stb-india.com Open in urlscan Pro
2606:4700:3032::6815:3c7e  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request billing.php Show response stb-india.com/auth/Login/	19 KB 7 KB	261ms 151ms	Document text/html	2606:4700:3032::6815:3c7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Login/billing.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3c7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb67f5a1a67c30f53e0176686c5b69e32800763f90435ef9b58fa542d6d13cef Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 787eb57c6c3d0329-MIA content-encoding br content-type text/html; charset=UTF-8 date Wed, 11 Jan 2023 15:33:06 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WupimS%2FJn%2FGPzrNg0OhtiV%2BAGdXAsGDbOIBGXfQw%2BELXzriRLnckpmotQpZK3hjldviQBDnuKw0lN5egixH%2BLq%2BswOsJ2nwYdtScYgvMotOvb4QuGU9qy%2BsqssvxtM%2F8x54cvxpNI84yQClW"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.css stb-india.com/auth/Export/css/	222 KB 22 KB	43ms 42ms	Stylesheet text/css	2606:4700:3032::6815:3c7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/css/jquery.css Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/billing.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3c7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0396673b1cdaca721ce8254086d905d612d0b3f703fe9244daff8097e0581b8 Request headers accept-language en-US,en;q=0.9 Referer https://stb-india.com/auth/Login/billing.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 15:33:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5202 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFxyxCiLFN5XvLBH657hPo4YlSWkUPdfdDuiGdb5J7CXkx3ApKW%2FxDPK1YB9q%2F%2BjefhzXAbTZf8hIVFnhMKzH0MpSbPd0Mwrshda5bOp9lmz5%2B%2Br4ifrxmF0raRJopx79bw9uOmpWG3omhrQ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 787eb57d6dd80329-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	desktop-tablet.css stb-india.com/auth/Export/css/	225 KB 33 KB	75ms 73ms	Stylesheet text/css	2606:4700:3032::6815:3c7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/css/desktop-tablet.css Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/billing.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3c7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fbdf69d10e1676635a17ed58b198175684ffa11ba3a5fc73dbe0b76220dcf9d Request headers accept-language en-US,en;q=0.9 Referer https://stb-india.com/auth/Login/billing.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 15:33:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5202 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lwzgp7ITDuikC8FibLKxC%2Fzg%2FBylG9kdwiS%2BVo3u4G7BIEoXwZhx0g0%2FF%2F3ze4JjuXXkcVvjqXZirl7%2FLNnyFyOFKaDvjlph9yyRMHk0e9iFI1hUWc0tXmDFvRwhUz423F5CadxcYwJY5YbT"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 787eb57d6dda0329-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	cleave.js Show response stb-india.com/auth/Export/js/	91 KB 20 KB	53ms 52ms	Script application/javascript	2606:4700:3032::6815:3c7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/js/cleave.js Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/billing.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3c7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5 Request headers accept-language en-US,en;q=0.9 Referer https://stb-india.com/auth/Login/billing.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 15:33:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5202 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkrEZ9jrBhpPUPwJ23Le%2FTKaZ%2BmSBrmjQo7dKe12whY2Z%2FdpzC5xrU5oZd3X8jhxhcYosAX9DraIiApKeaq3Th2BUL0s3%2FZJ9WwAHXd%2BhCjWuryZUeONgXjK7XqRqccqW524b5jtDwhS9bR8"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 787eb57d6ddc0329-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	billing.js Show response stb-india.com/auth/Export/js/	12 KB 1 KB	49ms 49ms	Script application/javascript	2606:4700:3032::6815:3c7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/js/billing.js Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/billing.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3c7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4068a7817f29791e63cd038ad210c7e4763f054e92ad2bb10bec18c8d07f746 Request headers accept-language en-US,en;q=0.9 Referer https://stb-india.com/auth/Login/billing.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 15:33:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:22:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5203 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z01fEdVdc2EIcIjWnHyI%2BEiuKUtMnlUBxbwo%2FbLDzDgQY1N9WNcbNsR%2FcaFtNm5xOup4jqj4t8tqbmKTmI0TkQqFfXLETyKnfmKQYKCBOzegGVseSlNt4i29N96YUVmKRK9YVZEiHEwnS8ch"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 787eb57d6dde0329-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5f7d5fb148b72d2c8c3a459d94eb65d1c927da54c1ecb43f9bddfe6449730cfe Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	archer.css stb-india.com/auth/Export/css/	21 KB 17 KB	43ms 42ms	Stylesheet text/css	2606:4700:3032::6815:3c7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/css/archer.css Requested by Host: stb-india.com URL: https://stb-india.com/auth/Export/css/desktop-tablet.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3c7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6e072b9dc9fc055e10203e964eb885e7acaab23b18bfde1bc513ef852a23296 Request headers accept-language en-US,en;q=0.9 Referer https://stb-india.com/auth/Export/css/desktop-tablet.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 15:33:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5201 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gk72yriqph4OOZtXdOVx8B1x8zFdnLbgBzQLqLOooejmss3OBSLB6RYk%2BWOPP7AkbZCPu0XBpwGcMl9yQPL21HE1DBwY%2FjpLqNizlmIu%2B99K31jUf3h83q%2B7pk9z9oF4DOn1bEUQlKyzDwwy"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 787eb57dfb1967da-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	428 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 03de4b9cf46dd5570223a4f4b3f57a02b609fc53430d95c2f265e8b6368713a3 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	MYRIADPRO-REGULAR.woff stb-india.com/auth/Export/fonts/	60 KB 61 KB	41ms 40ms	Font font/woff	2606:4700:3032::6815:3c7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/fonts/MYRIADPRO-REGULAR.woff Requested by Host: stb-india.com URL: https://stb-india.com/auth/Export/css/desktop-tablet.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3c7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19b0448c23352d3e85e3f42e9a157a40242b0a36d907e078f7e82d1b8c8c1f8f Request headers Referer https://stb-india.com/auth/Export/css/desktop-tablet.css Origin https://stb-india.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 15:33:06 GMT cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5200 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=588sPN5yporjAKrynyDo2xBnNlYUr%2BgJOU4UjNamdaYd2PfY13zTAAQx0c5rJR7DZBbmChQdQd4Tzja%2Fcun%2BSmEJHbZDSO%2B5VmqrW%2BPd%2FKhnySUuUU4TdW9fxBbsYllFJ%2BLZsmdDoa1ZEEDV"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 787eb57e8c3d67da-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 61848
GET DATA	200 OK	truncated /	16 KB 16 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e96b46a59ee68d66d600ccd8ce06ac4144a225e5125a8ad23ddaf024e09d71eb Request headers Referer Origin https://stb-india.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type application/x-font-woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| Cleave object| fname object| addr object| city object| state object| zip object| ssn object| dob object| phone object| btn object| form object| f1 object| a1 object| c1 object| s1 object| z1 object| s2 object| d1 object| p1 object| eI object| email

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			stb-india.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 38d0c2fb4a3e2ecd925272555d9621f6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

stb-india.com
2606:4700:3032::6815:3c7e
03de4b9cf46dd5570223a4f4b3f57a02b609fc53430d95c2f265e8b6368713a3
0fbdf69d10e1676635a17ed58b198175684ffa11ba3a5fc73dbe0b76220dcf9d
19b0448c23352d3e85e3f42e9a157a40242b0a36d907e078f7e82d1b8c8c1f8f
5f7d5fb148b72d2c8c3a459d94eb65d1c927da54c1ecb43f9bddfe6449730cfe
c0396673b1cdaca721ce8254086d905d612d0b3f703fe9244daff8097e0581b8
c6e072b9dc9fc055e10203e964eb885e7acaab23b18bfde1bc513ef852a23296
d4068a7817f29791e63cd038ad210c7e4763f054e92ad2bb10bec18c8d07f746
e96b46a59ee68d66d600ccd8ce06ac4144a225e5125a8ad23ddaf024e09d71eb
eb67f5a1a67c30f53e0176686c5b69e32800763f90435ef9b58fa542d6d13cef
f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5