Domain > pathways.0d45f5fd462b8c70.spacesedu.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2026-01-14	104.26.7.90 (ClassC)

HTTP/1.1 200 OKDate: Wed, 14 Jan 2026 14:26:50 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Ray: 9bddcf884d459935-PDXCF-Cache-Status: DYNAMICCache-Control: max-age1800, publicExpires: Wed, 14 Jan 2026 14:56:50 GMTServer: cloudflareSet-Cookie: __Host.SpacesEDU.Session1768400811.544.300.62771|293d4d63ed80c8d3012f673dec7282b8; Path/; Secure; HttpOnlyStrict-Transport-Security: max-age31536000; includeSubDomains; preloadVary: Accept-Encodingcf-apo-via: origin,hostcontent-security-policy: default-src none; script-src self unsafe-eval nonce-0793b1eb2ce0149081975f76ac4d5183 *.googleusercontent.com https://public.produktly.com/js/main.js https://public.produktly.com https://www.gstatic.com https://www.google-analytics.com/analytics.js https://static.cloudflareinsights.com/ https://cdn.segment.com https://*.spacesedu.com https://*.myblueprint.org https://static.filestackapi.com https://apis.google.com/js/api.js https://accounts.google.com/gsi/client https://apis.google.com https://use.typekit.com/qyt8ztw.js https://client.crisp.chat https://settings.crisp.chat; connect-src self blob: cloudflareinsights.com https://sessions.bugsnag.com https://public.produktly.com https://api.produktly.com https://api.segment.io https://cdn.segment.com https://*.spacesedu.com https://*.myblueprint.org https://*.amazonaws.com https://*.service.signalr.net https://rum-http-intake.logs.datadoghq.com https://www.google-analytics.com wss://*.service.signalr.net https://*.filestackapi.com https://rum.browser-intake-datadoghq.com https://logs.browser-intake-datadoghq.com https://*.googleapis.com *.google.com https://*.gstatic.com https://cdn.filestackcontent.com/ https://stats.g.doubleclick.net https://client.crisp.chat https://storage.crisp.chat wss://client.relay.crisp.chat wss://stream.relay.crisp.chat; font-src self data: https://fonts.gstatic.com https://use.typekit.net https://use.typekit.com https://client.crisp.chat; frame-src self blob: https://*.spacesedu.com https://*.myblueprint.org https://content.googleapis.com https://docs.google.com https://cdn.filestackcontent.com https://accounts.google.com https://www.google.com https://game.crisp.chat https://www.youtube.com/; img-src self data: blob: https: https://*.googleusercontent.com https://*.spacesedu.com https://*.myblueprint.org https://cdn.filestackcontent.com https://static.filestackapi.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.ca https://csi.gstatic.com https://*.giphy.com *.tenor.com *.tenor.co https://client.crisp.chat https://image.crisp.chat https://storage.crisp.chat; manifest-src self https://*.spacesedu.com https://*.myblueprint.org; media-src self blob: https://*.spacesedu.com https://*.myblueprint.org https://cdn.filestackcontent.com *.tenor.co *.tenor.com https://*.giphy.com https://client.crisp.chat https://player.vimeo.com/ https://cdn.careeronestop.org/ https://myblueprint.blob.core.windows.net/; style-src self unsafe-inline https://use.typekit.net/ https://p.typekit.net/ https://*.spacesedu.com https://*.myblueprint.org https://fonts.googleapis.com/ https://static.filestackapi.com https://client.crisp.chat; worker-src blob: self;referrer-policy: same-originx-content-type-options: nosniffx-frame-options: SAMEORIGINx-xss-protection: 1; modeblockSpeculation-Rules: /cdn-cgi/speculationReport-To: {group:cf-nel,max_age:604800,endpoints:{url:https://a.nel.cloudflare.com/report/v4?sY3JEYjnC%2BUf85DwWlFza9XbviutdtH2pkZiYFY%2FIbK2GDIOrVq8xCqHkuBNnqqF%2FkEe5RLNC3g9H7rMB2daNzRp95VmG1QONVmHjHZ3E1M9SSVzyQsZ0az8yNy1eqPrje%2B3xEtS6}}Nel: {report_to:cf-nel,success_fraction:0.0,max_age:604800}alt-svc: h3:443; ma86400

!DOCTYPE html>html langen-CA>head>  meta charsetutf-8 />  !-- Asynchronous Typekit Loading Code -->  script typetext/javascript nonce0793b1eb2ce0149081975f76ac4d5183>    const TypekitConfig  {      kitId: qyt8ztw    };    (function() {      var tk  document.createElement(script);      tk.src  //use.typekit.com/ + TypekitConfig.kitId + .js;      tk.type  text/javascript;      tk.async  true;      tk.nonce  window.nonce;      tk.onload  tk.onreadystatechange  function() {        var rs  this.readyState;        if (rs && rs ! complete && rs ! loaded) return;        try { Typekit.load(TypekitConfig); } catch (e) { console.error(Typekit load error:, e); }      };      var s  document.getElementsByTagName(script)0;      s.parentNode.insertBefore(tk, s);    })();  /script>  link relshortcut icon href/favicon.ico />  !-- viewport should not have maximum-scale1 nor user-scalableno -- Accessibility rule -->  meta nameviewport contentwidthdevice-width, initial-scale1, shrink-to-fitno />  meta nametheme-color content#ffffff />  !--      manifest.json provides metadata used when your web app is installed on a      users mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/    -->  link relmanifest href/manifest.json />  !--      Notice the use of %PUBLIC_URL% in the tags above.      It will be replaced with the URL of the `public` folder during the build.      Only files inside the `public` folder can be referenced from the HTML.      Unlike /favicon.ico or favicon.ico, %PUBLIC_URL%/favicon.ico will      work correctly both with client-side routing and a non-root public URL.      Learn how to configure a non-root public URL by running `npm run build`.    -->  title>myBlueprint/title>  meta namemobile-web-app-capable contentyes>  meta nameapple-mobile-web-app-capable contentyes>  link relapple-touch-icon sizes180x180 href/apple-touch-icon.png>  link relicon typeimage/png sizes32x32 href/favicon-32x32.png>  link relicon typeimage/png sizes16x16 href/favicon-16x16.png>  link relmanifest href/manifest.json>  link relmask-icon href/safari-pinned-tab.svg>  meta http-equivx-ua-compatible contentieedge>  meta http-equivcleartype contenton>  meta namemsapplication-tap-highlight contentno>  meta nameHandheldFriendly contenttrue />  script nonce0793b1eb2ce0149081975f76ac4d5183>    window.nonce  0793b1eb2ce0149081975f76ac4d5183;  /script>  script src/regions.js>/script>  style>    @font-face {      font-family: NF_iconset;      src: url(/assets/NF_iconset-D5SdC88y.eot) format(embedded-opentype),        url(/assets/NF_iconset-COIhby4o.woff2) format(woff2),        url(/assets/NF_iconset-DN9XyGOh.woff) format(woff),        url(/assets/NF_iconset-BCgJtqZM.ttf) format(truetype);      font-weight: normal;      font-style: normal;    }  /style>  script typemodule crossorigin src/assets/index-4drK_84h.js>/script>  link relstylesheet crossorigin href/assets/index-Bia90Sef.css>/head>body>  noscript>You need to enable JavaScript to run this app./noscript>  div idroot>/div>  div idlive-region aria-liveassertive>/div>  !--      This HTML file is a template.      If you open it directly in the browser, you will see an empty page.      You can add webfonts, meta tags, or analytics to this file.      The build step will place the bundled scripts into the body> tag.      To begin the development, run `npm start` or `yarn start`.      To create a production bundle, use `npm run build` or `yarn build`.    -->/body>/html>

Subdomains

Date	Domain	IP
stubidp.50cf6aafb0dadb00.spacesedu.com	2025-12-28	172.67.73.160
admin.0d45f5fd462b8c70.spacesedu.com	2026-01-14	172.67.73.160
pathways.0d45f5fd462b8c70.spacesedu.com	2026-01-14	104.26.7.90
account.0d45f5fd462b8c70.spacesedu.com	2025-11-26	104.26.6.90
account.appreview02.spacesedu.com	2025-12-03	104.26.6.90
admin.e919a75364398a44.spacesedu.com	2025-11-27	172.67.73.160
portfolios.e919a75364398a44.spacesedu.com	2026-01-12	104.26.6.90
account.e919a75364398a44.spacesedu.com	2025-12-03	104.26.7.90
admin.9f86d081884c7d65.spacesedu.com	2025-11-26	104.26.6.90
stubidp.9f86d081884c7d65.spacesedu.com	2025-11-08	104.26.7.90
admin.ee6ec36737032857.spacesedu.com	2025-11-26	104.26.6.90
admin.ca.spacesedu.com	2026-01-09	104.26.6.90
portfolios.ca.spacesedu.com	2026-01-08	172.67.73.160
account.ca.spacesedu.com	2025-11-24	104.26.7.90
12a10db56bc9758c.spacesedu.com	2025-11-26	104.26.6.90
account.12a10db56bc9758c.spacesedu.com	2025-11-26	172.67.73.160
admin.spacesedu.com	2025-11-26	172.67.73.160
auth.app.spacesedu.com	2026-01-14	172.67.73.160
admin.app.spacesedu.com	2025-11-27	172.67.73.160
myblueprint.spacesedu.com	2025-12-15	104.26.6.90

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > pathways.0d45f5fd462b8c70.spacesedu.com

Is this malicious?

DNS Resolutions

Port 443

Subdomains