www.bredan.it Open in urlscan Pro
31.11.32.22 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.bredan.it/Adobe/
Submission: On June 25 via automatic, source phishtank (June 25th 2017, 11:03:56 pm UTC)

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 31.11.32.22, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.bredan.it.

This is the only time www.bredan.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
10	31.11.32.22 31.11.32.22		31034 (ARUBA-ASN) (ARUBA-ASN)
10	1

10 31.11.32.22 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: websn1s012.aruba.it

www.bredan.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bredan.it www.bredan.it	316 KB
10	1

	Domain	Requested by
10	www.bredan.it	www.bredan.it
10	1

This site contains links to these domains. Also see Links.

Domain
get.adobe.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.bredan.it/Adobe/
Frame ID: 21099.1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

316 kB
Transfer

386 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://get.adobe.com/reader/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.bredan.it/Adobe/	7 KB 2 KB	66ms 35ms	Document text/html	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `24483032adb1da2027cb27aa5db25cd4e940eff230e7344ae0c3e0aa3f51d159` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 16:37:35 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "80318d2a6076d21:0" Vary Accept-Encoding Content-Type text/html Accept-Ranges bytes Content-Length 2478
GET H/1.1	200 OK	style.css www.bredan.it/Adobe/css/	4 KB 1 KB	32ms 32ms	Stylesheet text/css	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL http://www.bredan.it/Adobe/css/style.css Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `5da507d30b9a474ffe3b1a490c297a721d79b5b749fefb6c6f486c05e9529a36` Request headers Referer http://www.bredan.it/Adobe/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 16:37:45 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "801283306076d21:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 1157
GET H/1.1	200 OK	SpryValidationTextField.css www.bredan.it/Adobe/SpryAssets/	3 KB 1 KB	63ms 32ms	Stylesheet text/css	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL http://www.bredan.it/Adobe/SpryAssets/SpryValidationTextField.css Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `5e5d1a94e6a2dcf8145aab2c11eb4def0f17ba3a914b04273c06ec68547c7f19` Request headers Referer http://www.bredan.it/Adobe/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 16:38:36 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0ee94e6076d21:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 1087
GET H/1.1	200 OK	SpryValidationTextField.js Show response www.bredan.it/Adobe/SpryAssets/	76 KB 17 KB	65ms 33ms	Script application/javascript	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL http://www.bredan.it/Adobe/SpryAssets/SpryValidationTextField.js Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `fedfb6bcbc3872c35881d12dd158e4956af83f19e3eef26060ec48899388ba68` Request headers Referer http://www.bredan.it/Adobe/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 16:38:36 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0ee94e6076d21:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 17119
GET H/1.1	200 OK	secure.png www.bredan.it/Adobe/images/	55 KB 55 KB	40ms 40ms	Image image/png	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://www.bredan.it/Adobe/images/secure.png Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `eb99a9a3fc4349ffa77cefbd09d46ac646d3d9645569a2abd0e9f084df127dd1` Request headers Referer http://www.bredan.it/Adobe/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Last-Modified Tue, 24 Jan 2017 16:38:19 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "8974a456076d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 56295
GET H/1.1	200 OK	-reader-1440x550.jpg www.bredan.it/Adobe/images/	120 KB 120 KB	38ms 38ms	Image image/jpeg	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://www.bredan.it/Adobe/images/-reader-1440x550.jpg Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `dc025c35b6e4e4912f69d5ae39907efcfaae151133502227ec571565a9ae395d` Request headers Referer http://www.bredan.it/Adobe/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Last-Modified Tue, 24 Jan 2017 16:38:19 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "b21b3e456076d21:0" Content-Type image/jpeg Accept-Ranges bytes Content-Length 122605
GET H/1.1	200 OK	Acrobat_Reader.fw.png www.bredan.it/Adobe/images/	60 KB 60 KB	73ms 41ms	Image image/png	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://www.bredan.it/Adobe/images/Acrobat_Reader.fw.png Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `e9d799f426b22004c33e534cf0a63f1236f1a3c18a941e899ddcfabdddf8c846` Request headers Referer http://www.bredan.it/Adobe/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Last-Modified Tue, 24 Jan 2017 16:38:08 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "85d88b3e6076d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 61022
GET H/1.1	200 OK	pdf-logo.png www.bredan.it/Adobe/images/	39 KB 39 KB	83ms 45ms	Image image/png	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://www.bredan.it/Adobe/images/pdf-logo.png Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58761cde7886c796f27c9283c903e296a7de07de05ed447b49ea198feea884ff` Request headers Referer http://www.bredan.it/Adobe/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Last-Modified Tue, 24 Jan 2017 16:38:08 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "848f9c3e6076d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 39717
GET H/1.1	404 Not Found	bg_form.png www.bredan.it/Adobe/images/	1 KB 0	42ms 40ms	Image text/html	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://www.bredan.it/Adobe/images/bg_form.png Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `5ebe4d8f7aa027771beb5935c848544130d97259ffd9d975af719dcb25213afa` Request headers Referer http://www.bredan.it/Adobe/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Cache-Control private Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 4986 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	adobe_logo_new_1.jpg www.bredan.it/Adobe/images/	22 KB 22 KB	64ms 38ms	Image image/jpeg	31.11.32.22 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://www.bredan.it/Adobe/images/adobe_logo_new_1.jpg Requested by Host: www.bredan.it URL: http://www.bredan.it/Adobe/ Protocol HTTP/1.1 Server 31.11.32.22 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS websn1s012.aruba.it Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `6007bf95a0410574c4801866e0cea412af057cd9314315560badca389eb198be` Request headers Referer http://www.bredan.it/Adobe/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36 Response headers Date Sun, 25 Jun 2017 23:03:44 GMT Last-Modified Tue, 24 Jan 2017 16:38:08 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "b1ff923e6076d21:0" Content-Type image/jpeg Accept-Ranges bytes Content-Length 22186

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.bredan.it
31.11.32.22
24483032adb1da2027cb27aa5db25cd4e940eff230e7344ae0c3e0aa3f51d159
58761cde7886c796f27c9283c903e296a7de07de05ed447b49ea198feea884ff
5da507d30b9a474ffe3b1a490c297a721d79b5b749fefb6c6f486c05e9529a36
5e5d1a94e6a2dcf8145aab2c11eb4def0f17ba3a914b04273c06ec68547c7f19
5ebe4d8f7aa027771beb5935c848544130d97259ffd9d975af719dcb25213afa
6007bf95a0410574c4801866e0cea412af057cd9314315560badca389eb198be
dc025c35b6e4e4912f69d5ae39907efcfaae151133502227ec571565a9ae395d
e9d799f426b22004c33e534cf0a63f1236f1a3c18a941e899ddcfabdddf8c846
eb99a9a3fc4349ffa77cefbd09d46ac646d3d9645569a2abd0e9f084df127dd1
fedfb6bcbc3872c35881d12dd158e4956af83f19e3eef26060ec48899388ba68

www.bredan.it Open in urlscan Pro 31.11.32.22 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

316 kBTransfer

386 kBSize

0 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

www.bredan.it Open in urlscan Pro
31.11.32.22 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

316 kB
Transfer

386 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!