arjunagida.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 78.31.66.229, located in Germany and belongs to . The main domain is arjunagida.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 7th 2019. Valid for: 3 months.

This is the only time arjunagida.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
5	78.31.66.229 78.31.66.229	() ()
2	2a02:26f0:6c0... 2a02:26f0:6c00:29f::34ef	() ()
7	2

5 78.31.66.229 (Germany)

ASN- ()
PTR: sunucu.tunchost.com

arjunagida.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:29f::34ef (European Union)

ASN- ()

auth.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	arjunagida.com arjunagida.com	9 KB
2	gfx.ms auth.gfx.ms	280 KB
7	2

	Domain	Requested by
5	arjunagida.com	arjunagida.com
2	auth.gfx.ms	arjunagida.com
7	2

This site contains links to these domains. Also see Links.

Domain
signup.live.com
login.live.com

Subject Issuer	Validity	Valid
arjunagida.com cPanel, Inc. Certification Authority	`2019-01-07` - `2019-04-07`	3 months	crt.sh
msagfx.live.com Microsoft IT TLS CA 4	`2017-07-27` - `2019-07-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://arjunagida.com/.manager/manual/?email=nobody@example.com
Frame ID: 3563AB9E9C499353B01BE384AB61A04E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

289 kB
Transfer

288 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.live.com/signup?wa=wsignin1.0&rpsnv=13&ct=1526624083&rver=6.7.6640.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3dbcb5f3f6-b97d-ed7b-9df9-8861d8e6ea95&id=292841&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&contextid=982B2F78FD1575EA&bk=1526624084&uiflavor=web&uaid=71693e68d6ab4064b6ac1c2f53d534bb&mkt=EN-US&lc=1033
Title: Create one!

Search URL Search Domain Scan URL

URL: https://login.live.com/gls.srf?urlID=WinLiveTermsOfUse&mkt=EN-US&vv=1600
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://login.live.com/gls.srf?urlID=MSNPrivacyStatement&mkt=EN-US&vv=1600
Title: Privacy & cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response arjunagida.com/.manager/manual/	7 KB 8 KB	992ms 926ms	Document text/html	78.31.66.229
General Check archive.org Show headers Download Go to Full URL https://arjunagida.com/.manager/manual/?email=nobody@example.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.31.66.229 , Germany, ASN (), Reverse DNS sunucu.tunchost.com Software Apache / Resource Hash `cb7c6cb735ab568e8e9c41a0a997888faa81f250cecd45bd0700695d7869300b` Request headers Host arjunagida.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 09 Jan 2019 06:54:54 GMT Server Apache Keep-Alive timeout=5, max=200 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	404 Not Found	Converged_v21033.css arjunagida.com/.manager/manual/look/inf/	0 0	20ms 17ms	Stylesheet text/html	78.31.66.229
General Check archive.org Show headers Download Go to Full URL https://arjunagida.com/.manager/manual/look/inf/Converged_v21033.css Requested by Host: arjunagida.com URL: https://arjunagida.com/.manager/manual/?email=nobody@example.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.31.66.229 , Germany, ASN (), Reverse DNS sunucu.tunchost.com Software Apache / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host arjunagida.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://arjunagida.com/.manager/manual/?email=nobody@example.com Connection keep-alive Cache-Control no-cache Referer https://arjunagida.com/.manager/manual/?email=nobody@example.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 09 Jan 2019 06:54:55 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=199 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	microsoft_logo.svg arjunagida.com/.manager/manual/look/inf/	513 B 513 B	35ms 15ms	Image text/html	78.31.66.229
General Check archive.org Show headers Download Go to Show image Full URL https://arjunagida.com/.manager/manual/look/inf/microsoft_logo.svg Requested by Host: arjunagida.com URL: https://arjunagida.com/.manager/manual/?email=nobody@example.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.31.66.229 , Germany, ASN (), Reverse DNS sunucu.tunchost.com Software Apache / Resource Hash `ff9ff0e579cee1d819f9537f1268adbd7b9eea4a7c9e3802410817133b5e972a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host arjunagida.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://arjunagida.com/.manager/manual/?email=nobody@example.com Connection keep-alive Cache-Control no-cache Referer https://arjunagida.com/.manager/manual/?email=nobody@example.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 09 Jan 2019 06:54:55 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=198 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	ellipsis_white.svg arjunagida.com/.manager/manual/look/inf/	513 B 513 B	52ms 19ms	Image text/html	78.31.66.229
General Check archive.org Show headers Download Go to Show image Full URL https://arjunagida.com/.manager/manual/look/inf/ellipsis_white.svg Requested by Host: arjunagida.com URL: https://arjunagida.com/.manager/manual/?email=nobody@example.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.31.66.229 , Germany, ASN (), Reverse DNS sunucu.tunchost.com Software Apache / Resource Hash `cd25e08e78f8547ae357065b8c5c7b3ff7b3d9dd9f6889fc8d1ce30e40a406f1` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host arjunagida.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://arjunagida.com/.manager/manual/?email=nobody@example.com Connection keep-alive Cache-Control no-cache Referer https://arjunagida.com/.manager/manual/?email=nobody@example.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 09 Jan 2019 06:54:55 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=197 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	ellipsis_grey.svg arjunagida.com/.manager/manual/look/inf/	512 B 512 B	63ms 16ms	Image text/html	78.31.66.229
General Check archive.org Show headers Download Go to Show image Full URL https://arjunagida.com/.manager/manual/look/inf/ellipsis_grey.svg Requested by Host: arjunagida.com URL: https://arjunagida.com/.manager/manual/?email=nobody@example.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.31.66.229 , Germany, ASN (), Reverse DNS sunucu.tunchost.com Software Apache / Resource Hash `abd032b321eb844ddeb28baba528a34f369adff294f6381e7df22d9e1c2e37b9` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host arjunagida.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://arjunagida.com/.manager/manual/?email=nobody@example.com Connection keep-alive Cache-Control no-cache Referer https://arjunagida.com/.manager/manual/?email=nobody@example.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 09 Jan 2019 06:54:55 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=200 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	0-small.jpg auth.gfx.ms/16.000.27773.2/images/Backgrounds/	3 KB 3 KB	72ms 6ms	Image image/jpeg	2a02:26f0:6c00:29f::34ef
General Check archive.org Show headers Download Go to Show image Full URL https://auth.gfx.ms/16.000.27773.2/images/Backgrounds/0-small.jpg?x=138bcee624fa04ef9b75e86211a9fe0d Requested by Host: arjunagida.com URL: https://arjunagida.com/.manager/manual/?email=nobody@example.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , European Union, ASN (), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea` Request headers Referer https://arjunagida.com/.manager/manual/?email=nobody@example.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 09 Jan 2019 06:54:52 GMT Last-Modified Wed, 02 May 2018 19:41:48 GMT PPServer PPV: 30 H: BL2IDSPRTS1C003 V: 0 ETag "066e99b4de2d31:0" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=133446 Connection keep-alive Accept-Ranges bytes Content-Length 3006 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	0.jpg auth.gfx.ms/16.000.27773.2/images/Backgrounds/	277 KB 277 KB	73ms 7ms	Image image/jpeg	2a02:26f0:6c00:29f::34ef
General Check archive.org Show headers Download Go to Show image Full URL https://auth.gfx.ms/16.000.27773.2/images/Backgrounds/0.jpg?x=a5dbd4393ff6a725c7e62b61df7e72f0 Requested by Host: arjunagida.com URL: https://arjunagida.com/.manager/manual/?email=nobody@example.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , European Union, ASN (), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb` Request headers Referer https://arjunagida.com/.manager/manual/?email=nobody@example.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 09 Jan 2019 06:54:52 GMT Last-Modified Wed, 02 May 2018 19:41:48 GMT PPServer PPV: 30 H: BL2IDSPRTS1C001 V: 0 ETag "066e99b4de2d31:0" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=133446 Connection keep-alive Accept-Ranges bytes Content-Length 283351 Server Microsoft-IIS/8.5

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arjunagida.com
auth.gfx.ms
2a02:26f0:6c00:29f::34ef
78.31.66.229
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
abd032b321eb844ddeb28baba528a34f369adff294f6381e7df22d9e1c2e37b9
cb7c6cb735ab568e8e9c41a0a997888faa81f250cecd45bd0700695d7869300b
cd25e08e78f8547ae357065b8c5c7b3ff7b3d9dd9f6889fc8d1ce30e40a406f1
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea
ff9ff0e579cee1d819f9537f1268adbd7b9eea4a7c9e3802410817133b5e972a

arjunagida.com Open in urlscan Pro 78.31.66.229 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

289 kBTransfer

288 kBSize

0 Cookies

3 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

arjunagida.com Open in urlscan Pro
78.31.66.229 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

289 kB
Transfer

288 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!