aronwebsolutions.com Open in urlscan Pro
68.66.226.75 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aronwebsolutions.com/0fflink/
Effective URL:
https://aronwebsolutions.com/0fflink/0fflink.php
Submission: On September 26 via manual (September 26th 2021, 11:09:14 pm UTC) from NG — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 68.66.226.75, located in United States and belongs to A2HOSTING, US. The main domain is aronwebsolutions.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 1st 2021. Valid for: 3 months.

This is the only time aronwebsolutions.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 13	68.66.226.75 68.66.226.75	55293 (A2HOSTING) (A2HOSTING)
2	2606:4700:303... 2606:4700:3030::6815:5183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

13 68.66.226.75 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: az1-ts1.a2hosting.com

aronwebsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:5183 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	aronwebsolutions.com 1 redirects aronwebsolutions.com	222 KB
2	fontawesome.com ka-f.fontawesome.com	18 KB
14	2

	Domain	Requested by
13	aronwebsolutions.com	1 redirects aronwebsolutions.com
2	ka-f.fontawesome.com	aronwebsolutions.com
14	2

This site contains no links.

Subject Issuer	Validity	Valid
aronwebsolutions.com cPanel, Inc. Certification Authority	`2021-08-01` - `2021-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://aronwebsolutions.com/0fflink/0fflink.php
Frame ID: 2D295268B1C60DF49AB4E1C37B802B15
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://aronwebsolutions.com/0fflink/ HTTP 302
https://aronwebsolutions.com/0fflink/0fflink.php Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

240 kB
Transfer

845 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aronwebsolutions.com/0fflink/ HTTP 302
https://aronwebsolutions.com/0fflink/0fflink.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 0fflink.php Show response
aronwebsolutions.com/0fflink/
Redirect Chain

https://aronwebsolutions.com/0fflink/
https://aronwebsolutions.com/0fflink/0fflink.php

16 KB
3 KB

157ms
156ms

Document
text/html

68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed / PHP/7.3.30

Resource Hash

73747b669001ae1fe4c01b9c184cc384e69b39a022b93993aa308572f297d77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: aronwebsolutions.com
:scheme: https
:path: /0fflink/0fflink.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.3.30
content-type: text/html; charset=UTF-8
cache-control: public, max-age=600
expires: Sun, 26 Sep 2021 23:19:09 GMT
content-length: 2987
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 26 Sep 2021 23:09:09 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
access-control-allow-origin: *

Redirect headers

x-powered-by: PHP/7.3.30
location: 0fflink.php#authoriz3?cli3nt_k3y=tfrcc-4l1k2-7d76s1632697748e42b9701d4c31a91d4d93f148dfbc439e42b9701d4c31a91d4d93f148dfbc439e42b9701d4c31a91d4d93f148dfbc439e42b9701d4c31a91d4d93f148dfbc439e42b9701d4c31a91d4d93f148dfbc439ajkx5-y5voa-c8s0v
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Sun, 26 Sep 2021 23:19:08 GMT
content-length: 12
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 26 Sep 2021 23:09:08 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 jquery.min.js Show response
aronwebsolutions.com/gut/gut-buck-012/ 84 KB
29 KB 154ms
152ms Script
application/javascript 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/jquery.min.js

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

d7cd4d1a6654e3389b5478e90cd06a943d73cd1dedeef26d7aeb59819fe38b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:48 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 29189
expires: Wed, 29 Sep 2021 11:09:09 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
aronwebsolutions.com/gut/gut-buck-012/ 85 KB
29 KB 300ms
298ms Script
application/javascript 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/jquery-3.1.1.min.js

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

cc325a58d284f47cf0ddde0ce30da6c97dabfd9e15faa8bb6c436665ccb105ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/jquery-3.1.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 29485
expires: Wed, 29 Sep 2021 11:09:09 GMT

GET
H2 200 jquery-3.3.1.js Show response
aronwebsolutions.com/gut/gut-buck-012/ 265 KB
76 KB 445ms
444ms Script
application/javascript 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/jquery-3.3.1.js

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

97b3b5971a90d1974b7d0cfe17458ae558c2797373f0ddaa4a2307f635c78f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/jquery-3.3.1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:47 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 77985
expires: Wed, 29 Sep 2021 11:09:09 GMT

GET
H2 200 bootstrap.min.css
aronwebsolutions.com/gut/gut-buck-012/ 142 KB
18 KB 593ms
591ms Stylesheet
text/css 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/bootstrap.min.css

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

892250ce350f1ead4b4f29172c3d8ce7a365e824afb6b49398119015221fee22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 18620
expires: Sun, 03 Oct 2021 23:09:09 GMT

GET
H2 200 family=Archivo+Narrow&display=swap.css
aronwebsolutions.com/gut/gut-buck-012/ 1 KB
423 B 593ms
592ms Stylesheet
text/css 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/family=Archivo+Narrow&display=swap.css

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

4542b759729e3fdf850f208f26eb4fc6eeb78871af553383b9e986df2a848fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/family=Archivo+Narrow&display=swap.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 387
expires: Sun, 03 Oct 2021 23:09:09 GMT

GET
H2 200 main.style.css
aronwebsolutions.com/gut/gut-buck-012/ 3 KB
899 B 593ms
592ms Stylesheet
text/css 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/main.style.css

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

1cc0ecde6e4630adbb4937999d879201a80112ec01b5280b2d307d7a31748e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/main.style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 840
expires: Sun, 03 Oct 2021 23:09:09 GMT

GET
H2 200 5051251.js Show response
aronwebsolutions.com/gut/gut-buck-012/ 11 KB
4 KB 593ms
592ms Script
application/javascript 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/5051251.js

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

1bc786a58928545758720c968f4ea9113a56e3ca4231ee1b8ce1d20be3185a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/5051251.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:39 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 3828
expires: Wed, 29 Sep 2021 11:09:09 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
aronwebsolutions.com/gut/gut-buck-012/ 68 KB
23 KB 594ms
593ms Script
application/javascript 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/jquery-3.2.1.slim.min.js

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

7f78dfd00224df0efd3496e38d3da4d2adb2092d6d79cfaf4b7983849acd284d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/jquery-3.2.1.slim.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 23414
expires: Wed, 29 Sep 2021 11:09:09 GMT

GET
H2 200 popper.min.js Show response
aronwebsolutions.com/gut/gut-buck-012/ 19 KB
7 KB 594ms
593ms Script
application/javascript 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/popper.min.js

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

b1442b3a321852a7f6d31cbd9108d34e762b2de9254be62a3ecf574019e0063a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/popper.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 6675
expires: Wed, 29 Sep 2021 11:09:09 GMT

GET
H2 200 bootstrap.min.js Show response
aronwebsolutions.com/gut/gut-buck-012/ 48 KB
12 KB 594ms
593ms Script
application/javascript 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/bootstrap.min.js

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

70df67cc45846d7a2d50107748cf804b82ca3eafd46711614a40768e3b37c16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60480000, public
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 12575
expires: Wed, 29 Sep 2021 11:09:09 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
13 KB 50ms
16ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=585b051251
Requested by: Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/gut/gut-buck-012/5051251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:10 GMT
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1032
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiZYUdGellRx8cqdTWsIBIKITz8BNDhdM0XIE6ovr%2FjBa%2BVD4EzkipUVhrQuei3LYbB%2B649DUiGqwoMXH2vaHbhnR3vePMsW%2BTyP5vZhchsGyZ37bHhvACdS2eDAFgkWKMQWpkHry6UOsbX7rF6Pguar%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA60-P2
cf-ray: 69502889afcb692b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 6UTdMPB40qxYkhONkDApC_8WY8-nAWchDsUQHSOSVsnwUGVPdND34w==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
5 KB 52ms
18ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=585b051251
Requested by: Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/gut/gut-buck-012/5051251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:10 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1032
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJxVnD6JwzBl0kL7LTQbeVZg0dsbBVLnArb3hrMzguO9Y7LBlgJgWYhwPqFbBJBZvEpwb8tfidZHqvrE2BA%2FMSVzxRPkWvyHPRdqCQF9DKXGsWHCYty5xp4l6BEb7jtT6jR03RZL4Q8OQsIclhxK6OO8Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA60-P2
cf-ray: 69502889afcd692b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cilQRaLRnJUaZOSKhIr_TBdN4T1tm7fOH6B2Kk2Mu8-EGP4YKdWKVw==

GET
H3 200 bg543210.jpg
aronwebsolutions.com/gut/gut-buck-012/ 20 KB
20 KB 151ms
151ms Image
image/jpeg 68.66.226.75
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aronwebsolutions.com/gut/gut-buck-012/bg543210.jpg

Requested by

Host: aronwebsolutions.com
URL: https://aronwebsolutions.com/0fflink/0fflink.php

Protocol

Security

QUIC, , AES_128_GCM

Server

68.66.226.75 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts1.a2hosting.com

Software

LiteSpeed /

Resource Hash

0a450a39e90852f4b51966a01b1b84e91238781ec040f7abe5f248e8cefafd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /gut/gut-buck-012/bg543210.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: aronwebsolutions.com
referer: https://aronwebsolutions.com/0fflink/0fflink.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://aronwebsolutions.com/0fflink/0fflink.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:09:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 11:54:39 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
vary: User-Agent
cache-control: max-age=60480000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 20029
expires: Tue, 26 Oct 2021 23:09:10 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aronwebsolutions.com
ka-f.fontawesome.com
2606:4700:3030::6815:5183
68.66.226.75
0a450a39e90852f4b51966a01b1b84e91238781ec040f7abe5f248e8cefafd91
1bc786a58928545758720c968f4ea9113a56e3ca4231ee1b8ce1d20be3185a7c
1cc0ecde6e4630adbb4937999d879201a80112ec01b5280b2d307d7a31748e81
4542b759729e3fdf850f208f26eb4fc6eeb78871af553383b9e986df2a848fe4
70df67cc45846d7a2d50107748cf804b82ca3eafd46711614a40768e3b37c16c
73747b669001ae1fe4c01b9c184cc384e69b39a022b93993aa308572f297d77e
7f78dfd00224df0efd3496e38d3da4d2adb2092d6d79cfaf4b7983849acd284d
892250ce350f1ead4b4f29172c3d8ce7a365e824afb6b49398119015221fee22
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
97b3b5971a90d1974b7d0cfe17458ae558c2797373f0ddaa4a2307f635c78f61
b1442b3a321852a7f6d31cbd9108d34e762b2de9254be62a3ecf574019e0063a
cc325a58d284f47cf0ddde0ce30da6c97dabfd9e15faa8bb6c436665ccb105ef
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
d7cd4d1a6654e3389b5478e90cd06a943d73cd1dedeef26d7aeb59819fe38b5d

aronwebsolutions.com Open in urlscan Pro 68.66.226.75 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

240 kBTransfer

845 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

aronwebsolutions.com Open in urlscan Pro
68.66.226.75 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

240 kB
Transfer

845 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!