salvadorfernandez.net
Open in
urlscan Pro
46.21.192.6
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On April 27 via api from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 27th 2020. Valid for: 3 months.
This is the only time salvadorfernandez.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aruba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 46.21.192.6 46.21.192.6 | 35393 (EURO-WEB-AS) (EURO-WEB-AS) | |
7 | 62.149.188.175 62.149.188.175 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
11 | 3 |
ASN35393 (EURO-WEB-AS, FR)
PTR: web6.magiconline.es
salvadorfernandez.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
aruba.it
admin.aruba.it |
24 KB |
1 |
salvadorfernandez.net
salvadorfernandez.net |
13 KB |
0 |
arubamediamarketing.it
Failed
tracks.arubamediamarketing.it Failed visual.arubamediamarketing.it Failed |
|
11 | 3 |
Domain | Requested by | |
---|---|---|
7 | admin.aruba.it |
salvadorfernandez.net
|
1 | salvadorfernandez.net | |
0 | visual.arubamediamarketing.it Failed |
salvadorfernandez.net
|
0 | tracks.arubamediamarketing.it Failed |
salvadorfernandez.net
|
11 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
webmail.aruba.it |
hosting.aruba.it |
pagamenti.aruba.it |
rivenditori.aruba.it |
analytics.arubamediamarketing.it |
admin.aruba.it |
www.aruba.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
salvadorfernandez.net Let's Encrypt Authority X3 |
2020-03-27 - 2020-06-25 |
3 months | crt.sh |
admin.aruba.it Actalis Extended Validation Server CA G2 |
2019-03-20 - 2021-03-20 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://salvadorfernandez.net/drupal/webmail.aruba.it/Logon.html
Frame ID: 008DBBAF98492C28F02C678F44EC811A
Requests: 11 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Title: webmail
Search URL Search Domain Scan URL
Title: rinnovi
Search URL Search Domain Scan URL
Title: pagamenti
Search URL Search Domain Scan URL
Title: affiliazione
Search URL Search Domain Scan URL
Title: area clienti
Search URL Search Domain Scan URL
Title: assistenza
Search URL Search Domain Scan URL
Title: Versione precedente
Search URL Search Domain Scan URL
Title: Hai perso i dati?
Search URL Search Domain Scan URL
Title: Copyright © print_date(); 2020 Aruba S.p.A. - P.I. 01573850516 - All rights reserved
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Logon.html
salvadorfernandez.net/drupal/webmail.aruba.it/ |
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
javascript_cookies.js
admin.aruba.it/PannelloAdmin/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login.css
admin.aruba.it/PannelloAdmin/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_aruba.png
admin.aruba.it/PannelloAdmin/UI/Images/general_tmpl/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imgCaratteristicheAccesso.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ |
508 B 753 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrox_previous.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ |
338 B 583 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imgHaiPersoDati.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ |
775 B 1020 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tsends.js
tracks.arubamediamarketing.it/track/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
59b1da0be8266e06e6a75a5d0f2aa14d.js
visual.arubamediamarketing.it/cjs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
include.js
visual.arubamediamarketing.it/track/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PannelloControlloBottomLogo.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tracks.arubamediamarketing.it
- URL
- https://tracks.arubamediamarketing.it/track/tsends.js
- Domain
- visual.arubamediamarketing.it
- URL
- https://visual.arubamediamarketing.it/cjs/59b1da0be8266e06e6a75a5d0f2aa14d.js
- Domain
- visual.arubamediamarketing.it
- URL
- https://visual.arubamediamarketing.it/track/include.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aruba (Online)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| Get_Cookie function| Set_Cookie function| createCookie function| Delete_Cookie function| SetLingua function| setCaretPosition function| cda function| clickButton object| vp3_startSess object| today function| print_date number| year boolean| cookie_set string| us0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
admin.aruba.it
salvadorfernandez.net
tracks.arubamediamarketing.it
visual.arubamediamarketing.it
tracks.arubamediamarketing.it
visual.arubamediamarketing.it
46.21.192.6
62.149.188.175
2b5da352f8cac1ec98ed11f27d0d4661aac2f6473096a11bbeb636d34fd20e67
336a136d1ec7b4f2fa42ebaf724293a544b0451fa6b254778d59672d49a1ac12
399db74019a306cb82125431dbbb99137dffa0669d9b84b3cd4dded32b438f5d
8ab2d4dd46d9a7d2997be422628f891222a304e1b0c9bed486129ae6f0f9eb96
9cccb34e1743089bb7cbd1596f51dea4fe898adb1118fb7bd44c49812083182e
b1adb27a5e38c7bbbfd8712b4103eb8e405d2bca562e600c7787a214be6c99e9
b62fe5fb9f3a3a7ee7f322bc3cf1cf4cdc1d485b5d8dd8dc8395cf0d66a4b5cf
e89c0f39c5016431213a8d45f4d5f4639b2bd38af7c45711975746bbe6aef4da