spectrumsupport-ref1.azurewebsites.net Open in urlscan Pro
13.89.172.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ow.ly/UQLd30pdnTc
Effective URL:
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/index.html?template=Ini...
Submission: On August 04 via manual (August 4th 2019, 4:20:04 pm UTC) from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 30 HTTP transactions. The main IP is 13.89.172.3, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is spectrumsupport-ref1.azurewebsites.net.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 10th 2019. Valid for: 2 years.

This is the only time spectrumsupport-ref1.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spectrum (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.67.57.56 54.67.57.56	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	2600:9000:200... 2600:9000:200c:d200:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 7	13.89.172.3 13.89.172.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
13	54.230.93.116 54.230.93.116	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
7	34.231.221.200 34.231.221.200	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
30	7

1 54.67.57.56 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ow.ly

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:d200:19:9934:6a80:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

l2mdk.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.89.172.3 (Des Moines, United States) 4 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

spectrumsupport-ref1.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.230.93.116 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-93-116.fra2.r.cloudfront.net

d1ff979u6gd5fc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.231.221.200 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-231-221-200.compute-1.amazonaws.com

www.spectrum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cloudfront.net d1ff979u6gd5fc.cloudfront.net	281 KB
7	spectrum.net www.spectrum.net	72 KB
7	azurewebsites.net 4 redirects spectrumsupport-ref1.azurewebsites.net	24 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	bing.com bat.bing.com	8 KB
2	app.link 2 redirects l2mdk.app.link	1 KB
1	google.com www.google.com	563 B
1	ow.ly 1 redirects ow.ly	106 B
0	asapp.com Failed sdk.asapp.com Failed
30	9

	Domain	Requested by
13	d1ff979u6gd5fc.cloudfront.net	spectrumsupport-ref1.azurewebsites.net
7	www.spectrum.net	spectrumsupport-ref1.azurewebsites.net
7	spectrumsupport-ref1.azurewebsites.net	4 redirects spectrumsupport-ref1.azurewebsites.net
2	fonts.googleapis.com	spectrumsupport-ref1.azurewebsites.net
2	bat.bing.com	spectrumsupport-ref1.azurewebsites.net
2	l2mdk.app.link	2 redirects
1	www.google.com	spectrumsupport-ref1.azurewebsites.net
1	ow.ly	1 redirects
0	sdk.asapp.com Failed	spectrumsupport-ref1.azurewebsites.net
30	9

This site contains no links.

Subject Issuer	Validity	Valid
*.azurewebsites.net DigiCert SHA2 Secure Server CA	`2019-05-10` - `2021-05-10`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
spectrum.net Amazon	`2019-01-04` - `2020-02-04`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/index.html?template=Initiate&valid=true&session=$host$host$host$host$host$host$host$host
Frame ID: 176F06D28AF32EE85D63905E4D51DB38
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ow.ly/UQLd30pdnTc HTTP 301
http://l2mdk.app.link/ HTTP 307
https://l2mdk.app.link/ HTTP 307
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16 HTTP 301
http://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/ HTTP 301
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/ HTTP 302
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/index.php... HTTP 302
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/ind... Page URL
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/ind... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

30
Requests

93 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

7
IPs

2
Countries

386 kB
Transfer

1671 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ow.ly/UQLd30pdnTc HTTP 301
http://l2mdk.app.link/ HTTP 307
https://l2mdk.app.link/ HTTP 307
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16 HTTP 301
http://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/ HTTP 301
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/ HTTP 302
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/index.php?secure-auth/login?execution=e1s1737065637472756d737570706f72742d726566312e617a75726577656273697465732e6e6574-7118711verify819 HTTP 302
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/index.php?cmd=login_submit&id=15fc108ce4d61ca9ee9d0d8881a71c6615fc108ce4d61ca9ee9d0d8881a71c66&session=15fc108ce4d61ca9ee9d0d8881a71c6615fc108ce4d61ca9ee9d0d8881a71c66 Page URL
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/index.html?template=Initiate&valid=true&session=$host$host$host$host$host$host$host$host Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ow.ly/UQLd30pdnTc HTTP 301
http://l2mdk.app.link/ HTTP 307
https://l2mdk.app.link/ HTTP 307
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16 HTTP 301
http://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/ HTTP 301
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/ HTTP 302
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/index.php?secure-auth/login?execution=e1s1737065637472756d737570706f72742d726566312e617a75726577656273697465732e6e6574-7118711verify819 HTTP 302
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/index.php?cmd=login_submit&id=15fc108ce4d61ca9ee9d0d8881a71c6615fc108ce4d61ca9ee9d0d8881a71c66&session=15fc108ce4d61ca9ee9d0d8881a71c6615fc108ce4d61ca9ee9d0d8881a71c66

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

index.php Show response
spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/
Redirect Chain

http://ow.ly/UQLd30pdnTc
http://l2mdk.app.link/
https://l2mdk.app.link/
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16
http://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/index.php?secure-auth/login?execution=e1s1737065637472756d737570706f72742d726566312...
https://spectrumsupport-ref1.azurewebsites.net/spect/Zo/5th15be1thn65ed41tnh65e4d1gt6541nhed65t4g1nhj6e5d4g16/log/sycho/index.php?cmd=login_submit&id=15fc108ce4d61ca9ee9d0d8881a71c6615fc108ce4d61ca...

194 B
350 B

137ms
136ms

Document
text/html

13.89.172.3
Microsoft Corpora...

General

spectrumsupport-ref1.azurewebsites.net Open in urlscan Pro 13.89.172.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

50 %IPv6

9 Domains

9 Subdomains

7 IPs

2 Countries

386 kBTransfer

1671 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

spectrumsupport-ref1.azurewebsites.net Open in urlscan Pro
13.89.172.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

7
IPs

2
Countries

386 kB
Transfer

1671 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!