urlscan.io logo urlscan.io
SecurityTrails logo

190.64.83.74 Open in urlscan Pro
190.64.83.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.lunarsa.com.uy/
Effective URL: http://190.64.83.74:8098/login.php
Submission Tags: phishingrod
Submission: On March 14 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 11 HTTP transactions. The main IP is 190.64.83.74, located in Montevideo, Uruguay and belongs to Administracion Nacional de Telecomunicaciones, UY. The main domain is 190.64.83.74.
This is the only time 190.64.83.74 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 68.169.61.230 209242 (CLOUDFLAR...)
9 190.64.83.74 6057 (Administr...)
11 2
Apex Domain
Subdomains		 Transfer
2 lunarsa.com.uy
admin.lunarsa.com.uy
967 B
11 1
Domain Requested by
2 admin.lunarsa.com.uy admin.lunarsa.com.uy
11 1

This site contains no links.

Subject Issuer Validity Valid
admin.lunarsa.com.uy
cPanel, Inc. Certification Authority		 2023-12-29 -
2024-03-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://190.64.83.74:8098/login.php
Frame ID: E0E1E84B8C0B321927637190975EACB3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lunarsa - Login

Page URL History Show full URLs

  1. https://admin.lunarsa.com.uy/ Page URL
  2. http://190.64.83.74:8098/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

18 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

488 kB
Transfer

485 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.lunarsa.com.uy/ Page URL
  2. http://190.64.83.74:8098/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admin.lunarsa.com.uy/ 		276 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.lunarsa.com.uy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.61.230 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
web.ensamble.uy
Software
Apache /
Resource Hash
5ac796fdd084b5edbf00cc0b5c425b4a9dce4546a7c7ab9b5923fb8ecaee53b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 07:55:03 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
style.css
admin.lunarsa.com.uy/stylesheets/ 		276 B
483 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.lunarsa.com.uy/stylesheets/style.css
Requested by
Host: admin.lunarsa.com.uy
URL: https://admin.lunarsa.com.uy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.61.230 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
web.ensamble.uy
Software
Apache /
Resource Hash
5ac796fdd084b5edbf00cc0b5c425b4a9dce4546a7c7ab9b5923fb8ecaee53b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.lunarsa.com.uy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:03 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request login.php
190.64.83.74/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/login.php
Requested by
Host: admin.lunarsa.com.uy
URL: https://admin.lunarsa.com.uy/
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) / PHP/7.4.30
Resource Hash
3b2ccfbdd70e788d135dff5f96075319e6e9e2b5eb263ba5e203b17053f00c44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 07:55:04 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.37 (centos)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.30
bootstrap.min.css
190.64.83.74/css/ 		124 KB
125 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/css/bootstrap.min.css
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
0fe8c5b27e33ffb9dfcf4ca609efa4d72233914f7d80ac0cbf37259af039b378

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Wed, 15 Jun 2022 22:09:58 GMT
Server
Apache/2.4.37 (centos)
ETag
"1f1d7-5e183c81f1980"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
127447
css.css
190.64.83.74/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/css/css.css
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
a3907021a0953254546133e3022fd4ad6ba26f5aa9382febbe1c6ba1fac5eb40

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Thu, 03 Jun 2021 13:43:11 GMT
Server
Apache/2.4.37 (centos)
ETag
"426-5c3dcc18cb9c0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1062
jquery.js
190.64.83.74/js/ 		276 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/js/jquery.js
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
ab10c7c33408c0f2bffca7332125397497939c2514a5d940d17374f3520d91d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Wed, 11 Sep 2013 22:39:29 GMT
Server
Apache/2.4.37 (centos)
ETag
"45170-4e6234b55ca40"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
282992
bootstrap.min.js
190.64.83.74/js/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/js/bootstrap.min.js
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
61ce3854c13015d809b16c1325e707259e05d74eb7a4b958d2e96cf892d7557d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Wed, 17 Apr 2013 13:25:12 GMT
Server
Apache/2.4.37 (centos)
ETag
"6ff7-4da8e6a641e00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
28663
jquery.validate.min.js
190.64.83.74/js/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/js/jquery.validate.min.js
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
cde0578486717bb6f75c3a33376116b77677619475c38b5904258e5b118e8436

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Wed, 17 Apr 2013 13:25:14 GMT
Server
Apache/2.4.37 (centos)
ETag
"53f5-4da8e6a82a280"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21493
rsa_js.js
190.64.83.74/rsa/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/rsa/rsa_js.js
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
5601e9c900c68d88784443e2c94e90b6da918972e9517074987c390cac501aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Thu, 18 Apr 2013 13:23:03 GMT
Server
Apache/2.4.37 (centos)
ETag
"14da-4daa2808b1bc0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5338
bigint.js
190.64.83.74/rsa/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://190.64.83.74:8098/rsa/bigint.js
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
ac0181a217d610d56aa91490ff2bb09b15cdd5e52f9213ec297f9e8e9d0d9d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Thu, 18 Apr 2013 13:23:02 GMT
Server
Apache/2.4.37 (centos)
ETag
"362e-4daa2807bd980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13870
logo.png
190.64.83.74/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://190.64.83.74:8098/img/logo.png
Requested by
Host: 190.64.83.74
URL: http://190.64.83.74:8098/login.php
Protocol
HTTP/1.1
Server
190.64.83.74 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY),
Reverse DNS
r190-64-83-74.su-static.adinet.com.uy
Software
Apache/2.4.37 (centos) /
Resource Hash
4f923a0dd6ee853894d986856c09f49f85914decef7390c730f6a7d3ecde3d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://190.64.83.74:8098/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 07:55:04 GMT
Last-Modified
Mon, 04 Jul 2022 01:05:40 GMT
Server
Apache/2.4.37 (centos)
ETag
"2e15-5e2f0559e0100"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11797

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt function| $ function| jQuery object| jQuery1102025758449919429416 function| Encrypt function| Str2Bn function| BnLength function| UtilStrPad function| GetSubBn function| Bn2Str function| Str2Hex function| Hex2Str function| h2c function| c2h function| BnPowMod function| BnPow function| _BigInt_toString function| _BigInt_toStringBase function| _BigInt_clone function| bigint_norm function| bigint_from_int function| bigint_from_string function| bigint_from_any function| bigint_uminus function| bigint_add_internal function| bigint_sub_internal function| bigint_plus function| bigint_minus function| bigint_mul function| bigint_divmod function| bigint_div function| bigint_mod function| bigint_powmod2 function| bigint_cmp

1 Cookies

Domain/Path Name / Value
190.64.83.74/ Name: PHPSESSID
Value: djh3as29o4iijk9m6pd1seeo7a