehub.cfd drivehub.cfd

Seen Today

104.21.69.14

CLOUDFLARENET (AS13335)

Active

new10.drivehub.cfd drivehub.cfd

Seen Today

Community Intelligence

Real experiences from people who visited this domain

Recent Threat Analysis

URLert analyzed recent scan activity for new10.drivehub.cfd and found 1 result.

Status	Target URL	Type	Time
Suspicious	https://new10.drivehub.cfd/		7h ago

Something wrong?

• Domain owner?

Developer API

Integrate Domain Intelligence

Access this classification data programmatically via our API.

GET /api/v1/classify?domain=new10.drivehub.cfd

{
  "domain": "drivehub.cfd",
  "confidence": "high",
  "category": {
    "purpose": "potentially_malicious",
    "specialization": "OAuth Credential Harvesting"
  },
  "identity": {
    "headline": "Malicious site attempting to harvest Google Drive OAuth permissions",
    "summary": "Drivehub.cfd is a deceptive website that masquerades as a Google Drive file management tool. It uses a fake interface to trick users into granting unauthorized access to their Google account data.",
    "operator": null,
    "parent_entity": null,
    "topics": [
      "phishing",
      "credential harvesting",
      "malicious",
      "oauth abuse"
    ]
  },
  "functions": {
    "is_ugc_platform": false,
    "is_file_host": false,
    "is_url_shortener": false,
    "is_public_idp": false,
    "is_crypto_platform": false,
    "allows_user_subdomains": false,
    "is_form_builder": false,
    "is_document_host": false
  },
  "facts": {
    "registered_date": "2023-05-18T17:40:52Z",
    "rank": 3355013,
    "hosting_provider": "CLOUDFLARENET - Cloudflare, Inc."
  }
}

API Documentation ↗ • View Pricing ↗