solartractors.com.bo Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/
Submission: On February 03 via automatic, source phishtank (February 3rd 2024, 12:51:36 am UTC) — Scanned from NL

Summary HTTP 11 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is solartractors.com.bo.
TLS certificate: Issued by GTS CA 1P5 on February 1st 2024. Valid for: 3 months.

This is the only time solartractors.com.bo was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aruba (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	62.149.186.150 62.149.186.150	31034 (ARUBA-ASN) (ARUBA-ASN)
11	3

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

solartractors.com.bo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.149.186.150 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)

admin.aruba.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	aruba.it admin.aruba.it	43 KB
1	solartractors.com.bo solartractors.com.bo	3 KB
0	arubamediamarketing.it Failed tracks.arubamediamarketing.it Failed visual.arubamediamarketing.it Failed
11	3

	Domain	Requested by
7	admin.aruba.it	solartractors.com.bo admin.aruba.it
1	solartractors.com.bo
0	visual.arubamediamarketing.it Failed	solartractors.com.bo
0	tracks.arubamediamarketing.it Failed	solartractors.com.bo
11	4

This site contains links to these domains. Also see Links.

Domain
webmail.aruba.it
hosting.aruba.it
pagamenti.aruba.it
rivenditori.aruba.it
analytics.arubamediamarketing.it
admin.aruba.it
www.aruba.it

Subject Issuer	Validity	Valid
solartractors.com.bo GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
admin.aruba.it Actalis Organization Validated Server CA G3	`2023-12-18` - `2024-12-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/
Frame ID: 930C042EAA4284D80D1A491CF1716EB2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aruba.it - Control Panel Login

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

11
Requests

73 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

46 kB
Transfer

44 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://webmail.aruba.it/
Title: webmail

Search URL Search Domain Scan URL

URL: https://hosting.aruba.it/Rinnovi/InsDatiRinnovo.asp?Lang=DEFAULT
Title: rinnovi

Search URL Search Domain Scan URL

URL: https://pagamenti.aruba.it/home/default.aspx
Title: pagamenti

Search URL Search Domain Scan URL

URL: http://rivenditori.aruba.it/
Title: affiliazione

Search URL Search Domain Scan URL

URL: https://hosting.aruba.it/areaclienti
Title: area clienti

Search URL Search Domain Scan URL

URL: http://analytics.arubamediamarketing.it/link_outbound/?cvtrac=5&usc=d645920e395fedad7bbbed0eca3fe2e0
Title: assistenza

Search URL Search Domain Scan URL

URL: https://admin.aruba.it/oldlogin.aspx
Title: Versione precedente

Search URL Search Domain Scan URL

URL: http://hosting.aruba.it/Domini/spediscidatidominio.asp?lang=IT
Title: Hai perso i dati?

Search URL Search Domain Scan URL

URL: http://www.aruba.it/
Title: Copyright © print_date(); 2024 Aruba S.p.A. - P.I. 01573850516 - All rights reserved

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/ 8 KB
3 KB 586ms
513ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.27
Resource Hash: adcb7c55f9cbe84f5bffbffad58996bb3956f31cf926c2c28e93f042fe684a08

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84f6aefa4bd30368-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 03 Feb 2024 00:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o04Uv0rWSbNgbmWF1rX6a1HFdhT5VxrhvzPGRBmOrsGaeqbVM9AbmOaG5Abx8eHKCFQci0CTswDAM53YxCExKwpZ4Zuh%2BoTDaJnMaKaDsDpyQtFYX3dW47D00WRN4uqwGYptr7WpwF%2Fh2OrpCl2M48fkeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK javascript_cookies.js Show response
admin.aruba.it/PannelloAdmin/ 2 KB
3 KB 188ms
64ms Script
application/javascript 62.149.186.150
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.aruba.it/PannelloAdmin/javascript_cookies.js

Requested by

Host: solartractors.com.bo
URL: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.149.186.150 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

Software

Resource Hash

87de8401a3a5db02c8df9346fe330e9a725dbd987c60ae8a1935f07cc1a9acc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net .usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ .usabilla.com
Strict-Transport-Security	max-age: 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://solartractors.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ *.usabilla.com
Strict-Transport-Security: max-age: 31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Jan 2024 14:29:02 GMT
X-Permitted-Cross-Domain-Policies: none
Server
ETag: "0bfcd55154da1:0"
Date: Sat, 03 Feb 2024 00:51:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1922

GET
H/1.1 200
OK Login.css
admin.aruba.it/PannelloAdmin/ 17 KB
18 KB 186ms
63ms Stylesheet
text/css 62.149.186.150
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.aruba.it/PannelloAdmin/Login.css?v1.0

Requested by

Host: solartractors.com.bo
URL: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.149.186.150 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

Software

Resource Hash

4b229f16b7c6fe884e116ac5044e8fb9c5f3498ebca592bb2f809fd8ecaaafa1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net .usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ .usabilla.com
Strict-Transport-Security	max-age: 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://solartractors.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ *.usabilla.com
Strict-Transport-Security: max-age: 31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Jan 2024 14:29:00 GMT
X-Permitted-Cross-Domain-Policies: none
Server
ETag: "0decad45154da1:0"
Date: Sat, 03 Feb 2024 00:51:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 17132

GET
H/1.1 200
OK logo_aruba.png
admin.aruba.it/PannelloAdmin/UI/Images/general_tmpl/ 9 KB
10 KB 192ms
68ms Image
image/png 62.149.186.150
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.aruba.it/PannelloAdmin/UI/Images/general_tmpl/logo_aruba.png

Requested by

Host: solartractors.com.bo
URL: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.149.186.150 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

Software

Resource Hash

2b5da352f8cac1ec98ed11f27d0d4661aac2f6473096a11bbeb636d34fd20e67

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net .usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ .usabilla.com
Strict-Transport-Security	max-age: 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://solartractors.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ *.usabilla.com
Strict-Transport-Security: max-age: 31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Jan 2024 14:28:46 GMT
X-Permitted-Cross-Domain-Policies: none
Server
ETag: "0a372cc5154da1:0"
Date: Sat, 03 Feb 2024 00:51:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9433

GET
H/1.1 200
OK imgCaratteristicheAccesso.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ 508 B
2 KB 188ms
63ms Image
image/png 62.149.186.150
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.aruba.it/PannelloAdmin/image_pannello_controllo/imgCaratteristicheAccesso.png

Requested by

Host: solartractors.com.bo
URL: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.149.186.150 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

Software

Resource Hash

b1adb27a5e38c7bbbfd8712b4103eb8e405d2bca562e600c7787a214be6c99e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net .usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ .usabilla.com
Strict-Transport-Security	max-age: 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://solartractors.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ *.usabilla.com
Strict-Transport-Security: max-age: 31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Jan 2024 14:29:02 GMT
X-Permitted-Cross-Domain-Policies: none
Server
ETag: "0bfcd55154da1:0"
Date: Sat, 03 Feb 2024 00:51:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 508

GET
H/1.1 200
OK arrox_previous.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ 338 B
1 KB 50ms
50ms Image
image/png 62.149.186.150
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.aruba.it/PannelloAdmin/image_pannello_controllo/arrox_previous.png

Requested by

Host: solartractors.com.bo
URL: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.149.186.150 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

Software

Resource Hash

399db74019a306cb82125431dbbb99137dffa0669d9b84b3cd4dded32b438f5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net .usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ .usabilla.com
Strict-Transport-Security	max-age: 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://solartractors.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ *.usabilla.com
Strict-Transport-Security: max-age: 31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Jan 2024 14:29:02 GMT
X-Permitted-Cross-Domain-Policies: none
Server
ETag: "0bfcd55154da1:0"
Date: Sat, 03 Feb 2024 00:51:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 338

GET
H/1.1 200
OK imgHaiPersoDati.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ 775 B
2 KB 52ms
52ms Image
image/png 62.149.186.150
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.aruba.it/PannelloAdmin/image_pannello_controllo/imgHaiPersoDati.png

Requested by

Host: solartractors.com.bo
URL: https://solartractors.com.bo/wp-content/themes/twentytwentythree/parts/it/it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.149.186.150 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

Software

Resource Hash

8ab2d4dd46d9a7d2997be422628f891222a304e1b0c9bed486129ae6f0f9eb96

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net .usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ .usabilla.com
Strict-Transport-Security	max-age: 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://solartractors.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ *.usabilla.com
Strict-Transport-Security: max-age: 31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Jan 2024 14:29:02 GMT
X-Permitted-Cross-Domain-Policies: none
Server
ETag: "0bfcd55154da1:0"
Date: Sat, 03 Feb 2024 00:51:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 775

GET tsends.js
tracks.arubamediamarketing.it/track/ 0
0

GET 59b1da0be8266e06e6a75a5d0f2aa14d.js
visual.arubamediamarketing.it/cjs/ 0
0

GET include.js
visual.arubamediamarketing.it/track/ 0
0

GET
H/1.1 200
OK PannelloControlloBottomLogo.png
admin.aruba.it/PannelloAdmin/image_pannello_controllo/ 6 KB
7 KB 49ms
49ms Image
image/png 62.149.186.150
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.aruba.it/PannelloAdmin/image_pannello_controllo/PannelloControlloBottomLogo.png

Requested by

Host: admin.aruba.it
URL: https://admin.aruba.it/PannelloAdmin/Login.css?v1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.149.186.150 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

Software

Resource Hash

336a136d1ec7b4f2fa42ebaf724293a544b0451fa6b254778d59672d49a1ac12

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net .usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ .usabilla.com
Strict-Transport-Security	max-age: 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://admin.aruba.it/PannelloAdmin/Login.css?v1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy: script-src 'self' https://www.google.com/ https://bs.serving-sys.com https://www.googletagmanager.com https://www.gstatic.com https://secure-ds.serving-sys.com https://consent.cookiebot.com https://w.usabilla.com https://consentcdn.cookiebot.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/ https://www.googletagmanager.com https://consentcdn.cookiebot.com/ https://admin.aruba.it https://d6tizftlrpuof.cloudfront.net/ *.usabilla.com
Strict-Transport-Security: max-age: 31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Jan 2024 14:29:02 GMT
X-Permitted-Cross-Domain-Policies: none
Server
ETag: "0bfcd55154da1:0"
Date: Sat, 03 Feb 2024 00:51:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6604

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tracks.arubamediamarketing.it
URL: https://tracks.arubamediamarketing.it/track/tsends.js

Domain: visual.arubamediamarketing.it
URL: https://visual.arubamediamarketing.it/cjs/59b1da0be8266e06e6a75a5d0f2aa14d.js

Domain: visual.arubamediamarketing.it
URL: https://visual.arubamediamarketing.it/track/include.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aruba (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.aruba.it
solartractors.com.bo
tracks.arubamediamarketing.it
visual.arubamediamarketing.it
tracks.arubamediamarketing.it
visual.arubamediamarketing.it
2a06:98c1:3121::3
62.149.186.150
2b5da352f8cac1ec98ed11f27d0d4661aac2f6473096a11bbeb636d34fd20e67
336a136d1ec7b4f2fa42ebaf724293a544b0451fa6b254778d59672d49a1ac12
399db74019a306cb82125431dbbb99137dffa0669d9b84b3cd4dded32b438f5d
4b229f16b7c6fe884e116ac5044e8fb9c5f3498ebca592bb2f809fd8ecaaafa1
87de8401a3a5db02c8df9346fe330e9a725dbd987c60ae8a1935f07cc1a9acc0
8ab2d4dd46d9a7d2997be422628f891222a304e1b0c9bed486129ae6f0f9eb96
adcb7c55f9cbe84f5bffbffad58996bb3956f31cf926c2c28e93f042fe684a08
b1adb27a5e38c7bbbfd8712b4103eb8e405d2bca562e600c7787a214be6c99e9

solartractors.com.bo Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

73 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

46 kBTransfer

44 kBSize

0 Cookies

9 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

Indicators

solartractors.com.bo Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

73 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

46 kB
Transfer

44 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!