binayakhonda.com Open in urlscan Pro
103.212.120.133  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request home-secure-login.html Show response binayakhonda.com/.rusecure/	2 KB 899 B	2356ms 145ms	Document text/html	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Full URL https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash ffea263b11809896893d90c75b1cf92bd7e41f61ca4c307d1b0f439b7ec96a44 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 614 content-type text/html date Sun, 10 Sep 2023 15:49:32 GMT last-modified Thu, 31 Aug 2023 14:39:12 GMT server LiteSpeed strict-transport-security max-age=300; includeSubDomains; preload vary Accept-Encoding
GET H2	200	styles.css binayakhonda.com/.rusecure/css/	2 KB 764 B	146ms 145ms	Stylesheet text/css	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Full URL https://binayakhonda.com/.rusecure/css/styles.css Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash 4dc720e2b2342883f95c6682db391e0f0a549c08f655dcd8e4220851451ab1d3 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/home-secure-login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT content-encoding br strict-transport-security max-age=300; includeSubDomains; preload last-modified Thu, 31 Aug 2023 04:59:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 659 expires Sun, 17 Sep 2023 15:49:32 GMT
GET H2	200	logo2.png binayakhonda.com/.rusecure/img/	3 KB 3 KB	146ms 146ms	Image image/png	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Show image Full URL https://binayakhonda.com/.rusecure/img/logo2.png Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash a6fe470e9b113281c6a7288dd3fe1798e02044344844162226c530efc3696bdd Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/home-secure-login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT strict-transport-security max-age=300; includeSubDomains; preload last-modified Thu, 31 Aug 2023 02:19:52 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2743 expires Sun, 17 Sep 2023 15:49:32 GMT
GET H2	200	person-fill.svg binayakhonda.com/.rusecure/img/	225 B 216 B	290ms 289ms	Image image/svg+xml	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Show image Full URL https://binayakhonda.com/.rusecure/img/person-fill.svg Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash 04a8fcd1f1b1d6f7c15c43acde3f3b02f7f051fa23d9405c50e796fc71261047 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/home-secure-login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT content-encoding br strict-transport-security max-age=300; includeSubDomains; preload last-modified Thu, 31 Aug 2023 04:04:00 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 160 expires Sun, 17 Sep 2023 15:49:32 GMT
GET H2	200	lock-fill.svg binayakhonda.com/.rusecure/img/	273 B 243 B	289ms 289ms	Image image/svg+xml	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Show image Full URL https://binayakhonda.com/.rusecure/img/lock-fill.svg Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash 0f10dddf944201c60f75e896f8504e241b9c2764bcddc3f5041c981fb321e858 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/home-secure-login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT content-encoding br strict-transport-security max-age=300; includeSubDomains; preload last-modified Thu, 31 Aug 2023 04:04:44 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 174 expires Sun, 17 Sep 2023 15:49:32 GMT
GET H2	200	main.js Show response binayakhonda.com/.rusecure/js/	121 B 192 B	146ms 145ms	Script application/javascript	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Full URL https://binayakhonda.com/.rusecure/js/main.js Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash 07a17779f1b629f674da91ce765ba1bc3aa2dc35dfe54f17f7c468623f6424e7 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/home-secure-login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT strict-transport-security max-age=300; includeSubDomains; preload last-modified Mon, 04 Sep 2023 07:01:22 GMT server LiteSpeed content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 121 expires Sun, 17 Sep 2023 15:49:32 GMT
GET H/1.1	200 OK	wurfl.js Show response wurfl.io/	4 KB 2 KB	216ms 47ms	Script application/javascript	16.16.177.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wurfl.io/wurfl.js Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.16.177.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US), Reverse DNS ec2-16-16-177-149.eu-north-1.compute.amazonaws.com Software / Resource Hash d83dca202a4e9e03f699c025878763187e6fe4c79553bab5022474c03b65b5be Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Sun, 10 Sep 2023 15:49:32 GMT Content-Encoding br Accept-Ch Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version Vary accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version Content-Type application/javascript Cache-Control no-cache Connection keep-alive Content-Length 1443
GET H2	200	form1.js Show response binayakhonda.com/.rusecure/js/	14 KB 5 KB	288ms 287ms	Script application/javascript	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Full URL https://binayakhonda.com/.rusecure/js/form1.js Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash 34e38504852233b2bf7824e3b694ede4758516c9624c3ae61b4091dffa24e3b3 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/home-secure-login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT content-encoding br strict-transport-security max-age=300; includeSubDomains; preload last-modified Tue, 05 Sep 2023 01:24:48 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 5241 expires Sun, 17 Sep 2023 15:49:32 GMT
GET H2	200	script.js Show response binayakhonda.com/.rusecure/js/	16 KB 6 KB	289ms 288ms	Script application/javascript	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Full URL https://binayakhonda.com/.rusecure/js/script.js Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/home-secure-login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash e6e3db44f67f68e91b6541f0afcc0a7ddd34842378101ac88b8411ffb1586edc Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/home-secure-login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT content-encoding br strict-transport-security max-age=300; includeSubDomains; preload last-modified Tue, 05 Sep 2023 02:48:14 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 5738 expires Sun, 17 Sep 2023 15:49:32 GMT
GET H2	200	background.jpeg binayakhonda.com/.rusecure/img/	30 KB 30 KB	145ms 145ms	Image image/jpeg	103.212.120.133 MWNASHIK-AS Miles...
General Check archive.org Show headers Download Go to Show image Full URL https://binayakhonda.com/.rusecure/img/background.jpeg Requested by Host: binayakhonda.com URL: https://binayakhonda.com/.rusecure/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.212.120.133 , India, ASN135222 (MWNASHIK-AS MilesWeb Internet Services Pvt Ltd, IN), Reverse DNS glitter.herosite.pro Software LiteSpeed / Resource Hash 9298d9a0f05a61fb25d323f61415bc311a032343cda64619792c8f2be3729c32 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://binayakhonda.com/.rusecure/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 15:49:32 GMT strict-transport-security max-age=300; includeSubDomains; preload last-modified Thu, 31 Aug 2023 04:12:38 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 30840 expires Sun, 17 Sep 2023 15:49:32 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banrural (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| WURFL undefined| WurflJSNavigatorUAData undefined| newEvent object| WURFLPromises function| _0x42874d function| _0x55d4c6 function| _0x3c32 function| _0x44e3 function| _0x5bbb function| _0x658a57 function| _0x397d function| showDollarValue function| _0x44bc76

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

binayakhonda.com
wurfl.io
103.212.120.133
16.16.177.149
04a8fcd1f1b1d6f7c15c43acde3f3b02f7f051fa23d9405c50e796fc71261047
07a17779f1b629f674da91ce765ba1bc3aa2dc35dfe54f17f7c468623f6424e7
0f10dddf944201c60f75e896f8504e241b9c2764bcddc3f5041c981fb321e858
34e38504852233b2bf7824e3b694ede4758516c9624c3ae61b4091dffa24e3b3
4dc720e2b2342883f95c6682db391e0f0a549c08f655dcd8e4220851451ab1d3
9298d9a0f05a61fb25d323f61415bc311a032343cda64619792c8f2be3729c32
a6fe470e9b113281c6a7288dd3fe1798e02044344844162226c530efc3696bdd
d83dca202a4e9e03f699c025878763187e6fe4c79553bab5022474c03b65b5be
e6e3db44f67f68e91b6541f0afcc0a7ddd34842378101ac88b8411ffb1586edc
ffea263b11809896893d90c75b1cf92bd7e41f61ca4c307d1b0f439b7ec96a44