webmail6-networksolutionsemail.herokuapp.com
Open in
urlscan Pro
35.168.101.154
Malicious Activity!
Public Scan
Submission: On January 13 via manual from US
Summary
This is the only time webmail6-networksolutionsemail.herokuapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Network Solutions (Internet)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 35.168.101.154 35.168.101.154 | 14618 (AMAZON-AES) (AMAZON-AES) | |
14 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-101-154.compute-1.amazonaws.com
webmail6-networksolutionsemail.herokuapp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
herokuapp.com
webmail6-networksolutionsemail.herokuapp.com |
719 KB |
14 | 1 |
Domain | Requested by | |
---|---|---|
14 | webmail6-networksolutionsemail.herokuapp.com |
webmail6-networksolutionsemail.herokuapp.com
|
14 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
knowledge.web.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://webmail6-networksolutionsemail.herokuapp.com/
Frame ID: A94B2B647A2C2574998EEBD4226781CE
Requests: 14 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: Webmail version 7.10.2 - Release notes
Search URL Search Domain Scan URL
Title: Set up your iPhone
Search URL Search Domain Scan URL
Title: Set up your Android
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
webmail6-networksolutionsemail.herokuapp.com/ |
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
webmail6-networksolutionsemail.herokuapp.com/ |
111 KB 112 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
webmail6-networksolutionsemail.herokuapp.com/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.10.3.custom.min.css
webmail6-networksolutionsemail.herokuapp.com/ |
0 248 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.js
webmail6-networksolutionsemail.herokuapp.com/ |
262 KB 262 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.form.js
webmail6-networksolutionsemail.herokuapp.com/ |
41 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
webmail6-networksolutionsemail.herokuapp.com/ |
41 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie.js
webmail6-networksolutionsemail.herokuapp.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
webmail6-networksolutionsemail.herokuapp.com/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-personalized-1.10.3.min.js
webmail6-networksolutionsemail.herokuapp.com/ |
223 KB 223 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.dimensions.js
webmail6-networksolutionsemail.herokuapp.com/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cluetip.min.js
webmail6-networksolutionsemail.herokuapp.com/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oxedhelpers.js
webmail6-networksolutionsemail.herokuapp.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
webmail6-networksolutionsemail.herokuapp.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Network Solutions (Internet)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| getCookie function| setCookie function| deleteCookie function| ffconsole function| getSessionIDFromJSESSIONCookie string| user string| pass string| testdomainName0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
webmail6-networksolutionsemail.herokuapp.com
35.168.101.154
05a37534a04b602eb6b32671d961c47c4776ef83bbffeb7fd572c925ae523e3b
071c69e4b4c2536bf5db0d9dd24c4a6f4bede45e0482daf3709289491dd7c62a
125b9cf633ec84123500c02f34b423e9ae4cedd1d6c1f4e7b48b71f763bda416
38f4cd5c0c12b0655856bb8470b15392154ebad70467d63a577ff730e8f248df
6dba29ea93da0efce61e6ad64480d036486dcdbc80d010f5e990aa0fae93923f
82da845c5b06b05a68ebd415d3bf3fe58fd305718cc5ad0e5bf410384432c2d7
83410671365a6c0d98c90faa19ec201e415b60c9bbf933c609073c6147b21764
8cf25e13dd20bb839e41933db2abe19d4cdb1d2aab6ea41fc79b3da7ee2e60bc
9d13a78016c3c4a42518c53c48932269950756000b58389b31bd105280ed280b
c2f86cbf2fb864454df5404211fe95f118710372ae9aa1bf42dabff1dfb08f12
dc34d24f762b04176d453096e10490110b55182e133e1ef74d7172d707a70309
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8dc2312def2c74f41335f24a84764ef25d18ec562080812d14fedecf38da1ec