urlscan.io logo urlscan.io
SecurityTrails logo

sanatandinda.in Open in urlscan Pro
166.62.10.140  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://sanatandinda.in/mde/mde_docs.html
Submission: On March 02 via manual from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 166.62.10.140, located in Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is sanatandinda.in.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 10th 2022. Valid for: a year.
This is the only time sanatandinda.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 166.62.10.140 26496 (AS-26496-...)
2 151.101.24.193 54113 (FASTLY)
4 3
Apex Domain
Subdomains		 Transfer
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5977
2 KB
2 sanatandinda.in
sanatandinda.in
651 KB
4 2
Domain Requested by
2 i.imgur.com sanatandinda.in
2 sanatandinda.in sanatandinda.in
4 2

This site contains no links.

Subject Issuer Validity Valid
sanatandinda.in
Go Daddy Secure Certificate Authority - G2		 2022-10-10 -
2023-10-10		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sanatandinda.in/mde/mde_docs.html
Frame ID: D31F0C42543E523B388EF7F892074CDD
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your Microsoft account

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

653 kB
Transfer

1352 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mde_docs.html
sanatandinda.in/mde/ 		720 KB
480 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sanatandinda.in/mde/mde_docs.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.10.140 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.10.62.166.host.secureserver.net
Software
Apache /
Resource Hash
2e199024ad7360d3ed41bf3603652856561a7e7d6004841c81a5db123d12f2cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-type
text/html
date
Thu, 02 Mar 2023 15:42:31 GMT
etag
"c84008a-b3f0b-5f5da15a55a94-br"
last-modified
Wed, 01 Mar 2023 17:31:38 GMT
server
Apache
vary
Accept-Encoding
Jm3Kimw.png
i.imgur.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Jm3Kimw.png
Requested by
Host: sanatandinda.in
URL: https://sanatandinda.in/mde/mde_docs.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
83463b8064210a912f2d9a4a1600e5a0b0b9701f41a5b862ee95b5dd71a8785a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sanatandinda.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:42:32 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1414238
x-cache
HIT, HIT
content-length
1586
x-served-by
cache-iad-kjyo7100165-IAD, cache-lax10640-LGB
last-modified
Thu, 23 Jun 2022 07:35:17 GMT
server
cat factory 1.0
x-timer
S1677771752.459954,VS0,VE1
etag
"3debdf39c16c7ec7446d2cb9864b24b9"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
40, 1
NQUpBi2.png
i.imgur.com/ 		120 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/NQUpBi2.png
Requested by
Host: sanatandinda.in
URL: https://sanatandinda.in/mde/mde_docs.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
895696e4a2fefe97136406a427b805bd887b394272cb9178a2899366b02ebdcf
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sanatandinda.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:42:32 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
4841181
x-cache
HIT, HIT
content-length
120
x-served-by
cache-iad-kjyo7100148-IAD, cache-lax10640-LGB
last-modified
Thu, 23 Jun 2022 07:34:36 GMT
server
cat factory 1.0
x-timer
S1677771752.459990,VS0,VE2
etag
"e7004a24d6e606cf714b8b06067fc8b2"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
387, 1
truncated
/ 		460 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45306723ef554c259e6262fac15c65685e564262cf6649547ef3ef715c1736bd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
mde_docs.html
sanatandinda.in/mde/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sanatandinda.in/mde/mde_docs.html
Requested by
Host: sanatandinda.in
URL: https://sanatandinda.in/mde/mde_docs.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.10.140 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.10.62.166.host.secureserver.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sanatandinda.in/mde/mde_docs.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:42:32 GMT
content-encoding
br
last-modified
Wed, 01 Mar 2023 17:31:38 GMT
server
Apache
etag
"c84008a-b3f0b-5f5da15a55a94-br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| emailShow

0 Cookies