urlscan.io logo urlscan.io
SecurityTrails logo

t-mobile.workspace29.com Open in urlscan Pro
206.198.186.60  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t-mobile.workspace29.com/
Effective URL: https://t-mobile.workspace29.com/vpn/index.html
Submission: On December 26 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 206.198.186.60, located in Scarborough, Canada and belongs to AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA. The main domain is t-mobile.workspace29.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 26th 2019. Valid for: 3 months.
This is the only time t-mobile.workspace29.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telekom (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
19 206.198.186.60 14453 (AS-AKN)
19 1
Apex Domain
Subdomains		 Transfer
19 workspace29.com
t-mobile.workspace29.com
1 MB
19 1
Domain Requested by
19 t-mobile.workspace29.com t-mobile.workspace29.com
19 1

This site contains no links.

Subject Issuer Validity Valid
t-mobile.workspace29.com
Let's Encrypt Authority X3		 2019-12-26 -
2020-03-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://t-mobile.workspace29.com/vpn/index.html
Frame ID: F1712B6D09C959D6CF2F29CF359AAB62
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t-mobile.workspace29.com/ Page URL
  2. https://t-mobile.workspace29.com/vpn/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1205 kB
Transfer

4217 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t-mobile.workspace29.com/ Page URL
  2. https://t-mobile.workspace29.com/vpn/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
t-mobile.workspace29.com/ 		637 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
9120593b61aacabc36eae3fd17d5ff7687958796e077f1b0d28ed9ce1aa15bfb

Request headers

:method
GET
:authority
t-mobile.workspace29.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html
last-modified
Thu, 17 Oct 2019 10:24:46 GMT
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
245
date
Thu, 26 Dec 2019 14:15:57 GMT
server
LiteSpeed
Primary Request index.html
t-mobile.workspace29.com/vpn/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
fd8c01b7a85850ebe4d2827a0999c555ffd5852de5fac6a3d66fb5739ee47479

Request headers

:method
GET
:authority
t-mobile.workspace29.com
:scheme
https
:path
/vpn/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://t-mobile.workspace29.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://t-mobile.workspace29.com/

Response headers

status
200
content-type
text/html
last-modified
Sun, 20 Oct 2019 11:08:36 GMT
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
3044
date
Thu, 26 Dec 2019 14:15:57 GMT
server
LiteSpeed
rdx.css
t-mobile.workspace29.com/vpn/js/rdx/core/css/ 		397 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/rdx/core/css/rdx.css
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
745f053f8f09186d0f378bc69902c19a76a8ba4ec5e62944db7729713bdd72b9

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:32:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
73971
expires
Thu, 02 Jan 2020 14:15:57 GMT
base.css
t-mobile.workspace29.com/logon/themes/Default/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/logon/themes/Default/css/base.css
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
6dd59b0afe47b0115029ff5c7b1089a651c9e618c71aaf0fac3e2a444e1a9781

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Sat, 19 Oct 2019 05:38:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7698
expires
Thu, 02 Jan 2020 14:15:57 GMT
citrix-fonts.css
t-mobile.workspace29.com/logon/fonts/ 		5 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/logon/fonts/citrix-fonts.css
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
9ea819a69796ce1bd981702879c8d0679caf50a4b48ef3ba1d6347da0952c9f8

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
484
expires
Thu, 02 Jan 2020 14:15:57 GMT
custom.css
t-mobile.workspace29.com/logon/themes/Default/css/ 		4 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/logon/themes/Default/css/custom.css
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
2fe954baf8e35a6abac34e17833949335ee4c528b182967d1ba3952ff31cc506

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Sat, 19 Oct 2019 05:39:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
954
expires
Thu, 02 Jan 2020 14:15:57 GMT
rdx.js
t-mobile.workspace29.com/vpn/js/ 		3 MB
766 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/rdx.js?a=v2
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
fa2defe22d527fc64c8830bd1d180ff475117770f9f3462b0b4efba1b730abf1

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Sun, 20 Oct 2019 07:23:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
783498
expires
Thu, 02 Jan 2020 14:15:57 GMT
symantec.css
t-mobile.workspace29.com/vpn/js/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/symantec.css
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
14ea3ab63072f1d9fd66c9ab2661a38833495f6ac1260cbf5d711bd5965d18ed

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:58 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4681
expires
Thu, 02 Jan 2020 14:15:57 GMT
login.js
t-mobile.workspace29.com/vpn/ 		3 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/login.js
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
bbc92e5fcbead02d5bb8049434d03337d15e8d81d1d450acbe6b3c76f2f74970

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
916
expires
Thu, 02 Jan 2020 14:15:57 GMT
views.js
t-mobile.workspace29.com/vpn/js/ 		6 KB
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/views.js
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
efec9771b0b46ab60b946cf17f2119818f4cddec3a36e1f1c19de1d47ca20a44

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:58 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
683
expires
Thu, 02 Jan 2020 14:15:57 GMT
gateway_login_view.js
t-mobile.workspace29.com/vpn/js/ 		4 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/gateway_login_view.js
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
ae9172973fa46a144383fc70c95bbd00ed5ed58624517ca9812c2b74d66feb1c

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:58 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
987
expires
Thu, 02 Jan 2020 14:15:57 GMT
gateway_login_form_view.js
t-mobile.workspace29.com/vpn/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/gateway_login_form_view.js
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
fda74a8027991dc6f4a9edf50988ab1a3fe691addab3d42080fffbe616030b21

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2384
expires
Thu, 02 Jan 2020 14:15:57 GMT
gateway_login_form_viewer.js
t-mobile.workspace29.com/vpn/js/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/gateway_login_form_viewer.js
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:58 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30041
expires
Thu, 02 Jan 2020 14:15:57 GMT
resources.js
t-mobile.workspace29.com/vpn/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/resources.js
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
8686f46e6d8479e3bb713b89aef09f5caaf4671caeb85cb42a66bd2bb4353687

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3957
expires
Thu, 02 Jan 2020 14:15:57 GMT
nsshare.js
t-mobile.workspace29.com/vpn/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/nsshare.js
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
3be3e74718b73c1924bf919f6161296d7dc6b35ae64c43d38cc84a2765ce91e9

Request headers

Referer
https://t-mobile.workspace29.com/vpn/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:57 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 13:31:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5688
expires
Thu, 02 Jan 2020 14:15:57 GMT
TMobile_Background_Web.jpg
t-mobile.workspace29.com/logon/themes/Default/custom_media/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-mobile.workspace29.com/logon/themes/Default/custom_media/TMobile_Background_Web.jpg
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
ee96581381cd6b5cafefb9f2d2cc77be78d7e769c9fcd7aa083468e43087ba93

Request headers

Referer
https://t-mobile.workspace29.com/logon/themes/Default/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:58 GMT
last-modified
Wed, 25 Sep 2019 13:31:54 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
117992
expires
Thu, 02 Jan 2020 14:15:58 GMT
header_gradient.png
t-mobile.workspace29.com/vpn/js/rdx/core/css/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-mobile.workspace29.com/vpn/js/rdx/core/css/header_gradient.png
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
1e3ec2f8f39970fa0536478aa80d3b7986c3ec6b02ee0505ae3b90630e68fc52

Request headers

Referer
https://t-mobile.workspace29.com/vpn/js/rdx/core/css/rdx.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:15:58 GMT
last-modified
Wed, 25 Sep 2019 13:32:02 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
142209
expires
Thu, 02 Jan 2020 14:15:58 GMT
citrixsans_regular.woff
t-mobile.workspace29.com/vpn/js/rdx/core/css/fonts/citrix_sans/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/rdx/core/css/fonts/citrix_sans/citrixsans_regular.woff
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
bd4d5f23336beb3b603af3bcaedb1944361755757ad50616d83d9147ba4cf56d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://t-mobile.workspace29.com/vpn/js/rdx/core/css/rdx.css
Origin
https://t-mobile.workspace29.com

Response headers

date
Thu, 26 Dec 2019 14:15:58 GMT
last-modified
Wed, 25 Sep 2019 13:32:08 GMT
server
LiteSpeed
content-type
font/woff
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26249
expires
Thu, 02 Jan 2020 14:15:58 GMT
citrixsans_semibold.woff
t-mobile.workspace29.com/vpn/js/rdx/core/css/fonts/citrix_sans/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://t-mobile.workspace29.com/vpn/js/rdx/core/css/fonts/citrix_sans/citrixsans_semibold.woff
Requested by
Host: t-mobile.workspace29.com
URL: https://t-mobile.workspace29.com/vpn/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.198.186.60 Scarborough, Canada, ASN14453 (AS-AKN - ADVANCED KNOWLEDGE NETWORKS, CA),
Reverse DNS
ruby.cpanelwebserver.net
Software
LiteSpeed /
Resource Hash
2817043a87ef7679c8f52b7dc70a81d306da35190c2d4fa40fa341600d4b2dd9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://t-mobile.workspace29.com/vpn/js/rdx/core/css/rdx.css
Origin
https://t-mobile.workspace29.com

Response headers

date
Thu, 26 Dec 2019 14:15:58 GMT
last-modified
Wed, 25 Sep 2019 13:32:08 GMT
server
LiteSpeed
content-type
font/woff
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26242
expires
Thu, 02 Jan 2020 14:15:58 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telekom (Telecommunication)

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| lastTap undefined| tapValid undefined| tapTimeout function| cancelTap undefined| rightClickPending undefined| rightClickEvent undefined| holdTimeout undefined| cancelMouseUp function| cancelHold function| startHold function| doRightClick function| iPadTouchStart function| iPadTouchHandler undefined| _canLog function| _log function| logMsg undefined| getDynaTreePersistData undefined| DTNodeStatus_Error undefined| DTNodeStatus_Loading undefined| DTNodeStatus_Ok undefined| jvm undefined| rdx undefined| saveAs undefined| search_tooltip_learn_more_content function| toggleCheckbox function| closeSymantec function| loginFormold function| generate function| loginForm boolean| loginPrefilled function| setCookie function| UnsetCookie object| pwc function| ns_check function| ns_disperrmsg function| ns_getcookie function| ns_fillName function| loginFieldCheck function| clean_name_cookie object| login object| logout undefined| logout_url object| choices function| $ function| jQuery function| changePage function| setFocus function| ResourceManager function| _ object| Resources object| eula function| CreateMainTable function| CreateBannerI function| CreateBannerII function| AddHeaderAndBar function| AddHeaderAndBarForTM function| AddHeaderAndBarForCitrix function| AddFooter function| AddBanner boolean| suitable_browser_to_use_png function| canShowPNGWell function| documentWriteGlowBoxUpper function| documentWriteGlowBoxLower function| documentWriteActionPane function| DialogueBodyTop function| DialogueBodyBottom function| DialogInclude function| DialogueBodyI function| DialogueBodyII function| validate_entry function| TransferInclude function| TransferOnesessBodyI function| TransferMultsessBodyI function| changeTransfervalue function| TransferBodyII function| resize object| allOriName function| createRandName function| revertNames function| randomize object| util number| winAgentPortForLauncher function| vipAuth

0 Cookies