www.researchnet-recherchenet.ca
Open in
urlscan Pro
192.18.156.14
Malicious Activity!
Public Scan
Effective URL: https://www.researchnet-recherchenet.ca/rnr16/LoginServlet
Submission: On May 07 via api from US — Scanned from CA
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on March 20th 2024. Valid for: a year.
This is the only time www.researchnet-recherchenet.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Canadian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 142.202.38.30 142.202.38.30 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 192.18.156.14 192.18.156.14 | 31898 (ORACLE-BM...) (ORACLE-BMC-31898) | |
1 | 172.253.62.95 172.253.62.95 | 15169 (GOOGLE) (GOOGLE) | |
17 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
researchnet-recherchenet.ca
www.researchnet-recherchenet.ca |
428 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380 |
73 KB |
1 |
researchnet.ca
1 redirects
researchnet.ca |
128 B |
17 | 3 |
Domain | Requested by | |
---|---|---|
16 | www.researchnet-recherchenet.ca |
www.researchnet-recherchenet.ca
ajax.googleapis.com |
1 | ajax.googleapis.com |
www.researchnet-recherchenet.ca
|
1 | researchnet.ca | 1 redirects |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
researchnet-recherchenet.ca Entrust Certification Authority - L1K |
2024-03-20 - 2025-04-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.researchnet-recherchenet.ca/rnr16/LoginServlet
Frame ID: 698A8B8225E302DAD1BB243867A4C871
Requests: 15 HTTP requests in this frame
Frame:
https://www.researchnet-recherchenet.ca/rn/wet-boew/assets/sig-alt-en.svg
Frame ID: 45BCE8815970C953C3DE20CEF3BBA43B
Requests: 1 HTTP requests in this frame
Frame:
https://www.researchnet-recherchenet.ca/rn/wet-boew/assets/wmms-alt.svg
Frame ID: 258B4967B02343461B4C57CC2F6C5C7B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ResearchNet / RechercheNetPage URL History Show full URLs
-
http://researchnet.ca/
HTTP 307
https://researchnet.ca/ HTTP 301
https://www.researchnet-recherchenet.ca/ Page URL
- https://www.researchnet-recherchenet.ca/rnr16/LoginServlet Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://researchnet.ca/
HTTP 307
https://researchnet.ca/ HTTP 301
https://www.researchnet-recherchenet.ca/ Page URL
- https://www.researchnet-recherchenet.ca/rnr16/LoginServlet Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://researchnet.ca/ HTTP 307
- https://researchnet.ca/ HTTP 301
- https://www.researchnet-recherchenet.ca/
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.researchnet-recherchenet.ca/ Redirect Chain
|
18 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
LoginServlet
www.researchnet-recherchenet.ca/rnr16/ |
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-sp-pe.min.css
www.researchnet-recherchenet.ca/rn/wet-boew/css/ |
184 KB 184 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
researchnet.css
www.researchnet-recherchenet.ca/rn/styles/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splash.css
www.researchnet-recherchenet.ca/rn/styles/ |
1015 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ |
242 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wet-boew.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/ |
127 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/ |
344 B 599 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
203456.jpg
www.researchnet-recherchenet.ca/rn/img/splash/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-pe-leaf.png
www.researchnet-recherchenet.ca/rn/img/splash/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sig-alt-en.svg
www.researchnet-recherchenet.ca/rn/wet-boew/assets/ Frame 45BC |
10 KB 11 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wmms-alt.svg
www.researchnet-recherchenet.ca/rn/wet-boew/assets/ Frame 258B |
5 KB 5 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/i18n/ |
5 KB 5 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revokeToken
www.researchnet-recherchenet.ca/rnetsso/ |
0 403 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/i18n/ |
5 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.researchnet-recherchenet.ca/rn/images/ |
894 B 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.researchnet-recherchenet.ca/rn/images/ |
894 B 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Canadian Government (Government)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery object| Modernizr function| yepnope object| wb function| onYouTubeIframeAPIReady object| youTube object| wb-data-ajax2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.researchnet-recherchenet.ca/ | Name: cookies Value: true |
|
www.researchnet-recherchenet.ca/ | Name: JSESSIONID Value: MjlVCULjUDTEpTE4Ed3ZmKM9g0o6ETgL-R0OacLquepRbSNKj2L3!719209219 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1;mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
researchnet.ca
www.researchnet-recherchenet.ca
142.202.38.30
172.253.62.95
192.18.156.14
184f4ed2946781219084825c3ff68f71ea932d3a7179993c52fc2e4e32a059a3
19f935f391981714c0ee057321c17320f249328eefdf91e60fcc7a11a74f3ec8
1b791f2de276484602f27589c8918f49d222e48a1afb1b3b7a2849a8d6cfb726
229fd5ea000a1bacfa81d307d14274ed8974813ddcefdebbada98e1c474f584a
321cc4473d6b980173665fbf5672b2e8b5fbbd5b5c784be3fd03aff27097f05a
47cece5832addad4442544e6cd437a9907f757713c8aeabf9aed72a1f03c31c8
6b0a4ae8ea048096ba093a26fd9daf63e8f7b342b09d75571521909555d2201e
7842e9820631945f1f94b61456e13469b4072495012b1d65dde040ff1c51e781
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
b493143147246fc0d7a9f377c2526560329e923b8be0bb4c9ac3e408adcfb06f
c4d14d5d2cca04db505d858c7bf36f44cd30acdb95a97498eff1b3396d824de7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66255821b44eadfbf9a12b793a2070b5ada2a9ac19ce06511307ad6d9ce6b16
ee89bb9ff8f6079389bf9a34b31d6bf8517bd36695cf7159d5d89f3efa8ad2ee