blog.colegiosantorini.com.br
Open in
urlscan Pro
34.195.4.75
Malicious Activity!
Public Scan
Submission: On October 20 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 18th 2020. Valid for: 3 months.
This is the only time blog.colegiosantorini.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 34.195.4.75 34.195.4.75 | 14618 (AMAZON-AES) (AMAZON-AES) | |
11 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-4-75.compute-1.amazonaws.com
blog.colegiosantorini.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
colegiosantorini.com.br
blog.colegiosantorini.com.br |
3 MB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | blog.colegiosantorini.com.br |
blog.colegiosantorini.com.br
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
blog.colegiosantorini.com.br Let's Encrypt Authority X3 |
2020-09-18 - 2020-12-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://blog.colegiosantorini.com.br/documents/login.html
Frame ID: 45E4D1EF5354D054F8679D329C02F12D
Requests: 11 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.html
blog.colegiosantorini.com.br/documents/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
blog.colegiosantorini.com.br/documents/nub/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
blog.colegiosantorini.com.br/documents/nub/ |
1 KB 872 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo1.png
blog.colegiosantorini.com.br/documents/nub/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo2.png
blog.colegiosantorini.com.br/documents/nub/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo3.png
blog.colegiosantorini.com.br/documents/nub/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo4.png
blog.colegiosantorini.com.br/documents/nub/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo5.png
blog.colegiosantorini.com.br/documents/nub/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js.download
blog.colegiosantorini.com.br/documents/nub/ |
85 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
docusign1.png
blog.colegiosantorini.com.br/documents/nub/ |
3 MB 3 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jjJuhm3lvFYMJ8GovtebC-cCvKlFVfKzD2q61MfOV8qDhSzNo4w5e_e2oBP2g_pjJnCHxM57E1E-DYeCbVgMCJiEMzW7wlNktVAFnnGto_M1LGGSMIWIFrz2A47RV2NJf3fq9TCpCVzJYSJVF9xejvoCH9H8ksioDsRJth72kCnYsLAe5GXh9OY2XJGX4ehckNELI...
blog.colegiosantorini.com.br/styles/preview/ |
13 KB 14 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| window_opener_xc function| get_extra_data function| GetURLParameter0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blog.colegiosantorini.com.br
34.195.4.75
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
5fb29eff1488ca11efddee01dd5242631c8e55301c6985eaff76a31ba8ba22de
854d432f9b0c844bc570fb9c28f06d5cbbf26fc335b65ea3ea1f05b484868be1
93533e414145ef54c012180eed8b66d126ab012590609df343457e20dbecafa6
9467699ba7c5e1997029e2564a6b6e7372ab97690cf1617e0209f480c53325bf
a0acd1ab78171344d9d11515e21f5b2e57dd2a30fb9e7f87edac94cf8a0cda09
ae75a2242d6432713c3650d542b86257c96762df54db32706d894d1f7f5be746
aeb40ef0c93305b3c0451c7958e4b124e4b8c47b905b441aaf7d6544b2c7a72e
b3aab687b46553a025f75c78be81c2fd6160e15cf002cce54f151ca16a173f97
cc4dec47322c67936c087a48748e483a681518c6ff99ef1f210fcf248e9ecbd3
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c