westindustrial.com.br Open in urlscan Pro
162.241.2.82 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/iq3f34xo1R
Effective URL:
https://westindustrial.com.br/
Submission: On April 09 via automatic, source phishtank (April 9th 2024, 10:50:43 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 162.241.2.82, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is westindustrial.com.br.
TLS certificate: Issued by R3 on March 13th 2024. Valid for: 3 months.

This is the only time westindustrial.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Disney (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
9	162.241.2.82 162.241.2.82	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
10	2

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.241.2.82 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-2-82.unifiedlayer.com

westindustrial.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	westindustrial.com.br westindustrial.com.br	204 KB
1	t.co t.co — Cisco Umbrella Rank: 794	547 B
10	2

	Domain	Requested by
9	westindustrial.com.br	t.co westindustrial.com.br
1	t.co
10	2

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
westindustrial.com.br R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://westindustrial.com.br/
Frame ID: F69AF3C40274AC252B81A0E5150DF654
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in | Disney+

Page URL History Show full URLs

https://t.co/iq3f34xo1R Page URL
https://westindustrial.com.br/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

205 kB
Transfer

498 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/iq3f34xo1R Page URL
https://westindustrial.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 iq3f34xo1R
t.co/ 245 B
547 B 245ms
163ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/iq3f34xo1R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 175
content-type: text/html; charset=utf-8
date: Tue, 09 Apr 2024 22:50:37 GMT
expires: Tue, 09 Apr 2024 22:55:38 GMT
perf: 7469935968
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: d71fa147dac2c6f9cc17df51c9d9201e9c1a51121614b23e695588f3a5db2653
x-response-time: 123
x-transaction-id: ce65ff3198f85b1b
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
westindustrial.com.br/ 7 KB
2 KB 931ms
403ms Document
text/html 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://westindustrial.com.br/
Requested by: Host: t.co
URL: https://t.co/iq3f34xo1R
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 81e3c34be0c690fe9ecfccce2977461f5ad55baf2f1997513f72aea40c13ce18

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 2148
content-type: text/html; charset=UTF-8
date: Tue, 09 Apr 2024 22:50:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding

GET
H2 200 app_styles_bundle.css
westindustrial.com.br/style/ 298 KB
63 KB 308ms
307ms Stylesheet
text/css 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://westindustrial.com.br/style/app_styles_bundle.css
Requested by: Host: westindustrial.com.br
URL: https://westindustrial.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 0029f1286a69af2513ce3bc9b9818f73b1dae86d6e69e6190e32e8ceb20404d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 08:30:18 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 main.css
westindustrial.com.br/style/ 29 KB
5 KB 306ms
306ms Stylesheet
text/css 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://westindustrial.com.br/style/main.css
Requested by: Host: westindustrial.com.br
URL: https://westindustrial.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 7f969dfd78c9a121df069f10e78d4b6072b83276a27f0908041db9a2fb46967f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 14:21:58 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5446

GET
H2 200 react.css
westindustrial.com.br/style/ 40 KB
9 KB 454ms
453ms Stylesheet
text/css 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://westindustrial.com.br/style/react.css
Requested by: Host: westindustrial.com.br
URL: https://westindustrial.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 5acc14f1488930083712f8ed8aa2a253d377a7b46112509ab3b6fdea19908aca

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 07:50:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 9111

GET
H2 200 icon-loader-32@3x.png
westindustrial.com.br/img/ 4 KB
5 KB 158ms
158ms Image
image/png 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westindustrial.com.br/img/icon-loader-32@3x.png
Requested by: Host: westindustrial.com.br
URL: https://westindustrial.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 23248741c76ca3d003122a50aacffd608d0d568c7048b296ef73a1ec1ca59c5d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:39 GMT
last-modified: Sat, 10 Apr 2021 14:41:06 GMT
server: Apache
accept-ranges: bytes
content-length: 4567
content-type: image/png

GET
H2 200 logo.svg
westindustrial.com.br/img/ico/ 7 KB
7 KB 159ms
159ms Image
image/svg+xml 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westindustrial.com.br/img/ico/logo.svg
Requested by: Host: westindustrial.com.br
URL: https://westindustrial.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:39 GMT
last-modified: Mon, 12 Apr 2021 08:35:04 GMT
server: Apache
accept-ranges: bytes
content-length: 6973
content-type: image/svg+xml

GET
H2 200 Avenir-Heavy-05.woff
westindustrial.com.br/fonts/ 56 KB
56 KB 160ms
160ms Font
font/woff 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://westindustrial.com.br/fonts/Avenir-Heavy-05.woff
Requested by: Host: westindustrial.com.br
URL: https://westindustrial.com.br/style/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 1920ca5153bc2ae87e17795a12ac5835113513b922c95d0bf44ee026200b8631

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/style/main.css
Origin: https://westindustrial.com.br
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:40 GMT
last-modified: Sat, 10 Apr 2021 14:41:06 GMT
server: Apache
accept-ranges: bytes
content-length: 57168
content-type: font/woff

GET
H2 200 Avenir-Roman-12.woff
westindustrial.com.br/fonts/ 42 KB
42 KB 159ms
159ms Font
font/woff 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://westindustrial.com.br/fonts/Avenir-Roman-12.woff
Requested by: Host: westindustrial.com.br
URL: https://westindustrial.com.br/style/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 4442cba812240f56b7adde799c1a97c7970875d0d01cbf1c5667e25c6beed2cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/style/main.css
Origin: https://westindustrial.com.br
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:40 GMT
last-modified: Sat, 10 Apr 2021 14:41:06 GMT
server: Apache
accept-ranges: bytes
content-length: 43112
content-type: font/woff

GET
H2 200 favicon.ico
westindustrial.com.br/img/ico/ 15 KB
15 KB 160ms
159ms Other
image/x-icon 162.241.2.82
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://westindustrial.com.br/img/ico/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.2.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-2-82.unifiedlayer.com
Software: Apache /
Resource Hash: 7eaa3c222fc74a9373920a76abaa8ec5862c81445daa303af03d9f73230f2ab4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://westindustrial.com.br/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 22:50:40 GMT
last-modified: Sat, 10 Apr 2021 14:41:06 GMT
server: Apache
content-type: image/x-icon
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15086
expires: Tue, 16 Apr 2024 22:50:40 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Disney (Entertainment)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t.co/	1970-01-21 05:15:17	Name: muc Value: 36955c2a-9c78-4e02-a84c-fbb576766f2c
			westindustrial.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: e2fc9cdec474024b705c26d96540b60c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.co
westindustrial.com.br
104.244.42.197
162.241.2.82
0029f1286a69af2513ce3bc9b9818f73b1dae86d6e69e6190e32e8ceb20404d8
1920ca5153bc2ae87e17795a12ac5835113513b922c95d0bf44ee026200b8631
23248741c76ca3d003122a50aacffd608d0d568c7048b296ef73a1ec1ca59c5d
4442cba812240f56b7adde799c1a97c7970875d0d01cbf1c5667e25c6beed2cf
5acc14f1488930083712f8ed8aa2a253d377a7b46112509ab3b6fdea19908aca
6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554
7eaa3c222fc74a9373920a76abaa8ec5862c81445daa303af03d9f73230f2ab4
7f969dfd78c9a121df069f10e78d4b6072b83276a27f0908041db9a2fb46967f
81e3c34be0c690fe9ecfccce2977461f5ad55baf2f1997513f72aea40c13ce18

westindustrial.com.br Open in urlscan Pro 162.241.2.82 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

205 kBTransfer

498 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

westindustrial.com.br Open in urlscan Pro
162.241.2.82 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

205 kB
Transfer

498 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!