www.switzerlandautomation.net
Open in
urlscan Pro
31.11.34.114
Malicious Activity!
Public Scan
Submission: On May 10 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on March 19th 2024. Valid for: a year.
This is the only time www.switzerlandautomation.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aruba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 31.11.34.114 31.11.34.114 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
6 | 62.149.186.150 62.149.186.150 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
8 | 2 |
ASN31034 (ARUBA-ASN, IT)
PTR: websn3s104.aruba.it
www.switzerlandautomation.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
aruba.it
pagamenti.aruba.it |
30 KB |
2 |
switzerlandautomation.net
www.switzerlandautomation.net |
24 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
6 | pagamenti.aruba.it |
www.switzerlandautomation.net
|
2 | www.switzerlandautomation.net | |
8 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
pagamenti.aruba.it |
www.aruba.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.switzerlandautomation.net Actalis Domain Validation Server CA G3 |
2024-03-19 - 2025-04-19 |
a year | crt.sh |
pagamenti.aruba.it Actalis Organization Validated Server CA G3 |
2023-12-13 - 2024-12-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.switzerlandautomation.net/css/aaa/intreduction.php
Frame ID: BFEB7B81C17C0744A47F9CBC83EA439A
Requests: 8 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Ordini da pagare
Search URL Search Domain Scan URL
Title: Metodi di pagamento
Search URL Search Domain Scan URL
Title: Cookie policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
intreduction.php
www.switzerlandautomation.net/css/aaa/ |
18 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Aruba-logo-web.png
pagamenti.aruba.it/images/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icona-lingua.svg
pagamenti.aruba.it/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icona-small-arrow-bottom.svg
pagamenti.aruba.it/images/ |
462 B 945 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icona-assistenza.svg
pagamenti.aruba.it/images/ |
949 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icona-utente.svg
pagamenti.aruba.it/images/ |
811 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
card.svg
pagamenti.aruba.it/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.switzerlandautomation.net/ |
5 KB 5 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aruba (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pagamenti.aruba.it
www.switzerlandautomation.net
31.11.34.114
62.149.186.150
018848616324e83ebd62bc66a1981a96d9e0f6bdeae25cf3106412d056db26a2
4583006ff144ee9edbcdca287b9ee0e15075f91fe7a5f8ba93d311f02a38a12f
8f5a51ab8aba6dd40c4083d89d06ee87ed8d76590470b1bdb6eab337e6db5694
c509f688d2578a416b988e0b9f4669a3214dad83ef84076b0cda370f042f04e2
d54c051c8168ccffcd35424f00d7b6140e6311bff3e66308b8ff1bb47399ebbc
d881edf6d1763df2e5ce27f39ea76d82a18c15760a0c2de14fd78fba172e19a1
d9742fea080b09269a5500e8cbd1c490946d044b0cbf0a2412c00c13b8eeb49e
dfbe1bbb320b496b9fef73b4787a01fa50f124e2db758567316b07c2be04b657