www.gateway.parshwanathpipes.com
Open in
urlscan Pro
162.215.213.193
Malicious Activity!
Public Scan
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 3rd 2024. Valid for: 3 months.
This is the only time www.gateway.parshwanathpipes.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Correos Express (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 162.215.213.193 162.215.213.193 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 194.224.136.33 194.224.136.33 | 3352 (TELEFONIC...) (TELEFONICA_DE_ESPANA) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:4b03 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.67.74.152 172.67.74.152 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 4 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.shraddhawebsoft.com
www.gateway.parshwanathpipes.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
parshwanathpipes.com
www.gateway.parshwanathpipes.com |
47 KB |
2 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2418 |
227 B |
1 |
wisecp.com
marketplace.wisecp.com |
36 KB |
1 |
correosexpress.com
www.correosexpress.com |
53 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
8 | www.gateway.parshwanathpipes.com |
www.gateway.parshwanathpipes.com
|
2 | api.ipify.org |
www.gateway.parshwanathpipes.com
|
1 | marketplace.wisecp.com |
www.gateway.parshwanathpipes.com
|
1 | www.correosexpress.com |
www.gateway.parshwanathpipes.com
|
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gateway.parshwanathpipes.com cPanel, Inc. Certification Authority |
2024-07-03 - 2024-10-01 |
3 months | crt.sh |
www.correosexpress.com Entrust Certification Authority - L1K |
2024-01-03 - 2025-02-02 |
a year | crt.sh |
wisecp.com WE1 |
2024-06-19 - 2024-09-17 |
3 months | crt.sh |
ipify.org GTS CA 1P5 |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.gateway.parshwanathpipes.com/
Frame ID: 346DD7546D50F048CA4C7E743AE1D556
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.gateway.parshwanathpipes.com/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.gateway.parshwanathpipes.com/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_correos_expressv1.png
www.correosexpress.com/chx-portal62-theme/images/ |
52 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anti.js
www.gateway.parshwanathpipes.com/nw/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
host.js
www.gateway.parshwanathpipes.com/nw/ |
801 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
red.js
www.gateway.parshwanathpipes.com/nw/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5e62e3113cab15f92287506.png
marketplace.wisecp.com/resources/uploads/products/2021-10-12/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
www.gateway.parshwanathpipes.com/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
21 B 154 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
21 B 73 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
www.gateway.parshwanathpipes.com/nw/ |
43 B 198 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.gateway.parshwanathpipes.com/ |
6 KB 6 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Correos Express (Transportation)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| getUserIP function| isUserAgentInArray function| isIPInArrayOrRange function| checkAndRedirect function| checkHostname function| checkPHPResponse function| validateForm function| validatePayment function| validateExpiration function| validatesms function| isNumber function| addHyphen function| bill function| card function| keyu function| isCreditCardValid0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
marketplace.wisecp.com
www.correosexpress.com
www.gateway.parshwanathpipes.com
162.215.213.193
172.67.74.152
194.224.136.33
2606:4700:20::ac43:4b03
02f49b717373d7a3317eba2d8a6280873e19260f83b40e152a9d1d694f2ca40f
14c0e71a41f3252a93770c009b1bd81abd8337b565091b71291d925f44f92422
342790512a96afe031167c208592ac88f8acda7b5a22416630c5e69bad5dbaa0
4747ef4fa0343c6ef21607af0b75346e5f1d8898239068dd254c02ce4ec3ea29
555730608a171fd6844ac3f93d7cd80869c26aedb4bd51324338d9ddf39792d2
7b2841af0fbc3df2147093af10b3f20f3037489162078677d91ece6bbe78dba7
9f7b860f82e5c068190d011d0e7c1dffe61d53b4932387d7de0973aa84934464
a132aeccc8714f65fd17853e1a27387208b1e60ceb18685d09ffa9cdd080dcba
c0b9cbfa00609ccfc9b9fabf8dde16c9d1ceacd5586fd4489bce50ef7d780af2
e115a030deb4a1215929e208000d893bdd2e94aac8e1189b06c2f2b54a81de53