webtem.com.br
Open in
urlscan Pro
72.8.157.201
Malicious Activity!
Public Scan
Effective URL: https://webtem.com.br/gusto/bristolsso.html
Submission: On June 04 via manual from GB
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 12th 2018. Valid for: 3 months.
This is the only time webtem.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Universities (Education)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 191.252.51.68 191.252.51.68 | 27715 (Locaweb S...) (Locaweb Serviços de Internet S/A) | |
1 3 | 72.8.157.201 72.8.157.201 | 25761 (STAMINUS-...) (STAMINUS-COMM - Staminus Communications) | |
9 | 137.222.0.58 137.222.0.58 | 786 (JANET Jis...) (JANET Jisc Services Limited) | |
13 | 3 |
ASN27715 (Locaweb Serviços de Internet S/A, BR)
PTR: hm9256.locaweb.com.br
www.ieyes.com.br |
ASN25761 (STAMINUS-COMM - Staminus Communications, US)
PTR: server.vipreseller16.net
webtem.com.br |
ASN786 (JANET Jisc Services Limited, GB)
PTR: sso.bris.ac.uk
sso.bris.ac.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
bris.ac.uk
sso.bris.ac.uk |
61 KB |
3 |
webtem.com.br
1 redirects
webtem.com.br |
5 KB |
2 |
ieyes.com.br
2 redirects
www.ieyes.com.br |
404 B |
13 | 3 |
Domain | Requested by | |
---|---|---|
9 | sso.bris.ac.uk |
webtem.com.br
|
3 | webtem.com.br |
1 redirects
webtem.com.br
|
2 | www.ieyes.com.br | 2 redirects |
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bristol.ac.uk |
www.jasig.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webtem.com.br cPanel, Inc. Certification Authority |
2018-04-12 - 2018-07-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://webtem.com.br/gusto/bristolsso.html
Frame ID: 5F4C5372491C00C62B9EEA9E31095779
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.ieyes.com.br/rhine
HTTP 301
http://www.ieyes.com.br/rhine/ HTTP 302
https://webtem.com.br/gusto/ HTTP 302
https://webtem.com.br/gusto/bristolsso.html Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: A-Z index
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: JASIG Collaborative
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.ieyes.com.br/rhine
HTTP 301
http://www.ieyes.com.br/rhine/ HTTP 302
https://webtem.com.br/gusto/ HTTP 302
https://webtem.com.br/gusto/bristolsso.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
bristolsso.html
webtem.com.br/gusto/ Redirect Chain
|
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.min.js
webtem.com.br/gusto/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
sso.bris.ac.uk/sso/styles/ |
5 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
structure.css
sso.bris.ac.uk/sso/styles/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components.css
sso.bris.ac.uk/sso/styles/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso.css
sso.bris.ac.uk/sso/styles/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-uob.png
sso.bris.ac.uk/sso/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
sso.bris.ac.uk/sso/styles/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forms.css
sso.bris.ac.uk/sso/styles/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.css
sso.bris.ac.uk/sso/styles/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-uob.svg
sso.bris.ac.uk/sso/images/ |
21 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome.woff
sso.bris.ac.uk/sso/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome.ttf
sso.bris.ac.uk/sso/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sso.bris.ac.uk
- URL
- https://sso.bris.ac.uk/sso/fonts/fontawesome.woff
- Domain
- sso.bris.ac.uk
- URL
- https://sso.bris.ac.uk/sso/fonts/fontawesome.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Universities (Education)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sso.bris.ac.uk
webtem.com.br
www.ieyes.com.br
sso.bris.ac.uk
137.222.0.58
191.252.51.68
72.8.157.201
066b2c4e176fa23359591ae4d437883e0cd843991abc8e48003c716207cf1df6
324df397c7f07f6e65e97214a0f97f0649273f6586c37e192869c73481c642c9
3bd2a7b839194ff5aba26d3c46812d568dbf31f148a71dffacb4ac7b7b167f73
6cdb2e344c289203f4f8b1442fc8ce8618012452bd6e053a9ce8e619ee6e7b49
87f338d841101bb40778ebd7aef47e380f6cc4e333dcb5605d4d7fbb6fef1b51
8940aa77bcc8c1815ebb0ae5b79a3165c005549a02d0f44fdec7552d0c0c9757
a35cd97e94707d9076cc30bf03084b5e67d0f2ff96f1af6bfcf8602aa6014078
b84e00343794335061272046ff131ca2dc93cf17c4b5cb1f3f181b3c5bad8828
f639e17866c30e2f9ca560b8da50134530a6a5329dc2ccb857589fb3c20faa6b
fbd8472385496e4a62d0f7936f0f465800c68077d84823a9c36ce03dc8ff66c9