mail.twc.com
Open in
urlscan Pro
107.14.73.68
Malicious Activity!
Public Scan
Submitted URL: https://u10301582.ct.sendgrid.net/wf/click?upn=b7PoeUYyzMrDG5k3RmxIHkTq5BARDGktcACzgv8llMlo9-2B1oCFKZnpz-2FIHBH98X-2FeD2q1nODrk53i...
Effective URL: https://mail.twc.com/do/redirect?url=https%3A%2F%2Fclick.email.office.com%2F%3Fqs%3D0283a323cdf9b845128e753e5e5a770bf...
Submission: On May 06 via manual from US
Effective URL: https://mail.twc.com/do/redirect?url=https%3A%2F%2Fclick.email.office.com%2F%3Fqs%3D0283a323cdf9b845128e753e5e5a770bf...
Submission: On May 06 via manual from US
Summary
This website contacted 4 IPs
in 3 countries
across 5 domains to perform 16 HTTP transactions.
The main IP is 107.14.73.68, located in
United States and
belongs to TWC-7843-BB - Charter Communications Inc, US.
The main domain is mail.twc.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 29th 2018. Valid for: a year.
This is the only time mail.twc.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 29th 2018. Valid for: a year.
This is the only time mail.twc.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spectrum (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 167.89.115.54 167.89.115.54 | 11377 (SENDGRID) (SENDGRID - SendGrid) | |
| 10 | 107.14.73.68 107.14.73.68 | 7843 (TWC-7843-BB) (TWC-7843-BB - Charter Communications Inc) | |
| 1 3 | 104.109.56.111 104.109.56.111 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 4 | 34.249.86.253 34.249.86.253 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 2 | 66.235.149.58 66.235.149.58 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 16 | 4 |
1
167.89.115.54
(Denver, United States)
ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789115x54.outbound-mail.sendgrid.net
ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789115x54.outbound-mail.sendgrid.net
| u10301582.ct.sendgrid.net |
10
107.14.73.68
(United States)
ASN7843 (TWC-7843-BB - Charter Communications Inc, US)
PTR: dnvrco-twc-vip.email.rr.com
ASN7843 (TWC-7843-BB - Charter Communications Inc, US)
PTR: dnvrco-twc-vip.email.rr.com
| mail.twc.com |
3
104.109.56.111
(Amsterdam, Netherlands)
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-56-111.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-56-111.deploy.static.akamaitechnologies.com
| sb.scorecardresearch.com |
4
34.249.86.253
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-86-253.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-86-253.eu-west-1.compute.amazonaws.com
| twc.demdex.net |
2
66.235.149.58
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: twcc.com.ssl.d2.sc.omtrdc.net
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: twcc.com.ssl.d2.sc.omtrdc.net
| tr-ssl.twcc.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
twc.com
mail.twc.com |
220 KB |
| 4 |
demdex.net
1 redirects
twc.demdex.net |
4 KB |
| 3 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com |
2 KB |
| 2 |
twcc.com
1 redirects
tr-ssl.twcc.com |
2 KB |
| 1 |
sendgrid.net
1 redirects
u10301582.ct.sendgrid.net |
461 B |
| 16 | 5 |
| Domain | Requested by | |
|---|---|---|
| 10 | mail.twc.com |
mail.twc.com
|
| 4 | twc.demdex.net |
1 redirects
mail.twc.com
|
| 3 | sb.scorecardresearch.com |
1 redirects
mail.twc.com
|
| 2 | tr-ssl.twcc.com | 1 redirects |
| 1 | u10301582.ct.sendgrid.net | 1 redirects |
| 16 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.spectrum.com |
| business.spectrum.com |
| myservices.timewarnercable.com |
| www.timewarnercable.com |
| tv.twcc.com |
| watch.spectrum.net |
| urt.rr.com |
| pt.rr.com |
| www.twcmedia.com |
| help.twcable.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| mail.twc.com DigiCert SHA2 Secure Server CA |
2018-10-29 - 2019-10-30 |
a year | crt.sh |
| *.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA |
2018-11-28 - 2019-12-26 |
a year | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| tr-ssl.twcc.com DigiCert SHA2 High Assurance Server CA |
2019-02-12 - 2020-05-15 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://mail.twc.com/do/redirect?url=https%3A%2F%2Fclick.email.office.com%2F%3Fqs%3D0283a323cdf9b845128e753e5e5a770bfdf3a92b22547fc70bbe539be122bb2897cf42be14ad873ff23771ca0f1bdbdc680e7fe3169fa2a7333a40a65a5f8175&hmac=4b172b53846c0f47641ab89eb6727e91
Frame ID: 994B2F78220A3CBAA08F4FF69CAF3075
Requests: 15 HTTP requests in this frame
Frame:
https://twc.demdex.net/dest4.html?d_nsid=1
Frame ID: 90AEFFBD1F275207BC766CF840A9AAE8
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://u10301582.ct.sendgrid.net/wf/click?upn=b7PoeUYyzMrDG5k3RmxIHkTq5BARDGktcACzgv8llMlo9-2B1oCFKZnpz-2FIHB...
HTTP 302
https://mail.twc.com/do/redirect?url=https%3A%2F%2Fclick.email.office.com%2F%3Fqs%3D0283a323cdf9b... Page URL
Detected technologies
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^Resin(?:\/(\S*))?/i
Resin
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^Resin(?:\/(\S*))?/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
- env /^s_(?:account|objectID|code|INST)$/i
comScore
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
- script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
- env /^_?COMSCORE$/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
URL: http://www.spectrum.com/
Title: Home
Title: Home
Search URL Search Domain Scan URL
URL: http://business.spectrum.com/
Title: Business
Title: Business
Search URL Search Domain Scan URL
URL: https://myservices.timewarnercable.com/login
Title: My Account
Title: My Account
Search URL Search Domain Scan URL
URL: https://www.timewarnercable.com/en/support/overview.html?cid=aff:twccsupport
Title: Support
Title: Support
Search URL Search Domain Scan URL
URL: http://tv.twcc.com/listings
Title: TV Listings
Title: TV Listings
Search URL Search Domain Scan URL
URL: http://watch.spectrum.net/
Title: Watch TV
Title: Watch TV
Search URL Search Domain Scan URL
URL: https://www.timewarnercable.com/en/support/internet/topics/internet-security.html
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/about.html
Title: About Us
Title: About Us
Search URL Search Domain Scan URL
URL: https://urt.rr.com/
Title: Email Address
Title: Email Address
Search URL Search Domain Scan URL
URL: https://pt.rr.com/
Title: Password?
Title: Password?
Search URL Search Domain Scan URL
URL: http://www.twcmedia.com/default.aspx?cid=aff:twccmediasales
Title: Advertise with Us
Title: Advertise with Us
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/policies/your-privacy-rights.html
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/policies/website-privacy-policy.html
Title: Web Privacy Policy
Title: Web Privacy Policy
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/policies/ca-privacy-rights.html
Title: Your California Privacy Rights
Title: Your California Privacy Rights
Search URL Search Domain Scan URL
URL: http://help.twcable.com/policies.html?cid=aff:twccwmsubscriberpolicies3
Title: TWC Subscriber Policies
Title: TWC Subscriber Policies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u10301582.ct.sendgrid.net/wf/click?upn=b7PoeUYyzMrDG5k3RmxIHkTq5BARDGktcACzgv8llMlo9-2B1oCFKZnpz-2FIHBH98X-2FeD2q1nODrk53iG4B4VDl1QX8H4q1PTAJVCbiphGWzWtdnAg5uj9CrW3pxsNGMAb1-2BhyCn-2FuyVZquNDd8M120x7l-2B1EDQw3S0xwF1Bqjl5hOud4kiH1xNBEPIi-2B7Azuv2SdCylCpGnwzkcmy5KCERFxl4GzlBTLNsnsg-2F75gJ6BoySDFxHdzUTIMS2BLFhLXuAHNpyvRzEp4cR-2FmsWMbR7jz7Y9Yi8KsCyyYkg0KpPM4pD4RJvadKvgJ2VdpkbmPZubguy0c8Sp6DBtjFltwb6XUWyvYB6umfine-2F5MnV6Eo-3D_sBqOKuhHiONjpgYqme699TgblIIwsOVjK-2F1vGte23bEZzi9MgDhIFxRwpyUJQDQSCARr9EmVI6gzk3-2B-2FuXJcICpWXzp0J9f-2B-2B6daH-2FJXsE0IxZNCDWv6SvNnCrTk5S07admBiDNI4iJKuvXaZWGO2yDpq8Vp8XFNAIHMOLsO6cY6Z8R6XS0f1vGjVAIMlr-2FTeKHBhBysP0PDJFiOY5zmbRNMbypCSfzQHT0JRRXUPNw-3D
HTTP 302
https://mail.twc.com/do/redirect?url=https%3A%2F%2Fclick.email.office.com%2F%3Fqs%3D0283a323cdf9b845128e753e5e5a770bfdf3a92b22547fc70bbe539be122bb2897cf42be14ad873ff23771ca0f1bdbdc680e7fe3169fa2a7333a40a65a5f8175&hmac=4b172b53846c0f47641ab89eb6727e91 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://sb.scorecardresearch.com/b?c1=2&c2=6036183&ns__t=1557170091396&ns_c=UTF-8&cv=3.1&c8=Log%20In&c7=https%3A%2F%2Fmail.twc.com%2Fdo%2Fredirect%3Furl%3Dhttps%253A%252F%252Fclick.email.office.com%252F%253Fqs%253D0283a323cdf9b845128e753e5e5a770bfdf3a92b22547fc70bbe539be122bb2897cf42be14ad873ff23771ca0f1bdbdc680e7fe3169fa2a7333a40a65a5f8175%26hmac%3D4b172b53846c0f47641ab89eb6727e91&c9= HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=6036183&ns__t=1557170091396&ns_c=UTF-8&cv=3.1&c8=Log%20In&c7=https%3A%2F%2Fmail.twc.com%2Fdo%2Fredirect%3Furl%3Dhttps%253A%252F%252Fclick.email.office.com%252F%253Fqs%253D0283a323cdf9b845128e753e5e5a770bfdf3a92b22547fc70bbe539be122bb2897cf42be14ad873ff23771ca0f1bdbdc680e7fe3169fa2a7333a40a65a5f8175%26hmac%3D4b172b53846c0f47641ab89eb6727e91&c9=
- https://twc.demdex.net/event?d_nsid=1&d_ld=_ts%3D1557170091517&d_rtbd=json&d_jsonv=1&d_dst=1&d_cts=1&d_cb=demdexRequestCallback_twc_1_1557170091517 HTTP 302
- https://twc.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1557170091517&d_rtbd=json&d_jsonv=1&d_dst=1&d_cts=1&d_cb=demdexRequestCallback_twc_1_1557170091517
- https://tr-ssl.twcc.com/b/ss/rrglobal/1/H.26.2/s29693732930734?AQB=1&ndh=1&t=6%2F4%2F2019%2019%3A14%3A51%201%200&fid=18FAD7DB262217D7-2224A90A5C13CCE0&ce=UTF-8&ns=roadrunner&pageName=webmail%3Elogin%3Emain&g=https%3A%2F%2Fmail.twc.com%2Fdo%2Fredirect&cc=USD&ch=webmail&events=event13&c1=twc.com&c9=login&v13=D%3DpageName&c27=first%20visit&v27=D%3Dc27&c28=new&v28=D%3Dc28&c30=1%3A1%3A1%3A1&v30=D%3Dc30&c51=webmail&v51=D%3Dc51&c56=webmail%3Awebmail&v56=D%3Dc56&c69=2%3A14%20pm%7Cmonday&v71=D%3Dc71&c72=twcc&v72=D%3Dc72&c73=https%3A%2F%2Fmail.twc.com%2Fdo%2Fredirect&v73=D%3Dc73&c74=3.8%7Ch.27.2%7C20150120&v74=D%3Dc69&v75=D%3Dc75&h1=webmail%7Clogin%7Cmain&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://tr-ssl.twcc.com/b/ss/rrglobal/1/H.26.2/s29693732930734?AQB=1&pccr=true&vidn=2E6843D6053108F1-4000010B40003ABE&&ndh=1&t=6%2F4%2F2019%2019%3A14%3A51%201%200&fid=18FAD7DB262217D7-2224A90A5C13CCE0&ce=UTF-8&ns=roadrunner&pageName=webmail%3Elogin%3Emain&g=https%3A%2F%2Fmail.twc.com%2Fdo%2Fredirect&cc=USD&ch=webmail&events=event13&c1=twc.com&c9=login&v13=D%3DpageName&c27=first%20visit&v27=D%3Dc27&c28=new&v28=D%3Dc28&c30=1%3A1%3A1%3A1&v30=D%3Dc30&c51=webmail&v51=D%3Dc51&c56=webmail%3Awebmail&v56=D%3Dc56&c69=2%3A14%20pm%7Cmonday&v71=D%3Dc71&c72=twcc&v72=D%3Dc72&c73=https%3A%2F%2Fmail.twc.com%2Fdo%2Fredirect&v73=D%3Dc73&c74=3.8%7Ch.27.2%7C20150120&v74=D%3Dc69&v75=D%3Dc75&h1=webmail%7Clogin%7Cmain&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
redirect
mail.twc.com/do/ Redirect Chain
|
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common_js.jsp;jsessionid=aaa1E8GBio0WT_-aFKoQw
mail.twc.com/includes/ |
17 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
reset-min.447a.css;jsessionid=aaa1E8GBio0WT_-aFKoQw
mail.twc.com/includes/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
webmail.447a.css;jsessionid=aaa1E8GBio0WT_-aFKoQw
mail.twc.com/includes/ |
59 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s_code.447a.js
mail.twc.com/includes/scripts/ |
102 KB 102 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
javascript_js.jsp;jsessionid=aaa1E8GBio0WT_-aFKoQw
mail.twc.com/login/ |
6 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spectrum-logo-154x40.png;jsessionid=aaa1E8GBio0WT_-aFKoQw
mail.twc.com/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
beacon.js
sb.scorecardresearch.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adlogin_bg.jpg
mail.twc.com/images/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loginHeader_bg.png
mail.twc.com/images/ |
1004 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
in_page_btn_blue.png
mail.twc.com/images/webmail_images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest4.html
twc.demdex.net/ Frame 90AE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
firstevent
twc.demdex.net/ Redirect Chain
|
774 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s29693732930734
tr-ssl.twcc.com/b/ss/rrglobal/1/H.26.2/ Redirect Chain
|
43 B 742 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event
twc.demdex.net/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spectrum (Telecommunication)138 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| url function| validateLoginForm function| validateMailSettingsBlockingForm function| validateComposeForm function| validateDestinationForm function| validateMailSettingsListExternalForm function| validateFamilyMboxForm function| validateFilterForm function| validateFilterListForm function| validateAddEditFolderForm function| trim function| validateMailSettingsFilterForm function| validateMailSettingsForwardingForm function| validateMailSettingsJunkMailForm function| validateMailSettingsJunkMailCMForm function| validateMailSettingsJunkMailCTForm function| validateMailSettingsAntivirusCTForm function| validateMailSettingsAntivirusForm function| validateMailSettingsAliasForm function| validateMailSettingsExternalForm function| validateMailSettingsPreferencesForm function| validateMessageSearchForm function| validateMailSettingsSignatureForm function| validateMailSettingsVacationForm function| validateNotificationForm function| validateMailSettingsReturnReceiptForm function| validateGeneralSettingsGreetingsForm function| validateGeneralSettingsPasswordForm function| validateGeneralSettingsPinForm function| validateGeneralSettingsTimeZoneForm function| validateGeneralSettingsUserLocaleForm function| validateMailSettingsSendersControlForm function| validateVoicemailSettingsPreferencesForm function| validateVoicemailSettingsFaxForm function| validateVoicemailSettingsLanguagesForm function| validateVoicemailSettingsPhoneNumberForm function| validateVoicemailSettingsFmfmForm function| validateVoicemailSettingsNewFmfmForm function| hint function| doMoveTop function| confirmDelete function| doDelete function| confirmForwardAsSpam function| doForwardAsSpam function| confirmForwardAsPhishing function| doForwardAsPhishing function| selectAllCheckboxes function| selectAllEnabledCheckboxes function| capitalize function| validateData function| verifyAndSubmit function| isCheckBoxSelected function| validateSendersForm function| validateAddressesContactsForm function| openWin function| navigating function| preserveSelectedAddresses function| doSwitchFolder string| s_account object| s string| sc_version function| s_getObjectID object| scVars object| webEventMap boolean| isDev string| msoCookie function| getURLInfo function| setProcessingRules function| s_doPlugins function| scDataMap function| setWebEvent function| scTrackPage function| resetValues function| scTrackLink function| setChannelManager function| setPercPageViewed function| setLowerCaseVar function| readCookie function| isBlank function| trimLc function| replaceAll function| scLog boolean| runOnce string| s_code string| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in function| DIL number| s_giq string| domain string| temp function| onKeyPressBlockNumbers function| getCheckedValue function| createCookie function| eraseCookie function| checkSavedLogin function| loginCompletion string| _host string| _trackingRegion string| _pageName string| _url string| forwarding string| _bhDomainList string| _twcDomainList string| _variant object| _comscore function| udm_ object| ns_p object| COMSCORE function| demdexRequestCallback_twc_1_1557170091517 string| j string| s_tnt string| f0 number| d object| eo number| y string| S object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt boolean| noneIndex object| s_i_0_roadrunner function| demdexRequestCallback_twc_1_15571700917144 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .twc.com/ | Name: s_fid Value: 18FAD7DB262217D7-2224A90A5C13CCE0 |
|
| mail.twc.com/ | Name: UqZBpD3n Value: v1RJIg4g@@EnV |
|
| .twc.com/ | Name: s_cc Value: true |
|
| mail.twc.com/ | Name: JSESSIONID Value: aaa1E8GBio0WT_-aFKoQw |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mail.twc.com
sb.scorecardresearch.com
tr-ssl.twcc.com
twc.demdex.net
u10301582.ct.sendgrid.net
104.109.56.111
107.14.73.68
167.89.115.54
34.249.86.253
66.235.149.58
0e191c235fdf9ca105b96d92e4d147c169a8cee249efa02eed2563b3b5913120
0e4fcde91a0666b353437673a9d1da26a34ad869ac9038317e842fbc9adf3d49
2fdee7fcce101484e22d5c6f6ad3bcb3932a3551a64c43da390ce80b48b45bc1
37a2f9238d1beea9e3333e3cdb945492ea6375f5eae9fbc322c90c73fa09370d
59cd1543e9e02259174f7b83965ac6424359c077e364564893b231a84f5461d2
61399d329ea62625c3920f074955c16a01ad8b7a233c733e2e4e0200957c8606
6cab2eab86908a3ed920c0b3082e406fbb6cd575d560508ac2019452b23dbffa
7846c7b80959e9a2db4099308825654a98386d26902377ab7800d56a81c09714
7886991c30b9e44858ed79db4373b953c5f6cde45df109cce8e56d1ff003227e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d614582b6f8ec5f0ccee5901761281d00974228057b53d76e6c519029c0d4d0a
d72bd1a3194e3da579029b5e5fb12804340a776c84b8a57e17bb52376b41aeb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8345f5f10f7d32b5acd859e8c7c9aadaffb6d989c479ed1dc67f032b4512dc0