Malicious or suspicious?

See: https://www.virustotal.com/gui/domain/torry.io/detection

Is -torry.io also a sort of “gimmick” to have tor-data to arrive at Google’s?
-www.torry.io
188.114.96.3

Submitted URL: -https://torry.io/
Effective URL: -https://www.torry.io/
Submission: On August 1 via manual (August 1st 2024, 8:08:26 pm UTC) from NL — Scanned from NL

Summary
This website contacted 2 IPs in 2 countries across 1 domain to perform 25 HTTP transactions.
The main IP is 188.114.96.3, located in Amsterdam, Netherlands, and belongs to CLOUDFLARENET, US.
The main domain is -www.torry.io.
TLS certificate: Issued by WE1 on July 1, 2024. Valid for: 3 months.
-torry.io scanned 21 times on urlscan.io
-www.torry.io scanned 18 times on urlscan.io
urlscan.io Verdict: No classification
Live information
Google Safe Browsing: No classification for www.torry.io
Current DNS A record: 188.114.97.3 (AS13335 - CLOUDFLARENET, US)
Domain & IP information
IP/ASNs
IP Detail
Domains
Domain Tree
Links
Certs
Frames
IP Address AS Autonomous System
2 25 188.114.96.3 13335 (CLOUDFLARENET)
2 2400:52e0:1e00::1080:1 60068 (CDN77 _)
25 2

2 Outgoing links
These are links going to different origins than the main page.

URL: -https://chrome.google.com/webstore/detail/torry/amgdmokmcgdoodpfegebpahngimkafin
Title: Torry Chrome

URL: -https://play.google.com/store/apps/details?id=com.torry
Title: Tor Search App

So this tor-driven platform shares data with Google; that is not in line with what tor promises to do.

Implications:

Data Sharing with Google: The fact that these links lead to Google services may raise concerns among users who value privacy, particularly those who are familiar with the principles behind Tor and its emphasis on anonymity and decentralization.

User Perception: Users who seek out privacy-focused services may find the association with Google problematic,
as Google is known for collecting and analyzing user data, which could contradict the ideals of privacy
many expect from Tor-related platforms.
2021-06-21 03:01:07
-www.torry.io - Torry 2021-06-21 - 2024-03-29
├── about 2021-10-09 - 2024-03-29
├── aboutus - Torry-About 2021-09-02
├── cdn-cgi/l/email-protection - Email Protection | Cloudflare 2021-07-01 - 2024-03-29
├── learn
│ ├── I2P 2023-09-30 - 2024-03-29
│ ├── all - Directory Search 2023-06-20 - 2024-03-29
│ ├── dread - Dread forum on Tor 2023-06-20 - 2024-03-29
│ ├── findtor 2023-09-30 - 2024-03-29
│ ├── freshonions 2023-09-30 - 2024-03-29
│ ├── hiddenwiki 2023-09-30 - 2024-03-29
│ ├── onionland 2023-09-30 - 2024-03-29
│ ├── riseup 2023-09-30 - 2024-03-29
│ ├── tor66 2023-09-30 - 2024-03-29
│ ├── torbox 2023-09-30 - 2024-03-29
│ ├── tordex - TorDex Search 2023-06-20 - 2024-03-29
│ └── tormetrics 2023-09-30 - 2024-03-29
├── privacy - Torry - Privacy & Policies 2021-09-02 - 2024-03-29
└── works - Torry-Work 2021-07-01 - 2024-03-29 mx records makes this clear
-aspmx.l.google.com,torchcapital.vc
-aspmx.l.google.com,torchcaststudio.com
-aspmx.l.google.com,torchcellars.com
-aspmx.l.google.com,torchchariot.com
-aspmx.l.google.com,torchchurch.com
-aspmx.l.google.com,torch.cl
-aspmx.l.google.com,torchclean.com
-aspmx.l.google.com,torchcleveland.com
mx records 361M.rar/fdns_mx_2.txt [Part 70 of 513]
PREVIEW
2021-04-14 05:32:39
Full Data
-.googlemail.com,tonymelendezministries.com
-aspmx2.googlemail.com,tonymellios.com
-aspmx2.googlemail.com,tonymelo.com
-aspmx2.googlemail.com,tonymelvin.com
-aspmx2.googlemail.com,tonymelvin.com.au
-aspmx2.googlemail.com,tonymeng.com
-aspmx2.googlemail.com,tonymerenda.com
-aspmx2.googlemail.com,tonymesarealestateschool.com

Platform Validity: It raises questions about the platform’s authenticity
and whether it fully adheres to the values associated with the Tor network,
which is meant to provide privacy and security by obfuscating users’ identities.

Re: https://www.virustotal.com/gui/url/aafb2eb03d81a0d679dc0333aa0659bb957dd21c2804533c252feafe64439515?nocache=1

polonus

Did not alter the final results or the concerns for tor users; see: https://www.virustotal.com/gui/url/aafb2eb03d81a0d679dc0333aa0659bb957dd21c2804533c252feafe64439515?nocache=1

My point here is that end-users think their PII is quarantined while using -torry.io, and actually this is not the case.

If anyone is relying on websites or services that claim to enhance privacy while using Tor, they should conduct thorough research and consider potential risks. Always look for verified reviews or security assessments to gauge the trustworthiness of such services.

That is why seclookup flagged it. this is kind of Clown-Tor :smiley:

polonus

And the first VT link you posted is 4 years old ::slight_smile: