urlscan.io logo urlscan.io
SecurityTrails logo

stibasroorkee.com Open in urlscan Pro
103.21.59.201  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://stibasroorkee.com/esconnect/ernbtinternet/
Effective URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr...
Submission: On October 20 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 103.21.59.201, located in Mumbai, India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is stibasroorkee.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 21st 2020. Valid for: 3 months.
This is the only time stibasroorkee.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
13 103.21.59.201 394695 (PUBLIC-DO...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 67.202.94.86 32748 (STEADFAST)
18 5
Domain Requested by
13 stibasroorkee.com stibasroorkee.com
1 whos.amung.us waust.at
1 waust.at stibasroorkee.com
1 ajax.googleapis.com stibasroorkee.com
0 jqueryvalidation.org Failed stibasroorkee.com
0 cdn.jsdelivr.net Failed stibasroorkee.com
18 6

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
Subject Issuer Validity Valid
helpingcause.com
Let's Encrypt Authority X3		 2020-08-21 -
2020-11-19		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Frame ID: 16767D2488423777FAC5BDAD5DF8B348
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://stibasroorkee.com/esconnect/ernbtinternet/ Page URL
  2. https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

18
Requests

89 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

231 kB
Transfer

482 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stibasroorkee.com/esconnect/ernbtinternet/ Page URL
  2. https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
stibasroorkee.com/esconnect/ernbtinternet/ 		204 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 / PHP/5.6.40
Resource Hash
e2294ccac175aca66fae61346d2189b0afb473d0a33c3118ab0db960ea6de9fc

Request headers

:method
GET
:authority
stibasroorkee.com
:scheme
https
:path
/esconnect/ernbtinternet/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 20 Oct 2020 12:47:34 GMT
server
nginx/1.17.6
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
x-server-cache
false
accept-ranges
none
content-length
197
set-cookie
PHPSESSID=ej3hgl2vk3mveknr2dnjunn005; path=/
Primary Request Login.php
stibasroorkee.com/esconnect/ernbtinternet/ 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 / PHP/5.6.40
Resource Hash
96c3309d386c0afdf133938913e100c37ca85688b79da4061618be139b7e04a9

Request headers

:method
GET
:authority
stibasroorkee.com
:scheme
https
:path
/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://stibasroorkee.com/esconnect/ernbtinternet/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=ej3hgl2vk3mveknr2dnjunn005
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://stibasroorkee.com/esconnect/ernbtinternet/

Response headers

status
200
date
Tue, 20 Oct 2020 12:47:34 GMT
server
nginx/1.17.6
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
accept-ranges
none
x-server-cache
false
main.css
stibasroorkee.com/esconnect/ernbtinternet/assets/css/ 		189 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
31754559a18e6c149d3c9a56fd77d75e4086e1c7947e587fe34dbde15989afd2

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:34 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
none
common-reset.css
stibasroorkee.com/esconnect/ernbtinternet/assets/css/ 		63 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/common-reset.css
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
87d6afb3496a89bdc2fec7dff68ecdefa0f52e93509b139b934e706d27fe49ae

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:34 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
override.css
stibasroorkee.com/esconnect/ernbtinternet/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/override.css
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
5f8ff9157283865a1411c8dd968adb0b8adadd65e402285372cc2f90b7e467c7

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:34 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
2400
cookies.css
stibasroorkee.com/esconnect/ernbtinternet/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/cookies.css
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
2307dd00aff627037de72a85839e3ed5436298593c8cfd4f8f205cacb69e2310

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:34 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
none
content-length
3277
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 18 Oct 2020 15:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162576
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Oct 2021 15:37:58 GMT
logo.png
stibasroorkee.com/esconnect/ernbtinternet/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/img/logo.png
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
0146a8bb7d71d6e2eec98201dcdd5448faac7aeb92a7b0ec17e1dc9abc489228

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
accept-ranges
bytes
content-length
4354
ad1.jpg
stibasroorkee.com/esconnect/ernbtinternet/assets/img/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/img/ad1.jpg
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
0b741e41ed91bd4103dcbba3260a1cec6c70f4c338adfd986e53361e676c6ccc

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
37852
d.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/d.js
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2216
status
200
cf-request-id
05e7a60b240000d729cc0f7000000001
last-modified
Mon, 05 Oct 2020 15:47:29 GMT
server
cloudflare
etag
W/"5f7b4011-3444"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603198055"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5e52d9250e37d729-FRA
expires
Wed, 21 Oct 2020 12:10:39 GMT
jquery.validate.js
cdn.jsdelivr.net/jquery.validation/1.14.0/ 		0
0
additional-methods.min.js
jqueryvalidation.org/files/dist/ 		0
0
grey-btn.png
stibasroorkee.com/esconnect/ernbtinternet/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/img/grey-btn.png
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
64bedd57e310d3b3fe9958f126eb0f9f41dda092421a363b26ea4bb49c648a90

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
accept-ranges
bytes
content-length
1051
input-bg.png
stibasroorkee.com/esconnect/ernbtinternet/assets/img/ 		966 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/img/input-bg.png
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
accept-ranges
bytes
content-length
966
truncated
/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d

Request headers

Origin
https://stibasroorkee.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/truetype;charset=utf-8
LoginButtonBg.png
stibasroorkee.com/esconnect/ernbtinternet/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/img/LoginButtonBg.png
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
560de6f28c8b24f74d3d84668636dd7b7050c9cd50598a3ea332057f8e2c2efa

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
accept-ranges
bytes
content-length
1125
back.png
stibasroorkee.com/esconnect/ernbtinternet/assets/img/ 		279 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/img/back.png
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
accept-ranges
bytes
content-length
279
footer.jpg
stibasroorkee.com/esconnect/ernbtinternet/assets/img/ 		396 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stibasroorkee.com/esconnect/ernbtinternet/assets/img/footer.jpg
Requested by
Host: stibasroorkee.com
URL: https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/common-reset.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.201 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-60.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
d5baf62bdf01b45f69b0652e015e208f61e85af0ed72c8f581d006ae046dd0ea

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/assets/css/common-reset.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 12:47:35 GMT
last-modified
Tue, 20 Oct 2020 09:01:49 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
396
/
whos.amung.us/pingjs/ 		28 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=7ccmactw7r&t=L%CE%BFgin&c=d&x=https%3A%2F%2Fstibasroorkee.com%2Fesconnect%2Fernbtinternet%2FLogin.php%3Fsslchannel%3Dtrue%26sessionid%3DmIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj&y=https%3A%2F%2Fstibasroorkee.com%2Fesconnect%2Fernbtinternet%2F&a=0&v=27&r=5418
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
69032c5bf64236a88d2fccacaa4c12b44d646bc9eeb400d540872b91e9f417e9

Request headers

Referer
https://stibasroorkee.com/esconnect/ernbtinternet/Login.php?sslchannel=true&sessionid=mIIFutOOAbzyHNfnNgb4nSH4jumROeOaXwQr0EgAQP8xCoVqF7u2Zc7iGtauIYFFvv7van60cfyPDtfj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 20 Oct 2020 12:47:35 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.jsdelivr.net
URL
http://cdn.jsdelivr.net/jquery.validation/1.14.0/jquery.validate.js
Domain
jqueryvalidation.org
URL
http://jqueryvalidation.org/files/dist/additional-methods.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1 string| x2

1 Cookies

Domain/Path Name / Value
stibasroorkee.com/ Name: PHPSESSID
Value: ej3hgl2vk3mveknr2dnjunn005

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
jqueryvalidation.org
stibasroorkee.com
waust.at
whos.amung.us
cdn.jsdelivr.net
jqueryvalidation.org
103.21.59.201
2606:4700:20::ac43:4739
2a00:1450:4001:817::200a
67.202.94.86
0146a8bb7d71d6e2eec98201dcdd5448faac7aeb92a7b0ec17e1dc9abc489228
0b741e41ed91bd4103dcbba3260a1cec6c70f4c338adfd986e53361e676c6ccc
2307dd00aff627037de72a85839e3ed5436298593c8cfd4f8f205cacb69e2310
2b1930ba4a2e3f401d744fc3d55c2464a79736bfbc0f0875d98dca864b16449f
31754559a18e6c149d3c9a56fd77d75e4086e1c7947e587fe34dbde15989afd2
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
560de6f28c8b24f74d3d84668636dd7b7050c9cd50598a3ea332057f8e2c2efa
5f8ff9157283865a1411c8dd968adb0b8adadd65e402285372cc2f90b7e467c7
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
64bedd57e310d3b3fe9958f126eb0f9f41dda092421a363b26ea4bb49c648a90
69032c5bf64236a88d2fccacaa4c12b44d646bc9eeb400d540872b91e9f417e9
6de9b19d62ae2029b5d7c51c7eb8fcbdee6503abf32cd74fa3963c76490bc0ac
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
87d6afb3496a89bdc2fec7dff68ecdefa0f52e93509b139b934e706d27fe49ae
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
96c3309d386c0afdf133938913e100c37ca85688b79da4061618be139b7e04a9
d5baf62bdf01b45f69b0652e015e208f61e85af0ed72c8f581d006ae046dd0ea
e2294ccac175aca66fae61346d2189b0afb473d0a33c3118ab0db960ea6de9fc