matthewxlowe.com
Open in
urlscan Pro
192.30.252.154
Malicious Activity!
Public Scan
Effective URL: http://matthewxlowe.com/
Submission: On February 18 via api from US
Summary
This is the only time matthewxlowe.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.199.108.153 185.199.108.153 | 54113 (FASTLY) (FASTLY) | |
2 | 192.30.252.154 192.30.252.154 | 36459 (GITHUB) (GITHUB) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 185.199.111.133 185.199.111.133 | 54113 (FASTLY) (FASTLY) | |
2 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
1 2 | 141.76.19.21 141.76.19.21 | 680 (DFN Verei...) (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::200e | 15169 (GOOGLE) (GOOGLE) | |
12 | 6 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com
mxlowe.github.io |
ASN36459 (GITHUB, US)
PTR: lb-192-30-252-154-iad.github.com
matthewxlowe.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-133.github.com
raw.githubusercontent.com |
ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
PTR: webspace.tu-dresden.de
www.readex.eu |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
githubusercontent.com
raw.githubusercontent.com |
654 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
readex.eu
1 redirects
www.readex.eu |
4 KB |
2 |
wikimedia.org
upload.wikimedia.org |
38 KB |
2 |
matthewxlowe.com
matthewxlowe.com |
5 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
39 KB |
1 |
github.io
1 redirects
mxlowe.github.io |
177 B |
12 | 7 |
Domain | Requested by | |
---|---|---|
4 | raw.githubusercontent.com |
matthewxlowe.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.readex.eu |
1 redirects
matthewxlowe.com
|
2 | upload.wikimedia.org |
matthewxlowe.com
|
2 | matthewxlowe.com |
matthewxlowe.com
|
1 | www.googletagmanager.com |
matthewxlowe.com
|
1 | mxlowe.github.io | 1 redirects |
12 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
scholar.google.ca |
www.researchgate.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
*.wikipedia.org DigiCert SHA2 High Assurance Server CA |
2020-11-09 - 2021-11-16 |
a year | crt.sh |
webspace.tu-dresden.de TU Dresden CA |
2021-02-15 - 2022-03-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://matthewxlowe.com/
Frame ID: B2CFF8154D7114348BF967214EC96A84
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://mxlowe.github.io/
HTTP 301
http://matthewxlowe.com/ Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
GitHub Pages (CDN) Expand
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mxlowe.github.io/
HTTP 301
http://matthewxlowe.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://www.readex.eu/wp-content/uploads/2017/05/RG_square_green.png HTTP 301
- https://www.readex.eu/wp-content/uploads/2017/05/RG_square_green.png
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
matthewxlowe.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
98 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
matthewxlowe.com/assets/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headerS.png
raw.githubusercontent.com/mxlowe/mxlowe.github.io/master/ |
89 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
portrait.png
raw.githubusercontent.com/mxlowe/mxlowe.github.io/master/ |
196 KB 196 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Google_Scholar_logo_2015.PNG
upload.wikimedia.org/wikipedia/commons/a/a9/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RG_square_green.png
www.readex.eu/wp-content/uploads/2017/05/ Redirect Chain
|
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gmail_Icon.png
upload.wikimedia.org/wikipedia/commons/4/4e/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerimage2.jpg
raw.githubusercontent.com/mxlowe/mxlowe.github.io/master/ |
121 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg
raw.githubusercontent.com/mxlowe/mxlowe.github.io/master/ |
247 KB 247 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 387 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.matthewxlowe.com/ | Name: _gat_gtag_UA_109516974_1 Value: 1 |
|
.matthewxlowe.com/ | Name: _gid Value: GA1.2.492863136.1613623182 |
|
.matthewxlowe.com/ | Name: _ga Value: GA1.2.1537713373.1613623182 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
matthewxlowe.com
mxlowe.github.io
raw.githubusercontent.com
upload.wikimedia.org
www.google-analytics.com
www.googletagmanager.com
www.readex.eu
141.76.19.21
185.199.108.153
185.199.111.133
192.30.252.154
2620:0:862:ed1a::2:b
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
3d76c854651eff286b359e4c714054838dda2af18ac9235dfb470c4f0687ee23
456dc7c430c4e194f1897776a105f272f81c4df895cffbbff70eeccb7702a78a
538e6ffcdcf7b62c376864ec8a2912a0f64a93c783a9fc3d6c591c33b8c5d108
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
82d9d608252075c0f6c1ea2d936803cc64cb5a6d85368b4983395466bc85372b
9bfc3d3e4dc5b992f4a3ef59fe687ba9cc4821dcad3bd45c5f2bcbc6e1f4deea
a22a3e37f05947c461ccb0264236c0b286e721f7377c553389849c705bc984ca
c55c209fa3472d1911f2f374e0d58eaf3f5f44699451faaca8f1058ad8189785
d593968be1516fb16c5c93579dcf220cceb3ef9b3973c07c23e6775534322671
f05dc6c76027b167745dd613914037b2941e4bec0557c5cd03aac5286d6e3b27
fbe8559ad3b4307678250a671b8c259adf8ded119c8d133d1b706f0f4879a051