francophone.port.ac.uk Open in urlscan Pro
148.197.223.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://francophone.port.ac.uk/spcm.nrn/nmdo.php
Effective URL:
https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MY...
Submission: On March 26 via manual (March 26th 2022, 9:20:21 am UTC) from ZA — Scanned from GB

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 148.197.223.3, located in Leyton, United Kingdom and belongs to JANET Jisc Services Limited, GB. The main domain is francophone.port.ac.uk.
TLS certificate: Issued by R3 on February 7th 2022. Valid for: 3 months.

This is the only time francophone.port.ac.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Capitec Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
11	148.197.223.3 148.197.223.3		786 (JANET Jis...) (JANET Jisc Services Limited)
11	1

11 148.197.223.3 (Leyton, United Kingdom)

ASN786 (JANET Jisc Services Limited, GB)
PTR: plesk-app-01.iso.port.ac.uk

francophone.port.ac.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	port.ac.uk francophone.port.ac.uk	168 KB
11	1

	Domain	Requested by
11	francophone.port.ac.uk	francophone.port.ac.uk
11	1

This site contains no links.

Subject Issuer	Validity	Valid
francophone.port.ac.uk R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN
Frame ID: 3D9FD8F21D0FCF112280DC76E5C9EC80
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Internet Banking | Capitec Bank

Page URL History Show full URLs

https://francophone.port.ac.uk/spcm.nrn/nmdo.php Page URL
https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDC... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

165 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://francophone.port.ac.uk/spcm.nrn/nmdo.php Page URL
https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	nmdo.php francophone.port.ac.uk/spcm.nrn/	193 B 585 B	471ms 197ms	Document text/html	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/nmdo.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PHP/7.3.25 PleskLin Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Response headers Server nginx Date Sat, 26 Mar 2022 09:20:14 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.3.25 PleskLin Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache
GET H/1.1	200 OK	Primary Request login.php Show response francophone.port.ac.uk/spcm.nrn/	5 KB 6 KB	98ms 98ms	Document text/html	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/nmdo.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PHP/7.3.25 PleskLin Resource Hash `2b17f7d761454bebb97e63c188f5466b6f1dae91db51f012377bb7aec8d1de1d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://francophone.port.ac.uk/spcm.nrn/nmdo.php Response headers Server nginx Date Sat, 26 Mar 2022 09:20:14 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.3.25 PleskLin
GET H/1.1	200 OK	default-3.css francophone.port.ac.uk/spcm.nrn/media/	55 KB 55 KB	70ms 69ms	Stylesheet text/css	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/media/default-3.css Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `1b6b1768c7ee00bf3afca60846d41ff2179cbffa4480d69c4489a594875aee6f` Request headers Accept-Language en-GB,en;q=0.9 Referer https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:13:38 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b682-db35" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 56117
GET H/1.1	200 OK	jquery-ui-1.css francophone.port.ac.uk/spcm.nrn/media/	15 KB 15 KB	139ms 70ms	Stylesheet text/css	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/media/jquery-ui-1.css Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `5ab3bdd9053cf5c0fd9e8ba2f2ca40ea94267641703a03b3f2d5bc3df396af10` Request headers Accept-Language en-GB,en;q=0.9 Referer https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:13:04 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b660-3b2a" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 15146
GET H/1.1	200 OK	default.css francophone.port.ac.uk/spcm.nrn/media/	8 KB 9 KB	109ms 37ms	Stylesheet text/css	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/media/default.css Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `19114971dea3044fffbf058dc53e164d97d34ba69fae379c27d39c7829626b39` Request headers Accept-Language en-GB,en;q=0.9 Referer https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:13:28 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b678-21ae" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 8622
GET H/1.1	200 OK	logo_main.webp francophone.port.ac.uk/spcm.nrn/media/	5 KB 6 KB	35ms 35ms	Image audio/unknown	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Show image Full URL https://francophone.port.ac.uk/spcm.nrn/media/logo_main.webp Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `ddcb02d35e0a32c62943f94db483c06a925c6d5368e0be0297104b15a71eaee7` Request headers Accept-Language en-GB,en;q=0.9 Referer https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:12:16 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b630-1584" Content-Type audio/unknown Connection keep-alive Accept-Ranges bytes Content-Length 5508
GET H/1.1	200 OK	proceed.webp francophone.port.ac.uk/spcm.nrn/media/	184 B 477 B	36ms 35ms	Image audio/unknown	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Show image Full URL https://francophone.port.ac.uk/spcm.nrn/media/proceed.webp Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `d6bc5510d261bdb163aa135c47efd14d172dae54330f8da615a12ff79c0d1e49` Request headers Accept-Language en-GB,en;q=0.9 Referer https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT ETag "51a808-b8-5b68081f5ec00" Last-Modified Tue, 15 Dec 2020 13:12:16 GMT Server nginx X-Powered-By PleskLin Content-Type audio/unknown X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 184
GET H/1.1	200 OK	SSL-certificate-seal-ssl-animated.webp francophone.port.ac.uk/spcm.nrn/media/	2 KB 2 KB	41ms 41ms	Image audio/unknown	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Show image Full URL https://francophone.port.ac.uk/spcm.nrn/media/SSL-certificate-seal-ssl-animated.webp Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `522b3471d47a908987b3c759702d605b071f577160db626fb82d804e5a02231c` Request headers Accept-Language en-GB,en;q=0.9 Referer https://francophone.port.ac.uk/spcm.nrn/login.php?session_id=0UbTHqQmfn08j1kwKU4Yhdk9z3yrJr06L6vjQGFJWMrWDClKwxhwl8a4tIGQqv39MYMtYNLGtAzlWotN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:12:16 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b630-83a" Content-Type audio/unknown Connection keep-alive Accept-Ranges bytes Content-Length 2106
GET H/1.1	200 OK	flama-basic-webfont.woff francophone.port.ac.uk/spcm.nrn/media/	26 KB 26 KB	37ms 37ms	Font application/octet-stream	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/media/flama-basic-webfont.woff Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/media/default-3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `8ff5a4879abd8e55115c1c18a45e6d88c821916f0f376a13c5e084ea898ea9b6` Request headers Referer https://francophone.port.ac.uk/spcm.nrn/media/default-3.css Origin https://francophone.port.ac.uk Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:12:30 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b63e-6800" Content-Type text/plain Connection keep-alive Accept-Ranges bytes Content-Length 26624
GET H/1.1	200 OK	flama-book-webfont.woff francophone.port.ac.uk/spcm.nrn/media/	26 KB 26 KB	110ms 81ms	Font application/octet-stream	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/media/flama-book-webfont.woff Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/media/default-3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `8ff5a4879abd8e55115c1c18a45e6d88c821916f0f376a13c5e084ea898ea9b6` Request headers Referer https://francophone.port.ac.uk/spcm.nrn/media/default-3.css Origin https://francophone.port.ac.uk Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:12:36 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b644-6800" Content-Type text/plain Connection keep-alive Accept-Ranges bytes Content-Length 26624
GET H/1.1	200 OK	flama-light-webfont.woff francophone.port.ac.uk/spcm.nrn/media/	22 KB 22 KB	82ms 45ms	Font application/octet-stream	148.197.223.3 JANET Jisc Servic...
General Check archive.org Show headers Download Go to Full URL https://francophone.port.ac.uk/spcm.nrn/media/flama-light-webfont.woff Requested by Host: francophone.port.ac.uk URL: https://francophone.port.ac.uk/spcm.nrn/media/default-3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.197.223.3 Leyton, United Kingdom, ASN786 (JANET Jisc Services Limited, GB), Reverse DNS plesk-app-01.iso.port.ac.uk Software nginx / PleskLin Resource Hash `42ee73b97ca513aa2896efae9044db4e2ce52d72006fe8528d8606411073c4e8` Request headers Referer https://francophone.port.ac.uk/spcm.nrn/media/default-3.css Origin https://francophone.port.ac.uk Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 09:20:15 GMT Last-Modified Tue, 15 Dec 2020 13:12:42 GMT Server nginx X-Powered-By PleskLin ETag "5fd8b64a-57fc" Content-Type text/plain Connection keep-alive Accept-Ranges bytes Content-Length 22524

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Capitec Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| check

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			francophone.port.ac.uk/	1969-12-31 23:59:59	Name: PHPSESSID Value: fu2e852ao6roi2nikqqdojelse

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

francophone.port.ac.uk
148.197.223.3
19114971dea3044fffbf058dc53e164d97d34ba69fae379c27d39c7829626b39
1b6b1768c7ee00bf3afca60846d41ff2179cbffa4480d69c4489a594875aee6f
2b17f7d761454bebb97e63c188f5466b6f1dae91db51f012377bb7aec8d1de1d
42ee73b97ca513aa2896efae9044db4e2ce52d72006fe8528d8606411073c4e8
522b3471d47a908987b3c759702d605b071f577160db626fb82d804e5a02231c
5ab3bdd9053cf5c0fd9e8ba2f2ca40ea94267641703a03b3f2d5bc3df396af10
8ff5a4879abd8e55115c1c18a45e6d88c821916f0f376a13c5e084ea898ea9b6
d6bc5510d261bdb163aa135c47efd14d172dae54330f8da615a12ff79c0d1e49
ddcb02d35e0a32c62943f94db483c06a925c6d5368e0be0297104b15a71eaee7

francophone.port.ac.uk Open in urlscan Pro 148.197.223.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

168 kBTransfer

165 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

francophone.port.ac.uk Open in urlscan Pro
148.197.223.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

165 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!