www.researchnet-recherchenet.ca
Open in
urlscan Pro
205.193.198.24
Malicious Activity!
Public Scan
Effective URL: https://www.researchnet-recherchenet.ca/rnr16/LoginServlet
Submission: On June 22 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on May 5th 2023. Valid for: a year.
This is the only time www.researchnet-recherchenet.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Canadian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 205.193.198.24 205.193.198.24 | 2665 (CDAGOVN) (CDAGOVN) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:822::200a | 15169 (GOOGLE) (GOOGLE) | |
15 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
researchnet-recherchenet.ca
www.researchnet-recherchenet.ca |
432 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422 |
73 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
14 | www.researchnet-recherchenet.ca |
www.researchnet-recherchenet.ca
ajax.googleapis.com |
1 | ajax.googleapis.com |
www.researchnet-recherchenet.ca
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
researchnet-recherchenet.ca Entrust Certification Authority - L1K |
2023-05-05 - 2024-06-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.researchnet-recherchenet.ca/rnr16/LoginServlet
Frame ID: 6E8ED492F984EC13D2ED58FEB16BE029
Requests: 13 HTTP requests in this frame
Frame:
https://www.researchnet-recherchenet.ca/rn/wet-boew/assets/wmms-alt.svg
Frame ID: B37DD1754692B21128FAD8547EFA87E0
Requests: 1 HTTP requests in this frame
Frame:
https://www.researchnet-recherchenet.ca/rn/wet-boew/assets/sig-alt-en.svg
Frame ID: 66C99B927FA6EFCCF745DD276707EF75
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ResearchNet / RechercheNetPage URL History Show full URLs
- https://www.researchnet-recherchenet.ca/ Page URL
- https://www.researchnet-recherchenet.ca/rnr16/LoginServlet Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.researchnet-recherchenet.ca/ Page URL
- https://www.researchnet-recherchenet.ca/rnr16/LoginServlet Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.researchnet-recherchenet.ca/ |
18 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
LoginServlet
www.researchnet-recherchenet.ca/rnr16/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-sp-pe.min.css
www.researchnet-recherchenet.ca/rn/wet-boew/css/ |
184 KB 184 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
researchnet.css
www.researchnet-recherchenet.ca/rn/styles/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splash.css
www.researchnet-recherchenet.ca/rn/styles/ |
1015 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ |
242 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wet-boew.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/ |
127 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/ |
344 B 591 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
203456.jpg
www.researchnet-recherchenet.ca/rn/img/splash/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-pe-leaf.png
www.researchnet-recherchenet.ca/rn/img/splash/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wmms-alt.svg
www.researchnet-recherchenet.ca/rn/wet-boew/assets/ Frame B37D |
5 KB 5 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sig-alt-en.svg
www.researchnet-recherchenet.ca/rn/wet-boew/assets/ Frame 66C9 |
10 KB 11 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/i18n/ |
5 KB 5 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revokeToken
www.researchnet-recherchenet.ca/rnetsso/ |
0 396 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.min.js
www.researchnet-recherchenet.ca/rn/wet-boew/js/i18n/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Canadian Government (Government)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| Modernizr function| yepnope object| wb function| onYouTubeIframeAPIReady object| youTube object| wb-data-ajax2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.researchnet-recherchenet.ca/ | Name: cookies Value: true |
|
www.researchnet-recherchenet.ca/ | Name: JSESSIONID Value: 3WjhMVDZ_1WGPQn8J3QZhUQkcqRjnnedy44-BgHO2u04h7HFASIE!-195224306 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1;mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
www.researchnet-recherchenet.ca
205.193.198.24
2607:f8b0:4006:822::200a
184f4ed2946781219084825c3ff68f71ea932d3a7179993c52fc2e4e32a059a3
1b791f2de276484602f27589c8918f49d222e48a1afb1b3b7a2849a8d6cfb726
229fd5ea000a1bacfa81d307d14274ed8974813ddcefdebbada98e1c474f584a
2da85eebc6b74b8b66d9f7823dc7089827f0af3ecbd47f0e3b4b599e8b81075e
47cece5832addad4442544e6cd437a9907f757713c8aeabf9aed72a1f03c31c8
6b0a4ae8ea048096ba093a26fd9daf63e8f7b342b09d75571521909555d2201e
7842e9820631945f1f94b61456e13469b4072495012b1d65dde040ff1c51e781
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
b493143147246fc0d7a9f377c2526560329e923b8be0bb4c9ac3e408adcfb06f
c4d14d5d2cca04db505d858c7bf36f44cd30acdb95a97498eff1b3396d824de7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66255821b44eadfbf9a12b793a2070b5ada2a9ac19ce06511307ad6d9ce6b16
ee89bb9ff8f6079389bf9a34b31d6bf8517bd36695cf7159d5d89f3efa8ad2ee