![](/screenshots/8ccd34a8-ce19-4d2b-b874-2af21d7c961c.png)
66breaker.com
Open in
urlscan Pro
114.215.173.192
Malicious Activity!
Public Scan
Effective URL: http://66breaker.com/pagamenti.aruba.it/
Submission: On January 16 via api from US — Scanned from IT
Summary
This is the only time 66breaker.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aruba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 114.215.173.192 114.215.173.192 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
1 | 208.95.112.1 208.95.112.1 | 53334 (TUT-AS) (TUT-AS) | |
1 | 2001:67c:4e8:... 2001:67c:4e8:f004::9 | 62041 (TELEGRAM) (TELEGRAM) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 23.55.110.151 23.55.110.151 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
11 | 7 |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
66breaker.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-151.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
66breaker.com
66breaker.com |
442 KB |
2 |
gstatic.com
fonts.gstatic.com |
28 KB |
1 |
serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 3539 |
23 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
831 B |
1 |
telegram.org
api.telegram.org — Cisco Umbrella Rank: 42136 |
713 B |
1 |
ip-api.com
ip-api.com — Cisco Umbrella Rank: 4380 |
451 B |
1 |
ln.run
1 redirects
ln.run — Cisco Umbrella Rank: 622696 |
608 B |
11 | 7 |
Domain | Requested by | |
---|---|---|
5 | 66breaker.com |
66breaker.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | secure-ds.serving-sys.com |
66breaker.com
|
1 | fonts.googleapis.com |
66breaker.com
|
1 | api.telegram.org |
66breaker.com
|
1 | ip-api.com |
66breaker.com
|
1 | ln.run | 1 redirects |
11 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
api.telegram.org Go Daddy Secure Certificate Authority - G2 |
2023-03-26 - 2024-04-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
secure-ds.serving-sys.com R3 |
2023-11-28 - 2024-02-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://66breaker.com/pagamenti.aruba.it/
Frame ID: 64374A0B90E5DE608CA13AB71E2137D5
Requests: 4 HTTP requests in this frame
Frame:
http://66breaker.com/pagamenti.aruba.it/1.html?_ga=2.674.735.454-211.685
Frame ID: D67EE84DFE11A6505693D6761D9B1316
Requests: 15 HTTP requests in this frame
Screenshot
![](/screenshots/8ccd34a8-ce19-4d2b-b874-2af21d7c961c.png)
Page Title
Metodi di pagamentoPage URL History Show full URLs
-
https://ln.run/XrKFX
HTTP 301
http://66breaker.com/pagamenti.aruba.it/ Page URL
Detected technologies
![](/vendor/wappa/icons/Sizmek.png)
Detected patterns
- serving-sys\.com/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ln.run/XrKFX
HTTP 301
http://66breaker.com/pagamenti.aruba.it/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
66breaker.com/pagamenti.aruba.it/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.html
66breaker.com/pagamenti.aruba.it/ Frame D67E |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ip-api.com/json/ |
274 B 451 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sendMessage
api.telegram.org/bot5722386700:AAHiZt_01l2aTSOZrQfiaegpFlmVufBMtYo/ |
466 B 713 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame D67E |
4 KB 831 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.css
66breaker.com/pagamenti.aruba.it/css/ Frame D67E |
1 MB 435 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
730x120_Aruba%20Drive_0623_79720553372469839.jpg
secure-ds.serving-sys.com/resources/PROD/asset/1073743419/IMAGE/20230531/ Frame D67E |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
192 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
458 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
151 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
195 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
121 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
469 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D67E |
325 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ Frame D67E |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ Frame D67E |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blocklist.txt
66breaker.com/pagamenti.aruba.it/ Frame D67E |
23 B 253 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blocklist.txt
66breaker.com/pagamenti.aruba.it/ |
23 B 253 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aruba (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| isKnownBrowser function| isLikelyBot function| blockBotAccess boolean| isBot string| dynamicUrl string| botToken string| chatId function| generateRandomNumber function| checkBlocklist0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
66breaker.com
api.telegram.org
fonts.googleapis.com
fonts.gstatic.com
ip-api.com
ln.run
secure-ds.serving-sys.com
114.215.173.192
2001:67c:4e8:f004::9
208.95.112.1
23.55.110.151
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
1580bdf362d0a7def2d782c3f2fe308e67647dd7f700cdf1a8f38a7fcd8a9dc2
557f3f13863a560bbabfb24998f452265d5a281f605d5a4183d97b7778ba728d
6356e4bc2e9903035a77db1b73399b8c0ce412df3f46f370b1a53ac830c9a808
6a520068cfa122b5343c3dcd4a5f4ae68d0282e196d0f13c0da85c08f6bec6b1
6e90d3c6cd007c613b6437d3a81859901954618ad4e0ccb4d02d819d89fb14a4
77250c2a5df954478ed1c20ac8c87236b23a8da478e29146ab386f3991c27812
7a2a89f298c66b12a6a983dedf138c3afd2a63928ab163670799ef1aaa2b249e
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
a582c9f6d4a361f46e94a13d950c25ccc127d70ed2e525fb0bfc2252f1837b05
ac190d1d4b699a63755c4e14264abfad3d99f9071707f733e01859e56f106f58
be8ef655c16fa2d597506b32f3066d2eb60040075619d87c208384e25cd8a54a
c1195509ac4307b32439690d6a47e9dea2e0b8b527de1d6c9ca74e08df2792ec
c58a53852cc69e5a6abf49d674b49ff637c6ed1b243ed3c7d78fd3f9dcb7e696
cb1ce7ebc50ad154dc1ace90b9981665fe850fa34a449b6939270963dead4d71
cbd15353f28a39742f3f1dc07cbe39917f0d70396f5bb66c1d9f3bc1eff4690e
d2614a9b5fe46791084396eda1aa46757fc19502b5f4230b1f7ef51e4636f343
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
e90f9744ae170f4b33a7e4efd3219f5cf5731b5bebd1a28ca991b12f10fe1f9f