b1ofakind.info
Open in
urlscan Pro
162.241.29.140
Malicious Activity!
Public Scan
URL:
http://b1ofakind.info/RR-L/spect/confirm/verification/info/Demo/4.php?878a32999506efcd0ca12cfcf3ac8514-878a32999506efc...
Submission: On January 28 via automatic, source openphish
Submission: On January 28 via automatic, source openphish
Summary
This website contacted 8 IPs
in 4 countries
across 6 domains to perform 23 HTTP transactions.
The main IP is 162.241.29.140, located in
Provo, United States and
belongs to UNIFIEDLAYER-AS-1, US.
The main domain is b1ofakind.info.
This is the only time b1ofakind.info was scanned on urlscan.io!
This is the only time b1ofakind.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spectrum (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 9 | 162.241.29.140 162.241.29.140 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 1 | 192.229.133.221 192.229.133.221 | 15133 (EDGECAST) (EDGECAST) | |
| 4 | 23.37.37.201 23.37.37.201 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 142.136.81.135 142.136.81.135 | 3456 (TWC-3456-IT) (TWC-3456-IT) | |
| 1 2 | 54.76.175.152 54.76.175.152 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 108.128.130.224 108.128.130.224 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2.16.186.56 2.16.186.56 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 23 | 8 |
9
162.241.29.140
(Provo, United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-29-140.unifiedlayer.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-29-140.unifiedlayer.com
| b1ofakind.info |
4
23.37.37.201
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-37-201.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-37-201.deploy.static.akamaitechnologies.com
| assets.adobedtm.com |
1
142.136.81.135
(United States)
ASN3456 (TWC-3456-IT, US)
PTR: www.twcnc.com
ASN3456 (TWC-3456-IT, US)
PTR: www.twcnc.com
| www.timewarnercable.com |
2
54.76.175.152
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-175-152.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-175-152.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
108.128.130.224
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-130-224.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-130-224.eu-west-1.compute.amazonaws.com
| metric.timewarnercable.com |
1
2.16.186.56
(Ascension Island)
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com
| fast.roadrunner.demdex.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
b1ofakind.info
b1ofakind.info |
130 KB |
| 4 |
adobedtm.com
assets.adobedtm.com |
62 KB |
| 3 |
demdex.net
1 redirects
dpm.demdex.net fast.roadrunner.demdex.net |
2 KB |
| 2 |
timewarnercable.com
registration.timewarnercable.com Failed www.timewarnercable.com metric.timewarnercable.com |
6 KB |
| 1 |
w3schools.com
www.w3schools.com |
6 KB |
| 0 |
nextit.com
Failed
twc.nextit.com Failed |
|
| 23 | 6 |
| Domain | Requested by | |
|---|---|---|
| 9 | b1ofakind.info |
b1ofakind.info
|
| 4 | assets.adobedtm.com |
b1ofakind.info
assets.adobedtm.com |
| 2 | dpm.demdex.net |
1 redirects
b1ofakind.info
|
| 1 | fast.roadrunner.demdex.net |
assets.adobedtm.com
|
| 1 | metric.timewarnercable.com |
assets.adobedtm.com
|
| 1 | www.timewarnercable.com |
b1ofakind.info
|
| 1 | www.w3schools.com |
b1ofakind.info
|
| 0 | registration.timewarnercable.com Failed |
b1ofakind.info
|
| 0 | twc.nextit.com Failed |
b1ofakind.info
|
| 23 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.timewarnercable.com |
| help.twcable.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.w3schools.com DigiCert SHA2 Secure Server CA |
2017-10-25 - 2020-05-05 |
3 years | crt.sh |
| timewarnercable.com DigiCert SHA2 Secure Server CA |
2019-09-24 - 2020-10-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://b1ofakind.info/RR-L/spect/confirm/verification/info/Demo/4.php?878a32999506efcd0ca12cfcf3ac8514-878a32999506efcd0ca12cfcf3ac8514-878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514878a32999506efcd0ca12cfcf3ac8514
Frame ID: 0CE3306F63418B39A24DE1523989E11D
Requests: 22 HTTP requests in this frame
Frame:
http://fast.roadrunner.demdex.net/dest5.html?d_nsid=0
Frame ID: 226D783FFB65E058421C05B937044FE5
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Adobe DTM
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
URL: http://www.timewarnercable.com/en/support/faqs/faqs-internet/internetfaqs/what-are-cookies.html
Title: Learn how to enable cookies >
Title: Learn how to enable cookies >
Search URL Search Domain Scan URL
URL: http://www.timewarnercable.com/en/residential-home.html
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.timewarnercable.com/Corporate/privacy.html
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://help.twcable.com/html/policies.html
Title: Terms, Conditions & Policies
Title: Terms, Conditions & Policies
Search URL Search Domain Scan URL
URL: http://www.timewarnercable.com/content/twc/en/about-us/legal/regulatory-notices/programming-legal-notices.html
Title: Regulatory
Title: Regulatory
Search URL Search Domain Scan URL
URL: http://www.timewarnercable.com/en/about-us/legal/terms-conditions-policies/caution-concerning-forward-looking-statements.html
Title: Forward-Looking Statements Caution
Title: Forward-Looking Statements Caution
Search URL Search Domain Scan URL
URL: http://www.timewarnercable.com/Corporate/privacy_ca.html
Title: California Privacy Rights
Title: California Privacy Rights
Search URL Search Domain Scan URL
URL: http://www.timewarnercable.com/Corporate/privacyandterms.html
Title: Website Terms of Use
Title: Website Terms of Use
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5BB1123F5245AE4E0A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP 302
- http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5BB1123F5245AE4E0A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
23 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
4.php
b1ofakind.info/RR-L/spect/confirm/verification/info/Demo/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
w3.css
www.w3schools.com/w3css/4/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
live-engage-33ab08eac0fc563c11786eaeaeafa297.js
b1ofakind.info/assets/manifests/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
NIT.Alme.Combined.min.css
twc.nextit.com/LiveEngage/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main-e0840a2377ffb951560096d54780f0cc.css
b1ofakind.info/RR-L/spect/confirm/verification/info/Demo/ |
117 KB 117 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
residential-3fb2aab5e1ac64a4882e2cd3667dd61b.js
registration.timewarnercable.com/assets/manifests/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satelliteLib-bf4c9cc3c49ed4732bad6e252bbb04506eb5ba85.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/ |
91 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
password-073824b0f6d47b0bea411aa56050a644.css
registration.timewarnercable.com/assets/layouts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
username-89f3e24688a380aa37e16091c863d204.css
registration.timewarnercable.com/assets/password/reset/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Spectrum_Logo_White.png
www.timewarnercable.com/content/dam/careportals/common/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
username-68b329da9893e34099c7d8ad5cb9c940.js
b1ofakind.info/assets/password/reset/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
residential-deferred-57a7c928205befe7cef982d99c35f28f.js
b1ofakind.info/assets/manifests/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
NIT.Alme.Combined.min.js
twc.nextit.com/LiveEngage/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
412 B 1017 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-55f30acb66383100170008e0.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/scripts/ |
77 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Regular.ttf
b1ofakind.info/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-SemiBold.ttf
b1ofakind.info/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Bold.ttf
b1ofakind.info/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
residential-deferred-57a7c928205befe7cef982d99c35f28f.js
b1ofakind.info/assets/manifests/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
metric.timewarnercable.com/ |
114 B 703 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-5577350c66303900141c0500.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/scripts/ |
234 B 636 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-544855f6618ab202cc0001c0.js
assets.adobedtm.com/a011e94b6ba81cdcfdf24acdb480b5e4204c4dea/scripts/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
fast.roadrunner.demdex.net/ Frame 226D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- twc.nextit.com
- URL
- https://twc.nextit.com/LiveEngage/css/NIT.Alme.Combined.min.css
- Domain
- registration.timewarnercable.com
- URL
- https://registration.timewarnercable.com/assets/manifests/residential-3fb2aab5e1ac64a4882e2cd3667dd61b.js
- Domain
- registration.timewarnercable.com
- URL
- https://registration.timewarnercable.com/assets/layouts/password-073824b0f6d47b0bea411aa56050a644.css
- Domain
- registration.timewarnercable.com
- URL
- https://registration.timewarnercable.com/assets/password/reset/username-89f3e24688a380aa37e16091c863d204.css
- Domain
- twc.nextit.com
- URL
- https://twc.nextit.com/LiveEngage/js/NIT.Alme.Combined.min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spectrum (Telecommunication)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| lpTag string| liveEngageSiteId function| Visitor object| _satellite object| s_c_il number| s_c_in object| visitor object| s undefined| noneIndex function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| runOnce string| s_account number| s_objectID number| s_giq function| check function| clearSessionCookies undefined| d undefined| expires function| queryHandler function| urlHandler object| urlObject function| getUrlObject object| entityMap function| cleanValue function| flashTrack function| getPageTitle string| pageTitle function| getPropByName function| trackPageNameFromFlash function| trackVideoActionFromFlash function| trackVideoNameFromFlash2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| b1ofakind.info/ | Name: AMCV_5BB1123F5245AE4E0A490D45%40AdobeOrg Value: 793872103%7CMCIDTS%7C18290%7CMCMID%7C06858560365425027574121055822631630293%7CMCAAMLH-1580818847%7C6%7CMCAAMB-1580818847%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCAID%7CNONE |
|
| b1ofakind.info/ | Name: PHPSESSID Value: cbdb288b6bfddc67b20e89f5509b5bcb |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
b1ofakind.info
dpm.demdex.net
fast.roadrunner.demdex.net
metric.timewarnercable.com
registration.timewarnercable.com
twc.nextit.com
www.timewarnercable.com
www.w3schools.com
registration.timewarnercable.com
twc.nextit.com
108.128.130.224
142.136.81.135
162.241.29.140
192.229.133.221
2.16.186.56
23.37.37.201
54.76.175.152
24a4f493bc9d71de4016f37b77e94c1a9ba9be1adb53c6d146ef601b9223b40b
2c44a15c6525cc371931ab2f9f5dfb239d43570e60e6d03bf6a484edb36b0a6c
555505816de342b84adcc239e5ea0a221341c0eb6aefe1e93783006b133c5ad8
5830475d257be59e932d247b79c2d1d2e846c116664bd5ac5d8e47d8db1dc3c3
a93edee69f15c4f73123ec0d67b40783b6416ac2adac56c1583eb1fe9e27698c
c4dc05a70347cdf47043b48bbab56bffc59ce522bed13f924e444b69f35123bb
da4be7a4d46ab8c7b3e41d057b11495346f9dc3db9f6db9091b7f64a10e5b40a
dd30cb28b7ad3a268bd4a6a5730f42e65490abd49bd2cf8a436afbbec5aceb02
edd2ef41a58b2aadea4be395655e1a51d1dd273038fffa4ef03f512563cd59be
f5cf45b0ea009ce7fa7f88dd10d7260dda5a35c0d3cc29f9445aed8020282587