animalhospital.groundwork-partners.jp
Open in
urlscan Pro
49.212.207.146
Malicious Activity!
Public Scan
Submission Tags: 6722542
Submission: On August 07 via api from NL
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on June 21st 2020. Valid for: 3 months.
This is the only time animalhospital.groundwork-partners.jp was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aruba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 49.212.207.146 49.212.207.146 | 9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.) | |
2 | 2 |
ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www3106.sakura.ne.jp
animalhospital.groundwork-partners.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
groundwork-partners.jp
animalhospital.groundwork-partners.jp |
66 KB |
2 | 1 |
Domain | Requested by | |
---|---|---|
2 | animalhospital.groundwork-partners.jp |
animalhospital.groundwork-partners.jp
|
2 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
animalhospital.groundwork-partners.jp Let's Encrypt Authority X3 |
2020-06-21 - 2020-09-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://animalhospital.groundwork-partners.jp/it/135b3cbfc3175385f8acaf8f6fa86fdf/?https://managehosting.aruba.it/AreaUtenti.asp?Lang=EN
Frame ID: 1DAC5CBF1D3278DD2D4EB107769C9873
Requests: 10 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- url /\.aspx?(?:$|\?)/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
animalhospital.groundwork-partners.jp/it/135b3cbfc3175385f8acaf8f6fa86fdf/ |
155 KB 64 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sub.png
animalhospital.groundwork-partners.jp/it/135b3cbfc3175385f8acaf8f6fa86fdf/app2/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
94 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
841 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aruba (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
animalhospital.groundwork-partners.jp
49.212.207.146
50c0214cab06f02e4e1501e2edd9e707dfcb1a6c3e1c38c05235b49dae984033
5140966cfac3ddbe2ee1901750f6a6c9417aa6f6c6fdc9552e047f4cc97df923
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
a525f163e73542be1b82c5ae4e4beed74d137d56161ac5b02833a279ef6d9b61
a59a3fbd896bb90a2ec0a57a93726e5ffe5faeb214b5e6e2d0899029cf106414
bcedcafd81248b08cb428b22618a38866d0cee85b4e9ecd27ef734d0533e2792
c02b5d21d2aaae2f59eade91f0d716b709b90cd7021ba6eec80fbf0bd5c070e5
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d9ad9ccafbc7696d83a75b36483dc07f3a1465c7d4443047f7d2803045435dcd
f7d4f46e5b853727d9fe49f79faadb7c77d3235992542e1229b5c3f9cc1184a2