b1ofakind.info
Open in
urlscan Pro
162.241.29.140
Malicious Activity!
Public Scan
Submission: On January 28 via automatic, source openphish
Summary
This is the only time b1ofakind.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spectrum (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 162.241.29.140 162.241.29.140 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 192.229.133.221 192.229.133.221 | 15133 (EDGECAST) (EDGECAST) | |
4 | 23.37.37.201 23.37.37.201 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 142.136.81.135 142.136.81.135 | 3456 (TWC-3456-IT) (TWC-3456-IT) | |
1 2 | 54.76.175.152 54.76.175.152 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 108.128.130.224 108.128.130.224 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2.16.186.56 2.16.186.56 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
23 | 8 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-29-140.unifiedlayer.com
b1ofakind.info |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-37-201.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN3456 (TWC-3456-IT, US)
PTR: www.twcnc.com
www.timewarnercable.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-175-152.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-130-224.eu-west-1.compute.amazonaws.com
metric.timewarnercable.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com
fast.roadrunner.demdex.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
b1ofakind.info
b1ofakind.info |
130 KB |
4 |
adobedtm.com
assets.adobedtm.com |
62 KB |
3 |
demdex.net
1 redirects
dpm.demdex.net fast.roadrunner.demdex.net |
2 KB |
2 |
timewarnercable.com
registration.timewarnercable.com Failed www.timewarnercable.com metric.timewarnercable.com |
6 KB |
1 |
w3schools.com
www.w3schools.com |
6 KB |
0 |
nextit.com
Failed
twc.nextit.com Failed |
|
23 | 6 |
Domain | Requested by | |
---|---|---|
9 | b1ofakind.info |
b1ofakind.info
|
4 | assets.adobedtm.com |
b1ofakind.info
assets.adobedtm.com |
2 | dpm.demdex.net |
1 redirects
b1ofakind.info
|
1 | fast.roadrunner.demdex.net |
assets.adobedtm.com
|
1 | metric.timewarnercable.com |
assets.adobedtm.com
|
1 | www.timewarnercable.com |
b1ofakind.info
|
1 | www.w3schools.com |
b1ofakind.info
|
0 | registration.timewarnercable.com Failed |
b1ofakind.info
|
0 | twc.nextit.com Failed |
b1ofakind.info
|
23 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.timewarnercable.com |
help.twcable.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.w3schools.com DigiCert SHA2 Secure Server CA |
2017-10-25 - 2020-05-05 |
3 years | crt.sh |
timewarnercable.com DigiCert SHA2 Secure Server CA |
2019-09-24 - 2020-10-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://b1ofakind.info/RR-L/spect/confirm/verification/info/Demo/4.php?878a32999506efcd0ca12cfcf3ac8514-878a32999506efcd0ca12cfcf3ac8514-878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514
Frame ID: 0CE3306F63418B39A24DE1523989E11D
Requests: 22 HTTP requests in this frame
Frame:
http://fast.roadrunner.demdex.net/dest5.html?d_nsid=0
Frame ID: 226D783FFB65E058421C05B937044FE5
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Adobe DTM (Tag Managers) Expand
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Learn how to enable cookies >
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms, Conditions & Policies
Search URL Search Domain Scan URL
Title: Regulatory
Search URL Search Domain Scan URL
Title: Forward-Looking Statements Caution
Search URL Search Domain Scan URL
Title: California Privacy Rights
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5BB1123F5245AE4E0A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP 302
- http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5BB1123F5245AE4E0A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
4.php
b1ofakind.info/RR-L/spect/confirm/verification/info/Demo/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w3.css
www.w3schools.com/w3css/4/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
live-engage-33ab08eac0fc563c11786eaeaeafa297.js
b1ofakind.info/assets/manifests/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NIT.Alme.Combined.min.css
twc.nextit.com/LiveEngage/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-e0840a2377ffb951560096d54780f0cc.css
b1ofakind.info/RR-L/spect/confirm/verification/info/Demo/ |
117 KB 117 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
residential-3fb2aab5e1ac64a4882e2cd3667dd61b.js
registration.timewarnercable.com/assets/manifests/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satelliteLib-bf4c9cc3c49ed4732bad6e252bbb04506eb5ba85.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/ |
91 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
password-073824b0f6d47b0bea411aa56050a644.css
registration.timewarnercable.com/assets/layouts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
username-89f3e24688a380aa37e16091c863d204.css
registration.timewarnercable.com/assets/password/reset/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Spectrum_Logo_White.png
www.timewarnercable.com/content/dam/careportals/common/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
username-68b329da9893e34099c7d8ad5cb9c940.js
b1ofakind.info/assets/password/reset/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
residential-deferred-57a7c928205befe7cef982d99c35f28f.js
b1ofakind.info/assets/manifests/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NIT.Alme.Combined.min.js
twc.nextit.com/LiveEngage/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
412 B 1017 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satellite-55f30acb66383100170008e0.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/scripts/ |
77 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.ttf
b1ofakind.info/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-SemiBold.ttf
b1ofakind.info/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold.ttf
b1ofakind.info/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
residential-deferred-57a7c928205befe7cef982d99c35f28f.js
b1ofakind.info/assets/manifests/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
metric.timewarnercable.com/ |
114 B 703 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satellite-5577350c66303900141c0500.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/scripts/ |
234 B 636 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satellite-544855f6618ab202cc0001c0.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/scripts/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
fast.roadrunner.demdex.net/ Frame 226D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- twc.nextit.com
- URL
- https://twc.nextit.com/LiveEngage/css/NIT.Alme.Combined.min.css
- Domain
- registration.timewarnercable.com
- URL
- https://registration.timewarnercable.com/assets/manifests/residential-3fb2aab5e1ac64a4882e2cd3667dd61b.js
- Domain
- registration.timewarnercable.com
- URL
- https://registration.timewarnercable.com/assets/layouts/password-073824b0f6d47b0bea411aa56050a644.css
- Domain
- registration.timewarnercable.com
- URL
- https://registration.timewarnercable.com/assets/password/reset/username-89f3e24688a380aa37e16091c863d204.css
- Domain
- twc.nextit.com
- URL
- https://twc.nextit.com/LiveEngage/js/NIT.Alme.Combined.min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spectrum (Telecommunication)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| lpTag string| liveEngageSiteId function| Visitor object| _satellite object| s_c_il number| s_c_in object| visitor object| s undefined| noneIndex function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| runOnce string| s_account number| s_objectID number| s_giq function| check function| clearSessionCookies undefined| d undefined| expires function| queryHandler function| urlHandler object| urlObject function| getUrlObject object| entityMap function| cleanValue function| flashTrack function| getPageTitle string| pageTitle function| getPropByName function| trackPageNameFromFlash function| trackVideoActionFromFlash function| trackVideoNameFromFlash2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
b1ofakind.info/ | Name: AMCV_5BB1123F5245AE4E0A490D45%40AdobeOrg Value: 793872103%7CMCIDTS%7C18290%7CMCMID%7C06858560365425027574121055822631630293%7CMCAAMLH-1580818847%7C6%7CMCAAMB-1580818847%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCAID%7CNONE |
|
b1ofakind.info/ | Name: PHPSESSID Value: cbdb288b6bfddc67b20e89f5509b5bcb |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
b1ofakind.info
dpm.demdex.net
fast.roadrunner.demdex.net
metric.timewarnercable.com
registration.timewarnercable.com
twc.nextit.com
www.timewarnercable.com
www.w3schools.com
registration.timewarnercable.com
twc.nextit.com
108.128.130.224
142.136.81.135
162.241.29.140
192.229.133.221
2.16.186.56
23.37.37.201
54.76.175.152
24a4f493bc9d71de4016f37b77e94c1a9ba9be1adb53c6d146ef601b9223b40b
2c44a15c6525cc371931ab2f9f5dfb239d43570e60e6d03bf6a484edb36b0a6c
555505816de342b84adcc239e5ea0a221341c0eb6aefe1e93783006b133c5ad8
5830475d257be59e932d247b79c2d1d2e846c116664bd5ac5d8e47d8db1dc3c3
a93edee69f15c4f73123ec0d67b40783b6416ac2adac56c1583eb1fe9e27698c
c4dc05a70347cdf47043b48bbab56bffc59ce522bed13f924e444b69f35123bb
da4be7a4d46ab8c7b3e41d057b11495346f9dc3db9f6db9091b7f64a10e5b40a
dd30cb28b7ad3a268bd4a6a5730f42e65490abd49bd2cf8a436afbbec5aceb02
edd2ef41a58b2aadea4be395655e1a51d1dd273038fffa4ef03f512563cd59be
f5cf45b0ea009ce7fa7f88dd10d7260dda5a35c0d3cc29f9445aed8020282587