ebiblica.com.br
Open in
urlscan Pro
192.185.214.109
Malicious Activity!
Public Scan
Submission: On July 28 via manual from US
Summary
This is the only time ebiblica.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ADP (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.185.214.109 192.185.214.109 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
10 | 170.146.93.123 170.146.93.123 | 14299 (ADP1) (ADP1 - Automatic Data Processing) | |
1 | 69.63.133.132 69.63.133.132 | 22903 (EDGE-HOSTING) (EDGE-HOSTING - Databank Holdings) | |
23 | 4 |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: br90-ip04.hostgator.com.br
ebiblica.com.br |
ASN14299 (ADP1 - Automatic Data Processing, Inc., US)
online.adp.com |
ASN22903 (EDGE-HOSTING - Databank Holdings, Ltd, US)
PTR: beyondtheproject.com
www.recruiter.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
adp.com
online.adp.com |
545 KB |
1 |
recruiter.com
www.recruiter.com |
22 KB |
1 |
ebiblica.com.br
ebiblica.com.br |
3 KB |
23 | 3 |
Domain | Requested by | |
---|---|---|
10 | online.adp.com |
ebiblica.com.br
|
1 | www.recruiter.com |
ebiblica.com.br
|
1 | ebiblica.com.br | |
23 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
portal.adp.com |
netsecure.adp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
online.adp.com DigiCert SHA2 Extended Validation Server CA |
2018-05-04 - 2020-06-20 |
2 years | crt.sh |
www.recruiter.com DigiCert SHA2 Extended Validation Server CA |
2017-09-20 - 2019-09-25 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://ebiblica.com.br/_t/adp/
Frame ID: 6674E9B9F2F20FA960DEDE884C99E5AD
Requests: 23 HTTP requests in this frame
Screenshot
Detected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- script /angular.*\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Administrator Sign In
Search URL Search Domain Scan URL
Title: Forgot your user ID/password?
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
ebiblica.com.br/_t/adp/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
online.adp.com/portal/inc/css/lib/fontawesome/css/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
online.adp.com/portal/inc/css/ |
132 KB 133 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popovers.css
online.adp.com/portal/inc/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inline-messages.css
online.adp.com/portal/inc/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
online.adp.com/portal/inc/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adp-logo.png
www.recruiter.com/i/wp-content/uploads/2014/04/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular-translate-loader-static-files.min.js
online.adp.com/portal/inc/js/lib/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
online.adp.com/portal/inc/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
online.adp.com/portal/inc/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inline-message-directive.js
online.adp.com/portal/inc/js/vdl/directives/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-image-login.jpeg
online.adp.com/portal/inc/images/ |
365 KB 365 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-regular-webfont.woff
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-light-webfont.woff
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.woff
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.woff2
online.adp.com/portal/inc/css/lib/fontawesome/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-lightitalic-webfont.woff
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-regular-webfont.ttf
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-light-webfont.ttf
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.ttf
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.woff
online.adp.com/portal/inc/css/lib/fontawesome/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-lightitalic-webfont.ttf
online.adp.com/portal/inc/fonts/ProximaNova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.ttf
online.adp.com/portal/inc/css/lib/fontawesome/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-regular-webfont.woff
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-light-webfont.woff
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-semibold-webfont.woff
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/css/lib/fontawesome/fonts/fontawesome-webfont.woff2?v=4.5.0
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-lightitalic-webfont.woff
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-regular-webfont.ttf
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-light-webfont.ttf
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-semibold-webfont.ttf
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/css/lib/fontawesome/fonts/fontawesome-webfont.woff?v=4.5.0
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/fonts/ProximaNova/proximanova-lightitalic-webfont.ttf
- Domain
- online.adp.com
- URL
- https://online.adp.com/portal/inc/css/lib/fontawesome/fonts/fontawesome-webfont.ttf?v=4.5.0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ADP (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask undefined| config_module undefined| loginPageApp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ebiblica.com.br
online.adp.com
www.recruiter.com
online.adp.com
170.146.93.123
192.185.214.109
69.63.133.132
05aa0928fb2a252fc907554dda7502c9bfe960726fc162406b7cde4369566623
18343a68db96926f19619b89852b85b67c8b31cde1785f5afd056ded4c1837c2
2734707516a1954503b50bad3f19549d93d7a1a535e5cec9513e122081eae285
34f54abc6ebf815099be337740860286d8e5c62dc166a8676f106289bbd28fae
42790181e22b54e71756fda0d7fee6025720d252e4af5cf5757fe04e7759916e
43633360b2411a35043840d764e0c8e81702a37b8b6967944f964089e8a95eaa
456db7cb821b944a5a745c6717ae2f0f69f60a6684a544d7ed863b8cd1ff1fd9
517b26488e36c0bb4679b4ca0f8a8625c3dd870810898d3b0bdf87f754d1156d
561692964d3ce6b21ed89efdc81de1040f68fe3c4480d0d653edc2323f49c15e
6bffeaa1fe8693d3b95dc35a5e8c6606e1a826a9e7258e7edf07eee781132a3a
8ee57f30f15403cd2dc4a45a1fb90992feeb33d81aa790a68f8b13593a542242
b4d6b22089928a2b989f6f596c10c26ffaa7b71fb20a4125fde64ab1d3b43cd5