www.webmin.com Open in urlscan Pro
216.105.38.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.webmin.com/exploit.html
Effective URL:
https://www.webmin.com/exploit.html
Submission: On September 07 via manual (September 7th 2022, 6:43:50 am UTC) from SG — Scanned from DE

Summary HTTP 12 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 12 HTTP transactions. The main IP is 216.105.38.11, located in Lake Elsinore, United States and belongs to AIS-WEST, US. The main domain is www.webmin.com. The Cisco Umbrella rank of the primary domain is 773212.
TLS certificate: Issued by R3 on August 27th 2022. Valid for: 3 months.

This is the only time www.webmin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	216.105.38.11 216.105.38.11	6130 (AIS-WEST) (AIS-WEST)
1	172.64.153.13 172.64.153.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

10 216.105.38.11 (Lake Elsinore, United States) 1 redirects

ASN6130 (AIS-WEST, US)
PTR: secureprojects.sourceforge.net

www.webmin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.13 (United States)

ASN13335 (CLOUDFLARENET, US)

sourceforge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	webmin.com 1 redirects www.webmin.com — Cisco Umbrella Rank: 773212	26 KB
1	sourceforge.net sourceforge.net — Cisco Umbrella Rank: 30771	1 KB
0	google-analytics.com Failed www.google-analytics.com Failed
0	facebook.net Failed connect.facebook.net Failed
12	4

	Domain	Requested by
10	www.webmin.com	1 redirects www.webmin.com
1	sourceforge.net	www.webmin.com
0	www.google-analytics.com Failed	www.webmin.com
0	connect.facebook.net Failed	www.webmin.com
12	4

This site contains links to these domains. Also see Links.

Domain
prdownloads.sourceforge.net
doxfer.webmin.com
github.com
www.virtualmin.com
www.styleshout.com
sourceforge.net

Subject Issuer	Validity	Valid
secureprojects.sourceforge.net R3	`2022-08-27` - `2022-11-25`	3 months	crt.sh
sourceforge.net Cloudflare Inc ECC CA-3	`2022-07-29` - `2022-10-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.webmin.com/exploit.html
Frame ID: D26A96B830B7AE0EE059038645127BF4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmin

Page URL History Show full URLs

http://www.webmin.com/exploit.html HTTP 301
https://www.webmin.com/exploit.html Page URL

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

27 kB
Transfer

34 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://prdownloads.sourceforge.net/webadmin/webmin-2.000-1.noarch.rpm
Title: RPM

Search URL Search Domain Scan URL

URL: http://prdownloads.sourceforge.net/webadmin/webmin_2.000_all.deb
Title: Debian Package

Search URL Search Domain Scan URL

URL: http://prdownloads.sourceforge.net/webadmin/webmin-2.000.tar.gz
Title: TAR file

Search URL Search Domain Scan URL

URL: http://prdownloads.sourceforge.net/webadmin/webmin-2.000.pkg.gz
Title: Solaris Package

Search URL Search Domain Scan URL

URL: http://doxfer.webmin.com/Webmin/Modules
Title: Module Documentation

Search URL Search Domain Scan URL

URL: http://github.com/webmin/webmin/commits/master
Title: Recent Changes in Git

Search URL Search Domain Scan URL

URL: http://www.virtualmin.com/
Title: Virtualmin Pro

Search URL Search Domain Scan URL

URL: http://www.styleshout.com/
Title: StyleShout

Search URL Search Domain Scan URL

URL: http://sourceforge.net/projects/webadmin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.webmin.com/exploit.html HTTP 301
https://www.webmin.com/exploit.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request exploit.html Show response www.webmin.com/ Redirect Chain http://www.webmin.com/exploit.html https://www.webmin.com/exploit.html	7 KB 3 KB	4902ms 4579ms	Document text/html	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Full URL https://www.webmin.com/exploit.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `c047f801410ca75e0c260c6d602bc41e92bad4b0e705b7243f66b727861e5da6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=3600 content-encoding gzip content-type text/html date Wed, 07 Sep 2022 06:43:49 GMT expires Wed, 07 Sep 2022 07:43:43 GMT server nginx vary Accept-Encoding Host,X-Forwarded-Proto Accept-Encoding x-from sfp-ioweb-1 Redirect headers Cache-Control max-age=3600 Connection keep-alive Content-Length 243 Content-Type text/html; charset=iso-8859-1 Date Wed, 07 Sep 2022 06:43:44 GMT Expires Wed, 07 Sep 2022 07:43:37 GMT Location https://www.webmin.com/exploit.html Server nginx Vary Accept-Encoding
GET H2	200	Refresh.css www.webmin.com/images/	7 KB 3 KB	159ms 158ms	Stylesheet text/css	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Full URL https://www.webmin.com/images/Refresh.css Requested by Host: www.webmin.com URL: https://www.webmin.com/exploit.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `9773943129cf7a4b76994abf33c6e367774d63d3dd43023565d1d9453ac515be` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/exploit.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:49 GMT content-encoding gzip last-modified Tue, 09 Oct 2007 16:03:00 GMT server nginx etag W/"1d5d-43c1180cef500" vary Accept-Encoding, Host,X-Forwarded-Proto, Accept-Encoding content-type text/css cache-control max-age=86400 x-from sfp-ioweb-2 expires Wed, 07 Sep 2022 20:35:57 GMT
GET H2	200	sflogo.php sourceforge.net/	771 B 1 KB	241ms 200ms	Image image/png	172.64.153.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sourceforge.net/sflogo.php?group_id=17457 Requested by Host: www.webmin.com URL: https://www.webmin.com/exploit.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.153.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ce9e8b1abf4182d4e0399da8e6b8e8e3251bf8f5595cd8b47384f5bee3baedea` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 07 Sep 2022 06:43:49 GMT cf-cache-status DYNAMIC last-modified Tue, 06 Oct 2020 00:53:35 GMT server cloudflare etag "5f7bc00f-303" content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin accept-ranges bytes cf-ray 746d78ec5af69b40-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 771
GET		all.js connect.facebook.net/en_US/	0 0

GET		urchin.js www.google-analytics.com/	0 0

GET H2	200	content.jpg www.webmin.com/images/	412 B 657 B	158ms 157ms	Image image/jpeg	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmin.com/images/content.jpg Requested by Host: www.webmin.com URL: https://www.webmin.com/images/Refresh.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `35514dd4bcb7f1c277194b26d79992e65a543ece5ba53944c5d487de6b733aba` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/images/Refresh.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:50 GMT last-modified Tue, 20 Mar 2007 18:18:56 GMT server nginx etag "19c-42c1fbd288400" vary Host,X-Forwarded-Proto, Accept-Encoding content-type image/jpeg cache-control max-age=259200 x-from sfp-ioweb-2 accept-ranges bytes content-length 412 expires Fri, 09 Sep 2022 20:36:00 GMT
GET H2	200	header-logo.jpg www.webmin.com/images/	15 KB 15 KB	314ms 313ms	Image image/jpeg	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmin.com/images/header-logo.jpg Requested by Host: www.webmin.com URL: https://www.webmin.com/images/Refresh.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `48a4f446b1f48e97263c26cccd1166d4b4fcbb2f96b6dc85bcb35bd3b43ced32` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/images/Refresh.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:50 GMT last-modified Tue, 09 Oct 2007 16:03:01 GMT server nginx etag "3afb-43c1180de3740" vary Host,X-Forwarded-Proto, Accept-Encoding content-type image/jpeg cache-control max-age=259200 x-from sfp-ioweb-3 accept-ranges bytes content-length 15099 expires Fri, 09 Sep 2022 20:35:53 GMT
GET H2	200	headerbg.gif www.webmin.com/images/	176 B 419 B	312ms 311ms	Image image/gif	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmin.com/images/headerbg.gif Requested by Host: www.webmin.com URL: https://www.webmin.com/images/Refresh.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `2fd3896b941663c59033aab512c09ff0be181295071e8073640e9f118f655f4e` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/images/Refresh.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:50 GMT last-modified Tue, 20 Mar 2007 18:18:57 GMT server nginx etag "b0-42c1fbd37c640" vary Host,X-Forwarded-Proto, Accept-Encoding content-type image/gif cache-control max-age=259200 x-from sfp-ioweb-2 accept-ranges bytes content-length 176 expires Fri, 09 Sep 2022 20:36:00 GMT
GET H2	200	menu.jpg www.webmin.com/images/	507 B 752 B	312ms 311ms	Image image/jpeg	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmin.com/images/menu.jpg Requested by Host: www.webmin.com URL: https://www.webmin.com/images/Refresh.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `71e593baa6601b6ece45749c41006bec402a96758557fca0448b0407812bfcf4` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/images/Refresh.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:50 GMT last-modified Tue, 20 Mar 2007 18:18:57 GMT server nginx etag "1fb-42c1fbd37c640" vary Host,X-Forwarded-Proto, Accept-Encoding content-type image/jpeg cache-control max-age=259200 x-from sfp-ioweb-3 accept-ranges bytes content-length 507 expires Fri, 09 Sep 2022 20:35:53 GMT
GET H2	200	go.gif www.webmin.com/images/	233 B 476 B	312ms 312ms	Image image/gif	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmin.com/images/go.gif Requested by Host: www.webmin.com URL: https://www.webmin.com/images/Refresh.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `efb208bb3a8c155918b4a085f28a8eeb78f4610a65b0d3a669d23837af284041` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/images/Refresh.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:50 GMT last-modified Tue, 20 Mar 2007 18:18:56 GMT server nginx etag "e9-42c1fbd288400" vary Host,X-Forwarded-Proto, Accept-Encoding content-type image/gif cache-control max-age=259200 x-from sfp-ioweb-2 accept-ranges bytes content-length 233 expires Fri, 09 Sep 2022 20:36:00 GMT
GET H2	200	square-green.png www.webmin.com/images/	193 B 436 B	312ms 311ms	Image image/png	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmin.com/images/square-green.png Requested by Host: www.webmin.com URL: https://www.webmin.com/images/Refresh.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `bfd41f5778b0a73f58de08d796a0b841d3eb27d618d2f8269dd8c590ccc3bafd` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/images/Refresh.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:50 GMT last-modified Tue, 20 Mar 2007 18:18:57 GMT server nginx etag "c1-42c1fbd37c640" vary Host,X-Forwarded-Proto, Accept-Encoding content-type image/png cache-control max-age=259200 x-from sfp-ioweb-3 accept-ranges bytes content-length 193 expires Fri, 09 Sep 2022 20:35:53 GMT
GET H2	200	footer.jpg www.webmin.com/images/	2 KB 2 KB	312ms 312ms	Image image/jpeg	216.105.38.11 AIS-WEST
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmin.com/images/footer.jpg Requested by Host: www.webmin.com URL: https://www.webmin.com/images/Refresh.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.105.38.11 Lake Elsinore, United States, ASN6130 (AIS-WEST, US), Reverse DNS secureprojects.sourceforge.net Software nginx / Resource Hash `0663a780ab072dd3709af255b95d1c4849663f581415bfe641b6410ed7199455` Request headers accept-language de-DE,de;q=0.9 Referer https://www.webmin.com/images/Refresh.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 06:43:50 GMT last-modified Tue, 20 Mar 2007 18:18:56 GMT server nginx etag "8df-42c1fbd288400" vary Host,X-Forwarded-Proto, Accept-Encoding content-type image/jpeg cache-control max-age=259200 x-from sfp-ioweb-2 accept-ranges bytes content-length 2271 expires Fri, 09 Sep 2022 20:36:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/urchin.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.webmin.com/exploit.html Message: Mixed Content: The page at 'https://www.webmin.com/exploit.html' was loaded over HTTPS, but requested an insecure element 'http://sourceforge.net/sflogo.php?group_id=17457'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.webmin.com/exploit.html(Line 27) Message: Mixed Content: The page at 'https://www.webmin.com/exploit.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.google.com/search'. This endpoint should be made available over a secure connection.
security	error	URL: https://www.webmin.com/exploit.html Message: Mixed Content: The page at 'https://www.webmin.com/exploit.html' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_US/all.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.webmin.com/exploit.html(Line 206) Message: Mixed Content: The page at 'https://www.webmin.com/exploit.html' was loaded over HTTPS, but requested an insecure element 'http://sourceforge.net/sflogo.php?group_id=17457'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.webmin.com/exploit.html Message: Mixed Content: The page at 'https://www.webmin.com/exploit.html' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/urchin.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
sourceforge.net
www.google-analytics.com
www.webmin.com
connect.facebook.net
www.google-analytics.com
172.64.153.13
216.105.38.11
0663a780ab072dd3709af255b95d1c4849663f581415bfe641b6410ed7199455
2fd3896b941663c59033aab512c09ff0be181295071e8073640e9f118f655f4e
35514dd4bcb7f1c277194b26d79992e65a543ece5ba53944c5d487de6b733aba
48a4f446b1f48e97263c26cccd1166d4b4fcbb2f96b6dc85bcb35bd3b43ced32
71e593baa6601b6ece45749c41006bec402a96758557fca0448b0407812bfcf4
9773943129cf7a4b76994abf33c6e367774d63d3dd43023565d1d9453ac515be
bfd41f5778b0a73f58de08d796a0b841d3eb27d618d2f8269dd8c590ccc3bafd
c047f801410ca75e0c260c6d602bc41e92bad4b0e705b7243f66b727861e5da6
ce9e8b1abf4182d4e0399da8e6b8e8e3251bf8f5595cd8b47384f5bee3baedea
efb208bb3a8c155918b4a085f28a8eeb78f4610a65b0d3a669d23837af284041

www.webmin.com Open in urlscan Pro 216.105.38.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

83 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

27 kBTransfer

34 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

www.webmin.com Open in urlscan Pro
216.105.38.11 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

27 kB
Transfer

34 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions