rise.as.tufts.edu
Open in
urlscan Pro
172.81.118.16
Malicious Activity!
Public Scan
URL:
https://rise.as.tufts.edu/wse%20ew3/w-email-spectrum_cont.update.w-email-spectrum_cont.update-w-email-spectrum_cont.update...
Submission: On September 13 via manual from US — Scanned from DE
Submission: On September 13 via manual from US — Scanned from DE
Summary
This website contacted 8 IPs
in 2 countries
across 7 domains to perform 44 HTTP transactions.
The main IP is 172.81.118.16, located in
United States and
belongs to IMH-IAD, US.
The main domain is rise.as.tufts.edu.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2022. Valid for: a year.
This is the only time rise.as.tufts.edu was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2022. Valid for: a year.
This is the only time rise.as.tufts.edu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spectrum (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 172.81.118.16 172.81.118.16 | 54641 (IMH-IAD) (IMH-IAD) | |
| 11 | 18.209.140.82 18.209.140.82 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:803::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 16 | 185.32.241.65 185.32.241.65 | 30286 (THM) (THM) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 4 | 91.235.132.130 91.235.132.130 | 30286 (THM) (THM) | |
| 1 | 91.235.134.131 91.235.134.131 | 30286 (THM) (THM) | |
| 44 | 8 |
1
172.81.118.16
(United States)
ASN54641 (IMH-IAD, US)
PTR: vps65799.inmotionhosting.com
ASN54641 (IMH-IAD, US)
PTR: vps65799.inmotionhosting.com
| rise.as.tufts.edu |
11
18.209.140.82
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-140-82.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-140-82.compute-1.amazonaws.com
| webmail.spectrum.net |
1
91.235.134.131
(United States)
ASN30286 (THM, US)
ASN30286 (THM, US)
| 9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzrdf6c33fc2a671f47am1.e.aa.online-metrix.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
spectrum.net
webmail.spectrum.net — Cisco Umbrella Rank: 115092 www.spectrum.net Failed pov.spectrum.net — Cisco Umbrella Rank: 103822 |
665 KB |
| 5 |
online-metrix.net
1 redirects
h.online-metrix.net — Cisco Umbrella Rank: 4714 9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzrdf6c33fc2a671f47am1.e.aa.online-metrix.net |
17 KB |
| 3 |
gstatic.com
www.gstatic.com |
334 KB |
| 2 |
google.com
www.google.com — Cisco Umbrella Rank: 19 |
2 KB |
| 1 |
tufts.edu
rise.as.tufts.edu |
10 KB |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 0 |
cloudfront.net
Failed
d1ff979u6gd5fc.cloudfront.net Failed |
|
| 44 | 7 |
| Domain | Requested by | |
|---|---|---|
| 16 | pov.spectrum.net |
webmail.spectrum.net
pov.spectrum.net |
| 11 | webmail.spectrum.net |
rise.as.tufts.edu
|
| 4 | h.online-metrix.net |
1 redirects
pov.spectrum.net
|
| 3 | www.gstatic.com |
www.google.com
|
| 2 | www.google.com |
rise.as.tufts.edu
www.gstatic.com |
| 1 | 9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzrdf6c33fc2a671f47am1.e.aa.online-metrix.net | |
| 1 | rise.as.tufts.edu | |
| 0 | ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed |
pov.spectrum.net
|
| 0 | www.spectrum.net Failed |
webmail.spectrum.net
|
| 0 | d1ff979u6gd5fc.cloudfront.net Failed |
webmail.spectrum.net
|
| 44 | 10 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.spectrum.net |
| watch.spectrum.net |
| urt.rr.com |
| pt.rr.com |
| www.spectrumreach.com |
| www.spectrum.com |
| spectrum.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| rise.as.tufts.edu Sectigo RSA Domain Validation Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
| *.spectrum.net Amazon |
2022-05-08 - 2023-06-06 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
| pov.spectrum.net DigiCert SHA2 Secure Server CA |
2021-10-04 - 2022-11-04 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
| h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2021-12-28 - 2023-01-23 |
a year | crt.sh |
| *.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2022-06-08 - 2023-07-10 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://rise.as.tufts.edu/wse%20ew3/w-email-spectrum_cont.update.w-email-spectrum_cont.update-w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_web/qwedfrtyrtyur3f3e34fyrtuwebmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webwebmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webwebmail_65gu7ugfy5t4.4f5gfy6t4/1qw.4ffy5t4r-d5=4fy56-g7fy654_34df=g6y5ft4.4u-65=3d45-6ug7f6y5_34f7guy65=56f4d.45y5g-6=4-586gu7y5_45g7=h67ugy5.5fy67-y5=4f65-86gu7y5t_35fy65g=76h6h7ugy_65gu7hhi=gu76y5.45fgu67y55=4-58gu67fy5t_45yfg=6ug7y5.23sd3f4y7g.html
Frame ID: 5B9178CCD2E39F8E4E8906FD207C8A31
Requests: 21 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfRsggUAAAAABJBT04IBvG0gWCNSB_FuhkC4PAx&co=aHR0cHM6Ly9yaXNlLmFzLnR1ZnRzLmVkdTo0NDM.&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=normal&cb=a57x4y4kaf8o
Frame ID: 14542F888D7B6F777D20240F0A46872B
Requests: 3 HTTP requests in this frame
Frame:
https://pov.spectrum.net/eJclcDN-ZByZHUSI?8af3343255b9c614=URxqUHoEtX_U-Lh44saL0RmTW-HILibCCuXOu3EhK5_05PLPQ78374DeAtXTjDOcMmfQxIAbVU3IhGg7J3vzQlSVCnQNDWM3VNl_xPY8XMzvf6g1f-dckSjBeYfYVSLLfQndDNUGKhs0aoevqbzsMotFwBcDvNNKdu4cOwN_LMMq02EE04qmwvx_7F9pnjw0C-siaxcQdbxpLeVS&jb=373b242468716d77355f616e66677773266a7b6f35576b66646d7f732532383138266a7360773f416a706d6f6d2e627360354368726f65652d3232393037
Frame ID: 330E462CA713CAB8FCC5A79BD65FC156
Requests: 12 HTTP requests in this frame
Frame:
https://pov.spectrum.net/AS0cs_F5bFzPMaZR?a6c702bb8c642272=BLshzQbiYD7yHLsbB706L0O_gjCPROaxQi8RGhY9ssrdmWzVGtjqJa0gfjAWxFSFBq0wri7jVKSVvkmg3p4gk9KLc04ywPDa_UBfxvJ_OxnMe9Dq7YX9F3F5WOtr0cHp-EzJ9Z8FBXUOA5RPMJN46Kyg4A0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 0FD77254CF9831196111509CDAB5BBF2
Requests: 3 HTTP requests in this frame
Frame:
https://pov.spectrum.net/NiT81HWN8XnefLB2?1ba029ffc49da855=C1ym8u9YbmJl0oU0qlfeaOxVy7ar3osMJPhAq9fSWRQ5YY74Un6oEiJT8XE0ApADgn0ifQx1FKUIl85LzJR0_Z-Eg8RyvWtanaPq40wwH9V--fv040ljWjKj3uU_2931_Xm7MkvfJ4uApV3moh0ypufuMLrlBtcmEici3cs7nvjPsHLLLu338karOxSnw1iupZUGElYFBrstewHXcSs
Frame ID: 72E6EE4511B4CED79B49E5306039F7C9
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/u6yTOMBjfTHtzNSy?bd955711d0be4c1e=sB7RYwOf8SdwGTvk8NX57oueygYnZrLrwRHOQ0WdnIWAflZBEdfN5PAVvO1DzrjLL9XAmdgHfgtHbHsv483wjEylgNVWiBu21k271QFnNfHEhIzpZmRIBU1ZCnDr55OKVjkIIZGMFIuz8xfQ8SQxP504wrSKjQvOxY8OfLIW0Ztssav_fF3Oc0EumIbsFVagPzQIJ4JcYC7Gz8MGQyjx
Frame ID: 1342F180380465F1D4A710E8E4B3E28E
Requests: 2 HTTP requests in this frame
Frame:
https://pov.spectrum.net/-V2LO9x69pbecEct?e212aeae5dba2794=bllClNbS9fxyFpwxHj8YcDC0KYxkq-_M8DoyDw68KdxN6e_a6MAFbretyjFtGuNRkA_eX0-P6wLnVVowwnzlO86LvP1Oub17P_yuvkKR3-VNVSzK9Eb_rHmjcoEu6Lo_RJE6q_I-_nQvG4rm7jNkM03QKkuNDTPquHjj-QTz5UO5AEX8CibeRX6wKcuekyQQczFEjuPa8k6l0pi9Thuk
Frame ID: E0175194F2454EB764E26172F859670C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Log In - WebmailDetected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <div[^>]+class="g-recaptcha"
- /recaptcha/api\.js
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
URL: https://www.spectrum.net/login/
Title: Manage Account
Title: Manage Account
Search URL Search Domain Scan URL
URL: https://www.spectrum.net/support/
Title: Get Support
Title: Get Support
Search URL Search Domain Scan URL
URL: https://watch.spectrum.net/
Title: Watch TV
Title: Watch TV
Search URL Search Domain Scan URL
URL: https://www.spectrum.net/hoh
Title: Create an Email Address
Title: Create an Email Address
Search URL Search Domain Scan URL
URL: https://urt.rr.com/
Title: Forgot Email Address?
Title: Forgot Email Address?
Search URL Search Domain Scan URL
URL: https://pt.rr.com/
Title: Forgot Email Password?
Title: Forgot Email Password?
Search URL Search Domain Scan URL
URL: https://www.spectrumreach.com/
Title: Advertise with Us
Title: Advertise with Us
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/policies/your-privacy-rights
Title: Your Privacy Rights
Title: Your Privacy Rights
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/policies/website-privacy-policy.html
Title: Web Privacy Policy
Title: Web Privacy Policy
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/policies/california
Title: California Consumer Privacy Rights
Title: California Consumer Privacy Rights
Search URL Search Domain Scan URL
URL: https://spectrum.com/policies/your-privacy-rights-opt-out
Title: California Consumer Do Not Sell My Personal Information
Title: California Consumer Do Not Sell My Personal Information
Search URL Search Domain Scan URL
URL: https://www.spectrum.com/policies/terms-of-service.html
Title: Spectrum Subscriber Policies
Title: Spectrum Subscriber Policies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://h.online-metrix.net/CJSKfJC3qlSqmjLg?59733304330aa496=z8j1Oyp0mnk5efLwE2MKGzHMeC69UllMc6VB0Gb-BFQFFtypfmiyMiB5573AT6Ar9_4Je3qXqCIjDjZXfRhaq8OR_xbd60o_oGcuXdNlLfd89Nw4nb_qQMj3dScSLIRUsCwdEbmKviiqcMi_1p3DCkoiItl9UQCf7i4vY1FXeO8CR5U HTTP 302
- https://h.online-metrix.net/CJSKfJC3qlSqmjLg?2747c2a0a91e42d2=z8j1Oyp0mnk5efLwE2MKGzHMeC69UllMc6VB0Gb-BFQFFtypfmiyMiB5573AT6Ar9_4Je3qXqCIjDjZXfRhaq8OR_xbd60o_oGcuXdNlLfd89Nw4nb_qQMj3dScSLIRUsCwdEXbH09xiTHuiLDqhfgHLcXs&k=2
44 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
1qw.4ffy5t4r-d5=4fy56-g7fy654_34df=g6y5ft4.4u-65=3d45-6ug7f6y5_34f7guy65=56f4d.45y5g-6=4-586gu7y5_45g7=h67ugy5.5fy67-y5=4f65-86gu7y5t_35fy65g=76h6h7ugy_65gu7hhi=gu76y5.45fgu67y55=4-58gu67fy5t_45yfg...
rise.as.tufts.edu/wse%20ew3/w-email-spectrum_cont.update.w-email-spectrum_cont.update-w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.sp... |
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.9.1.min.js
webmail.spectrum.net/application/modules/mail/views/scripts/mail/js/ |
90 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
webmail.spectrum.net/application/modules/mail/views/scripts/mail/js/ |
248 KB 249 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.js
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spectrumloginheader.js
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rutledge.css
webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sb-icons.css
webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.css
webmail.spectrum.net/application/modules/mail/views/scripts/auth/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spectrum.css
webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/ |
127 KB 128 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
obfuscate.js
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
threatmatrix.js
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ |
662 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spectrum-logo.svg
webmail.spectrum.net/application/modules/mail/views/scripts/mail/images/logos/ |
10 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 965 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
rutledge-medium.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sb-icons.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/sb-icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
rutledge-regular.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
rutledge-light.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
register-hoh
www.spectrum.net/api/pub/hoh/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
n5i5upxby1zzv68p.js
pov.spectrum.net/ |
92 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ |
390 KB 156 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sb-icons.ttf
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/sb-icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 1454 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 1454 |
52 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 1454 |
390 KB 155 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
eJclcDN-ZByZHUSI
pov.spectrum.net/ Frame 330E |
427 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Kkq9Ug2nhmw_VVnJ
pov.spectrum.net/ Frame 330E |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NUVHHCLrZ5D-OrP9
pov.spectrum.net/ Frame 330E |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AS0cs_F5bFzPMaZR
pov.spectrum.net/ Frame 0FD7 |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
pov.spectrum.net/fp/ Frame 330E |
81 B 533 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CJSKfJC3qlSqmjLg
h.online-metrix.net/ Frame 330E Redirect Chain
|
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NiT81HWN8XnefLB2
pov.spectrum.net/ Frame 72E6 |
89 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AaIgrD2mGreMulfr
pov.spectrum.net/ Frame 330E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
u6yTOMBjfTHtzNSy
h.online-metrix.net/ Frame 1342 |
102 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AaIgrD2mGreMulfr
pov.spectrum.net/ Frame 330E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 330E |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
-V2LO9x69pbecEct
pov.spectrum.net/ Frame E017 |
89 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AaIgrD2mGreMulfr
pov.spectrum.net/ Frame 330E |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9lAGWyKHunjT7XAA
9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzrdf6c33fc2a671f47am1.e.aa.online-metrix.net/ Frame 330E |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HJami7SI6HcCgrdH
pov.spectrum.net/ Frame 0FD7 |
208 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mlhVFhZQpx56_Es1
pov.spectrum.net/ Frame 72E6 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
E6azxiOnl-a3I5oY
pov.spectrum.net/ Frame 330E |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mgSxl1QvvK1lrRyq
h.online-metrix.net/ Frame 1342 |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6tBvFrnnSjNQWn5y
pov.spectrum.net/ Frame 0FD7 |
35 B 557 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AaIgrD2mGreMulfr
pov.spectrum.net/ Frame 330E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- d1ff979u6gd5fc.cloudfront.net
- URL
- https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/rutledge-medium.woff
- Domain
- d1ff979u6gd5fc.cloudfront.net
- URL
- https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/sb-icons/sb-icons.woff
- Domain
- d1ff979u6gd5fc.cloudfront.net
- URL
- https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/regular/rutledge-regular.woff
- Domain
- d1ff979u6gd5fc.cloudfront.net
- URL
- https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/rutledge-light.woff
- Domain
- www.spectrum.net
- URL
- https://www.spectrum.net/api/pub/hoh/v1/register-hoh
- Domain
- d1ff979u6gd5fc.cloudfront.net
- URL
- https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/sb-icons/sb-icons.ttf
- Domain
- ghbmnnjooekpmoecnnnilnnbdlolhkhi
- URL
- chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spectrum (Telecommunication)66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| features string| hohapi function| $ function| jQuery function| LoginForm function| Hoh object| loginForm object| hoh object| _0x3aa2 function| _0x39f5 object| threatmetrix function| generateSessionID function| tmx_profiling_complete function| profile object| $links object| hp_frame object| tmx_frame object| tmx_script object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_18331 object| td_4e function| tmx_post_session_params_fixed boolean| tmx_profiling_started function| tmx_run_page_fingerprinting function| td_C function| td_a function| td_x function| td_P function| td_1Z function| td_1B function| td_S function| td_h function| td_b function| td_T function| td_1v function| td_2G function| td_3a function| td_4n function| td_J function| td_H function| td_5d function| td_m function| td_2T number| td_V number| td_w number| td_R number| td_d number| td_j object| td_2B3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| webmail.spectrum.net/ | Name: AWSALBCORS Value: 0xZPxi5QqR6os2PT4aRJ8sSRUn0+HbSBpEzaU9mRtwIokSgGhDKCV7a8Nnu0MhsViVDSQUhzAUe+3SRPCtHjr/Jy0n10KLGFN9zQDIdl2//7GnCXhk4896QDdKk6 |
|
| pov.spectrum.net/ | Name: thx_guid Value: c444eb9a38e144218ccef105ddb9fc5f |
|
| h.online-metrix.net/ | Name: thx_global_guid Value: 23a30e9b497e4f7f8b8dc58b039f86b5 |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzrdf6c33fc2a671f47am1.e.aa.online-metrix.net
d1ff979u6gd5fc.cloudfront.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
pov.spectrum.net
rise.as.tufts.edu
webmail.spectrum.net
www.google.com
www.gstatic.com
www.spectrum.net
d1ff979u6gd5fc.cloudfront.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
www.spectrum.net
172.81.118.16
18.209.140.82
185.32.241.65
2a00:1450:4001:803::2004
2a00:1450:4001:806::2003
91.235.132.130
91.235.134.131
059197cdfcc9b8f79681f308720087c5e803bd1ac207fe501f99ed3fd1778088
0e7844897e2ad91585d7ae76659691df8b8044fd2d92979b007997a13816d0a3
111c7aab98cbbc9b2b6296bd4e111c87fa7248d075b0fc830308faa798fcb878
164661dbf5eaeed1f00e417d220424bf968a7776f831a042a41a4a8b538b8992
19f55d6b63592eb47ee51bed71cf7c4847a9bb752b297769ea611a30dcbe2f63
256e3a938db21a0d8d0d765c970281778a23d74e78b16053dbc5add0ebc6f3fb
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
6606d74edb92d677837db730b3b6d16380003ec99bc551c3000c3362f03f0cdc
72c04351fd3ed71e3b3fe5f37632335085798fa886f1afd30cc5398b6c6cd552
760a15d9494ff6aa1ac847466eabe5e554524851c26233b4cb91765dfa724c32
7f478944f32b75dbc3c0ab89ed277a6d56bc0eca04548ab3f0766ef140d25f9d
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
b08e4bacc8f4da74e4e2c2ceff89f3eb907a9c56b001e9bc98d8b4fe2e85cddb
b5d9d0bcbd16baa63ee4dc99794948f69487ccf6fc4daa23b20827f83f4ef88e
bf046ece6cd8aa438ee051aba6bdc47184446942cb6120175bd93cb2ba746405
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c132b097929344cec0ce758d71a4c62c2745c757dcc365d1319d85e3f882a194
c9d80724c40d41530ff15795bbb00b37c95df31f6874905b389c16b96e0e0e06
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d0ccab8c62e3914173619ccb183a8bbe6df396a5e7bc788c8c28c1f7b2182d66
d20dc883cb2e68c2fc997efa72dc2e35f92eed0052c955b3e7c8251849f0f987
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e697f8727b59a44e9ed502330becc5a138d5a098392929a655ea5a89c6360ed7
e8c3ad7aad581b3e1c18dbd198d9e02700f9032fa585ea5813b8c48a265a80b1
f6117121faa5761b70d37417df7ef8ed2c5bad3ad3e14b264d5c99181eaf94f7
fe69627614ac5d6f584476f34decb8db9ff3084d02861937dd30119cff208f4e