urlscan.io logo urlscan.io
SecurityTrails logo

threatpostt.com Open in urlscan Pro
3.140.64.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://threatpostt.com/?rid=a1wUld8
Submission: On December 14 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 3.140.64.217, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is threatpostt.com.
TLS certificate: Issued by R3 on December 8th 2020. Valid for: 3 months.
This is the only time threatpostt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.140.64.217 16509 (AMAZON-02)
12 125.21.181.50 9498 (BBIL-AP B...)
13 3
Apex Domain
Subdomains		 Transfer
12 ltts.com
connect.ltts.com
141 KB
1 threatpostt.com
threatpostt.com
35 KB
13 2
Domain Requested by
12 connect.ltts.com threatpostt.com
1 threatpostt.com
13 2

This site contains links to these domains. Also see Links.

Domain
connect.ltts.com
Subject Issuer Validity Valid
threatpostt.com
R3		 2020-12-08 -
2021-03-08		 3 months crt.sh
*.ltts.com
GeoTrust RSA CA 2018		 2019-02-04 -
2021-02-03		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://threatpostt.com/?rid=a1wUld8
Frame ID: 2B3F0498E25FA8208BD54DAD36398F50
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

176 kB
Transfer

674 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
threatpostt.com/ 		118 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatpostt.com/?rid=a1wUld8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.140.64.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-64-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
981a216bd4135d973816c5ec9e646d062e030dabc1e558f43bd581a68e2db52a

Request headers

:method
GET
:authority
threatpostt.com
:scheme
https
:path
/?rid=a1wUld8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-server
gophish
date
Mon, 14 Dec 2020 14:26:56 GMT
jquery-3.3.1.min.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/jquery-3.3.1.min.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
30309
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1538f-5a699a355f6e3-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Expires
Mon, 14 Dec 2020 14:26:58 GMT
propalms.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		106 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/propalms.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
f231b8111e468305856df77fd3ce9faceca3c8aca2485ee1bec76eb42ef14282
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
22164
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 25 Aug 2020 18:11:45 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1a946-5adb7a2ceab54-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Expires
Mon, 14 Dec 2020 14:26:58 GMT
xml2arrayAjax.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/xml2arrayAjax.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
9b6fc71a007901a7966d152794765a19860610f89d04fe8ef02b83c51d2e3df7
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
3988
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"3ac6-5a699a358fc51-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Expires
Mon, 14 Dec 2020 14:26:58 GMT
jsn.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/jsn.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
f8017c62763e2d595e78464310ada864044a45531afce549dda56b93a6cf6d98
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
1328
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"d19-5a699a35af81f-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Expires
Mon, 14 Dec 2020 14:26:58 GMT
l10n.min.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/l10n.min.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
65f602c2a26c0ca2e9903bbd36617552fc6ede9803b379096204049cd514d412
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
1115
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"861-5a699a35c674e-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Expires
Mon, 14 Dec 2020 14:26:58 GMT
localizations.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		132 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/localizations.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
4052b21fd5256027ea2fed0f913622e36211df4feafc7588a10cf5c0cf2a811f
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
25261
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 25 Aug 2020 18:11:45 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"20e1c-5adb7a2cebaf4-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Expires
Mon, 14 Dec 2020 14:26:58 GMT
zlib.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/zlib.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
a295e092f504b399e0fd8858b106e2de37c1a39451e7cd448b797a2cdf2e77ed
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
9991
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"5fee-5a699a35b0ba7-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Expires
Mon, 14 Dec 2020 14:26:58 GMT
loginPage.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/loginPage.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
4ca498b9ca484f5ff4cf3637b642c4244689034c497ae566cafd203be2350ceb
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
4253
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"43d2-5a699a3588ef1-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Expires
Mon, 14 Dec 2020 14:26:58 GMT
deviceId.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/deviceId.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
c6936bbac5817c14975c55f914e3bd5ece68cbee06e93ebf78ecd11dacd746cc
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
20283
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"14e69-5a699a35c0d76-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Expires
Mon, 14 Dec 2020 14:26:58 GMT
wizard.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/wizard.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
ed7cc159a573fd5618c69aa70dd39e1e28005d10d5891246e3d15e198a1ae81e
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
1171
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:03 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"f93-5a699a353c07d-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Expires
Mon, 14 Dec 2020 14:26:58 GMT
native.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/native.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
9b9f2e0bb3aac15380cb8021ecba9227d6120ae140ec80476d769e85f8334b00
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
6838
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 25 Aug 2020 18:00:56 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"7c8a-5adb77c24553f-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Expires
Mon, 14 Dec 2020 14:26:58 GMT
QRcode.js
connect.ltts.com/fes-bin/public/portal/all/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ltts.com/fes-bin/public/portal/all/js/QRcode.js
Requested by
Host: threatpostt.com
URL: https://threatpostt.com/?rid=a1wUld8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.21.181.50 Bengaluru, India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
cc3bed8d271c54b05b4897e7beca68d4b995dc9f62608429af3069ceebd95bb8
Security Headers
Name Value
Content-Security-Policy default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpostt.com/?rid=a1wUld8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 14:26:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
8229
X-Xss-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 May 2020 04:28:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"8938-5a699a35867e1-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=0
Content-Security-Policy
default-src blob: https: http: wss: accopshysecureclient: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Expires
Mon, 14 Dec 2020 14:26:58 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da1e4a2f69c755c6acd66c6608ef06e103a87bd704c863238baed6789b427156

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4573c6f93c514b5c074924187c800d3d1476cb80d1fa3d980bb85c07e5e2071f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		364 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09f33e54c34ac88db7e5fb05c70bc9818677072497f55627b8f08dfc3eb1331a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d5d7a4729d1d02cd622213e239a553c7326a8d9a82a6c210e1a8291c2bc259b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ed2c4768e49b20e481e56c33307e61b4bb8d1dc698960d57211ced58acda847

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Error object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery number| eps_ver number| eps_lgin_enable object| configObj undefined| appList number| loginType string| zone_name string| username string| keyword string| loginDivContent string| remediationInfo boolean| bLogin undefined| oldUsernameTitle undefined| oldPwdTitle number| Divcount object| varInfo number| count boolean| launcherDownload number| launcherStartcount boolean| appDisplay undefined| otpChannel boolean| isDomainVerified boolean| isEPSenable boolean| isEPSsucess boolean| readDeviceIDDetails boolean| showContinueLogin string| epsData string| DeviceIDDetails boolean| isEPSrequested boolean| isDeviceDetailsRequested boolean| isUpgradeChecked number| modecount string| LocalIPAddress number| sam_auth boolean| isOpera boolean| isFirefox boolean| isIE boolean| isEdge boolean| isChrome boolean| noWebSocket function| isCanvasSupported function| guid object| Base64 function| getDeviceIDDetailsXML function| addoption function| set_default_option function| playDots function| tryAgain function| queryWord function| eps_queryWord function| fetchVerInfoDetails1 function| fetchVerInfoDetails function| setClientType function| updateLSkeyboard function| setLSkeyboard function| setdefaultClientType function| setCertLoginDiv function| setCookie function| getCookie function| hideOTPControls function| SetBrowserModeHyLite function| SetBrowserModeHybride function| IsBrowserModeHyLite function| IsBrowserModeHybrid function| GetConfigStoreObject function| SetConfigStoreObject function| getSelfServicePortalInfoObject function| SetSelfServicePortalInfoObject function| addFortressHeader function| addFortressHeaderAndClose function| makeAjaxRequestByJQuery function| updateStatus function| applySelfServicePortalPolicies function| HandleLoadRealmResponse function| updateSelectedRealm function| setDefaultRealm function| HandleMultipleRealmMsg function| fetchRealmsList function| sendPasswordChnage function| HandlePasswordChangeResponse function| enterKey function| enterKeySSP function| MoveLoginButton function| makeVisibleLogin function| generateOTP function| HandleRealmResponse function| getEPSDetailsXML function| sendEPSDetailsHello function| handleEPSDetailsHelloResponceJQuery function| sendRealmInitInformation function| HandleOTPVal function| sendOTP function| adjustToken function| adjustMobileTokReg function| HandleNextAuthOTPVal function| handleResendOTP function| SendNextAuthOTP function| SendNextAuthResponse function| addOption function| getEncodedPassword function| check_half_full_widthchar function| sendLoginHello function| continueLogin function| HandlegetEpsResData function| getEpsResData function| HandlegetDeviceIdData function| getDeviceIdData function| showApps function| downloadLauncher function| hasSuccess function| isClientUpdated function| processResponse function| HandleClientStatusResponse function| checkClientStatus function| HandlesetPortalStatusResponse function| setPortalStatus function| launchClient function| parseHTML5Apps function| handleLoginHelloResponceJQuery function| parseLoginResponseErrorCodes number| progressInterval undefined| progressTimer function| progress_update function| progress_stop string| HintClass string| HintActiveClass function| initHintTextboxes function| onHintTextboxFocus function| onHintTextboxBlur object| xml_templates object| ClientStatus function| localize function| postData boolean| xmlHttp function| sendRequest function| sendSyncRequest function| sendSyncRequestText function| callbackFunction function| defaultCallbackFunction function| updateDivContent function| askUserConfirmationForUpgrade function| resetProgressBar function| showProgress function| showProgress1 object| not_whitespace undefined| parent_count function| xml2array function| getCorrectedXMLDocument function| dump string| keyStr function| encode64 function| decode64 object| Zlib function| pausecomp undefined| oldUserNameTitle string| cernroled function| authMethodChanged function| ShowEpsRemediation function| RemeadyContinue function| RemeadyCancel function| OnLoginReady function| HandleDeviceRegistrationRequest function| HandleCertificateRequest function| MakeCenter function| hideAllPopupDivs object| Fingerprint function| getosName function| detectBrowser object| LCIDUtils string| WINDOW_ID string| WINDOW_TITLE_ID string| WINDOW_BODY_ID string| BACKGROUND_PANE object| WizardWindow string| target undefined| ie_nativehost boolean| ShowIEHostPage boolean| pluginloaded object| VirtualChannels object| service_ object| clientType object| send_init_channel object| send_deviceInfoMsg object| send_EPSMsg function| openWebstore function| isHostUpdated function| DownloadNativeHost function| showExtDownload function| hideExtDownload function| showNativeHostDownload function| hideNativeHostDownload function| loadPlugins function| handleVirtualChannelSendData function| handleCreateVirtualChannel function| handleEPSData function| handleDeviceInfoData function| ReciveDatafromNativeExe function| SendDataToNativeExe function| handelReadyAck function| LoadNativeExe function| initNativeMessaging function| NativeMessaging function| QRCode object| metas function| gestureStart function| checkforjre function| resize function| hidePopup function| closeBox

0 Cookies