windowworldbahamas.com

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3033::681f:55c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is windowworldbahamas.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 28th 2020. Valid for: 7 months.

This is the only time windowworldbahamas.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spectrum (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.72.49.79 52.72.49.79	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2606:4700:303... 2606:4700:3033::681f:55c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.216.3.181 3.216.3.181	14618 (AMAZON-AES) (AMAZON-AES)
2	143.204.208.77 143.204.208.77	16509 (AMAZON-02) (AMAZON-02)
7	3

1 52.72.49.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-49-79.compute-1.amazonaws.com

click.eiandmedicine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::681f:55c0 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

windowworldbahamas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.216.3.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-3-181.compute-1.amazonaws.com

webmail.spectrum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.208.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-77.fra53.r.cloudfront.net

d1ff979u6gd5fc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	spectrum.net webmail.spectrum.net	148 KB
3	windowworldbahamas.com 2 redirects windowworldbahamas.com	2 KB
2	cloudfront.net d1ff979u6gd5fc.cloudfront.net	73 KB
1	eiandmedicine.com 1 redirects click.eiandmedicine.com	294 B
7	4

	Domain	Requested by
4	webmail.spectrum.net	windowworldbahamas.com
3	windowworldbahamas.com	2 redirects
2	d1ff979u6gd5fc.cloudfront.net	windowworldbahamas.com
1	click.eiandmedicine.com	1 redirects
7	4

This site contains links to these domains. Also see Links.

Domain
www.timewarnercable.com
www.spectrum.net
urt.rr.com
pt.rr.com
www.twcmedia.com
www.spectrum.com
help.twcable.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-28` - `2020-10-09`	7 months	crt.sh
*.spectrum.net Amazon	`2019-08-02` - `2020-09-02`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074
Frame ID: 5B41E52AB900FEE729BF5DC2AC86E2FC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.eiandmedicine.com/tts HTTP 301
https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho HTTP 301
https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/ HTTP 302
https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/act... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

222 kB
Transfer

221 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.timewarnercable.com/en/support/internet/step-by-step/twc-mail.html
Title: Spectrum Support

Search URL Search Domain Scan URL

URL: https://www.spectrum.net/hoh
Title: Create an Email Address

Search URL Search Domain Scan URL

URL: https://urt.rr.com/
Title: Forgot Email Address?

Search URL Search Domain Scan URL

URL: https://pt.rr.com/
Title: Forgot Email Password?

Search URL Search Domain Scan URL

URL: http://www.twcmedia.com/default.aspx?cid=aff:twccmediasales
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://www.spectrum.com/policies/your-privacy-rights.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.spectrum.com/policies/website-privacy-policy.html
Title: Web Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.spectrum.com/policies/ca-privacy-rights.html
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: http://help.twcable.com/policies.html?cid=aff:twccwmsubscriberpoli
Title: TWC Subscriber Policies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.eiandmedicine.com/tts HTTP 301
https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho HTTP 301
https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/ HTTP 302
https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request action.php Show response windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/ Redirect Chain http://click.eiandmedicine.com/tts https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/ https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b5110...	5 KB 1 KB	196ms 196ms	Document text/html	2606:4700:3033::681f:55c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:55c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9aa3aa83fa704ba017d46a73c17061477b0b7c602e8a99cb3af8f7a36a98ffb0` Request headers :method GET :authority windowworldbahamas.com :scheme https :path /ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d07edeaf5460b8b26809b08323db3012a1582940879 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 29 Feb 2020 01:48:00 GMT content-type text/html; charset=UTF-8 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 56c6f9350a3c1f21-FRA content-encoding br Redirect headers status 302 date Sat, 29 Feb 2020 01:48:00 GMT content-type text/html; charset=UTF-8 location action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 56c6f934091a1f21-FRA
GET H2	200	spectrum.css webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/	126 KB 127 KB	429ms 198ms	Stylesheet text/css	3.216.3.181 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/spectrum.css?v=2.6.0_4 Requested by Host: windowworldbahamas.com URL: https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.216.3.181 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-216-3-181.compute-1.amazonaws.com Software nginx / Resource Hash `f174e1973edbfe685c023ae10522ec22eb55c64e50be0f65069270c821363acc` Request headers Referer https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 29 Feb 2020 01:48:00 GMT last-modified Fri, 13 Dec 2019 17:25:18 GMT server nginx etag "5df3c97e-1f7e2" content-type text/css status 200 cache-control max-age=2592000 accept-ranges bytes content-length 128994 expires Mon, 30 Mar 2020 01:48:00 GMT
GET H2	200	login.css webmail.spectrum.net/application/modules/mail/views/scripts/auth/css/	5 KB 5 KB	530ms 299ms	Stylesheet text/css	3.216.3.181 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://webmail.spectrum.net/application/modules/mail/views/scripts/auth/css/login.css?v=2.6.0_4 Requested by Host: windowworldbahamas.com URL: https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.216.3.181 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-216-3-181.compute-1.amazonaws.com Software nginx / Resource Hash `01899817baa61561412fd17f17f7a10c354d9d6d3d4d0061c1c1b73c6775bf0c` Request headers Referer https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 29 Feb 2020 01:48:00 GMT last-modified Fri, 13 Dec 2019 17:25:18 GMT server nginx etag "5df3c97e-1378" content-type text/css status 200 cache-control max-age=2592000 accept-ranges bytes content-length 4984 expires Mon, 30 Mar 2020 01:48:00 GMT
GET H2	200	rutledge.css webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/	5 KB 5 KB	529ms 298ms	Stylesheet text/css	3.216.3.181 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/rutledge.css?v=2.6.0_4 Requested by Host: windowworldbahamas.com URL: https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.216.3.181 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-216-3-181.compute-1.amazonaws.com Software nginx / Resource Hash `d0ccab8c62e3914173619ccb183a8bbe6df396a5e7bc788c8c28c1f7b2182d66` Request headers Referer https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 29 Feb 2020 01:48:00 GMT last-modified Fri, 13 Dec 2019 17:25:18 GMT server nginx etag "5df3c97e-138f" content-type text/css status 200 cache-control max-age=2592000 accept-ranges bytes content-length 5007 expires Mon, 30 Mar 2020 01:48:00 GMT
GET H2	200	spectrum-logo.svg webmail.spectrum.net/application/modules/mail/views/scripts/mail/images/logos/	10 KB 10 KB	530ms 299ms	Image image/svg+xml	3.216.3.181 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/images/logos/spectrum-logo.svg?v=2.6.0_4 Requested by Host: windowworldbahamas.com URL: https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.216.3.181 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-216-3-181.compute-1.amazonaws.com Software nginx / Resource Hash `059197cdfcc9b8f79681f308720087c5e803bd1ac207fe501f99ed3fd1778088` Request headers Referer https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 29 Feb 2020 01:48:00 GMT last-modified Fri, 13 Dec 2019 17:25:19 GMT server nginx etag "5df3c97f-277b" content-type image/svg+xml status 200 cache-control max-age=2592000 accept-ranges bytes content-length 10107 expires Mon, 30 Mar 2020 01:48:00 GMT
GET H/1.1	200 OK	rutledge-light.woff d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/	37 KB 38 KB	90ms 23ms	Font binary/octet-stream	143.204.208.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/rutledge-light.woff Requested by Host: windowworldbahamas.com URL: https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-77.fra53.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `fc117f32c802c3b99cdc01cc17a2ad417199e3ed252b99e9fe40f9b3d1b349b1` Request headers Referer https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/rutledge.css?v=2.6.0_4 Origin https://windowworldbahamas.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 29 Feb 2020 00:45:56 GMT Via 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront) Age 3726 X-Zuul zuul X-Cache Hit from cloudfront Connection keep-alive Content-Length 38308 Last-Modified Mon, 18 Sep 2017 16:17:01 GMT Server Apache-Coyote/1.1 x-amz-meta-s3cmd-attrs uid:2222/gname:jenkins/uname:jenkins/gid:4949/mode:33204/mtime:1505751330/atime:1505751330/md5:566f6d3520cdf7683c2d445543aebd99/ctime:1505751395 ETag "566f6d3520cdf7683c2d445543aebd99" Vary Origin Access-Control-Allow-Methods GET, HEAD X-Originating-URL http://cdn.prd-aws.charter.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/rutledge-light.woff Access-Control-Allow-Origin * Cache-Control max-age=31536000 x-amz-version-id 0vhHt8SqhCSaTmuGEupJZerlGVaCEr6Q X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Type binary/octet-stream;charset=UTF-8 X-Zuul-instance unknown X-Amz-Cf-Id tFmNcc6ZNPi-_1tu4pSR5pRIfRRG5LYZfloTt58IbP4LtmUow_Y-6Q==
GET H/1.1	200 OK	rutledge-medium.woff d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/	33 KB 34 KB	114ms 30ms	Font binary/octet-stream	143.204.208.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/rutledge-medium.woff Requested by Host: windowworldbahamas.com URL: https://windowworldbahamas.com/ghjkyutdcgvbnbcgfrytui/spectrm/jkh88igblig8ibhilho9pp098y8ters/log/sycho/action.php?8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074-8e8f0a11985b511084bda76d7c1d5074 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-77.fra53.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash `89f5574d52ca5311cbcc0e5bae7a87a26da40a4ca917c16c69e569faf77b68a2` Request headers Referer https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/rutledge.css?v=2.6.0_4 Origin https://windowworldbahamas.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 29 Feb 2020 00:45:56 GMT Via 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront) Age 3726 X-Zuul zuul X-Cache Hit from cloudfront Connection keep-alive Content-Length 34132 Last-Modified Mon, 18 Sep 2017 16:17:05 GMT Server Apache-Coyote/1.1 x-amz-meta-s3cmd-attrs uid:2222/gname:jenkins/uname:jenkins/gid:4949/mode:33204/mtime:1505751330/atime:1505751330/md5:1329f7418ece7836495b9dbf43012265/ctime:1505751395 ETag "1329f7418ece7836495b9dbf43012265" Vary Origin Access-Control-Allow-Methods GET, HEAD X-Originating-URL http://cdn.prd-aws.charter.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/rutledge-medium.woff Access-Control-Allow-Origin * Cache-Control max-age=31536000 x-amz-version-id rCEPGCE_WQxkefSQdHmgX0MZXxkf_9O7 X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Type binary/octet-stream;charset=UTF-8 X-Zuul-instance unknown X-Amz-Cf-Id bZ7jBU7eLTbp9sde3Slq8tG-TAq2YpohdyFHTX_oleqg_6cW3REmcw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spectrum (Telecommunication)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| check

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.windowworldbahamas.com/	1970-01-19 08:25:32	Name: __cfduid Value: d07edeaf5460b8b26809b08323db3012a1582940879

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.eiandmedicine.com
d1ff979u6gd5fc.cloudfront.net
webmail.spectrum.net
windowworldbahamas.com
143.204.208.77
2606:4700:3033::681f:55c0
3.216.3.181
52.72.49.79
01899817baa61561412fd17f17f7a10c354d9d6d3d4d0061c1c1b73c6775bf0c
059197cdfcc9b8f79681f308720087c5e803bd1ac207fe501f99ed3fd1778088
89f5574d52ca5311cbcc0e5bae7a87a26da40a4ca917c16c69e569faf77b68a2
9aa3aa83fa704ba017d46a73c17061477b0b7c602e8a99cb3af8f7a36a98ffb0
d0ccab8c62e3914173619ccb183a8bbe6df396a5e7bc788c8c28c1f7b2182d66
f174e1973edbfe685c023ae10522ec22eb55c64e50be0f65069270c821363acc
fc117f32c802c3b99cdc01cc17a2ad417199e3ed252b99e9fe40f9b3d1b349b1

windowworldbahamas.com Open in urlscan Pro 2606:4700:3033::681f:55c0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

222 kBTransfer

221 kBSize

1 Cookies

9 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

windowworldbahamas.com Open in urlscan Pro
2606:4700:3033::681f:55c0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

222 kB
Transfer

221 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!