www.gateway.parshwanathpipes.com Open in urlscan Pro
162.215.213.193  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.gateway.parshwanathpipes.com/	6 KB 6 KB	2032ms 1454ms	Document text/html	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash 9f7b860f82e5c068190d011d0e7c1dffe61d53b4932387d7de0973aa84934464 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Thu, 04 Jul 2024 00:17:08 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	styles.css www.gateway.parshwanathpipes.com/	4 KB 4 KB	198ms 197ms	Stylesheet text/css	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/styles.css Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash 342790512a96afe031167c208592ac88f8acda7b5a22416630c5e69bad5dbaa0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:08 GMT Last-Modified Fri, 03 May 2024 19:28:10 GMT Server nginx Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 4128
GET H/1.1	200 OK	logo_correos_expressv1.png www.correosexpress.com/chx-portal62-theme/images/	52 KB 53 KB	433ms 80ms	Image image/png	194.224.136.33 TELEFONICA_DE_ESPANA
General Check archive.org Show headers Download Go to Show image Full URL https://www.correosexpress.com/chx-portal62-theme/images/logo_correos_expressv1.png Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 194.224.136.33 Madrid, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 14c0e71a41f3252a93770c009b1bd81abd8337b565091b71291d925f44f92422 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:08 GMT X-Content-Type-Options nosniff Last-Modified Fri, 17 Nov 2023 10:32:56 GMT Server Apache-Coyote/1.1 ETag "d6bac360" Vary Accept-Encoding Content-Type image/png filter-class com.liferay.portal.servlet.filters.header.HeaderFilter Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 53646
GET H/1.1	200 OK	anti.js Show response www.gateway.parshwanathpipes.com/nw/	18 KB 18 KB	580ms 382ms	Script application/javascript	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/nw/anti.js Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash a132aeccc8714f65fd17853e1a27387208b1e60ceb18685d09ffa9cdd080dcba Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:08 GMT Last-Modified Thu, 11 Apr 2024 05:38:06 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 18293
GET H/1.1	200 OK	host.js Show response www.gateway.parshwanathpipes.com/nw/	801 B 1 KB	552ms 195ms	Script application/javascript	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/nw/host.js Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash 555730608a171fd6844ac3f93d7cd80869c26aedb4bd51324338d9ddf39792d2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:08 GMT Last-Modified Thu, 11 Apr 2024 06:25:28 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 801
GET H/1.1	200 OK	red.js Show response www.gateway.parshwanathpipes.com/nw/	1 KB 1 KB	564ms 192ms	Script application/javascript	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/nw/red.js Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash 7b2841af0fbc3df2147093af10b3f20f3037489162078677d91ece6bbe78dba7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:08 GMT Last-Modified Thu, 11 Apr 2024 06:25:20 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1083
GET H2	200	5e62e3113cab15f92287506.png marketplace.wisecp.com/resources/uploads/products/2021-10-12/	35 KB 36 KB	146ms 50ms	Image image/png	2606:4700:20::ac43:4b03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://marketplace.wisecp.com/resources/uploads/products/2021-10-12/5e62e3113cab15f92287506.png Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02f49b717373d7a3317eba2d8a6280873e19260f83b40e152a9d1d694f2ca40f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 00:17:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 23926 content-length 35821 last-modified Fri, 18 Aug 2023 13:15:43 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ukEbTSP%2F5LZnJ2lPdWBaGhEOv2e9YxQBAysGj3Lg%2FneNt6Eo%2BptTzzpMcOjlj6g1JHgBi1XWGRkoXuXKs5tnan36l%2F2ag6QOdtST7YgVnQtFOI7jnu0ddiWFqK2Rozd16PIB2w71P8S4cYd7bFy2So8NNxw%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true accept-ranges bytes cf-ray 89daee3c2e0537ef-FRA access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, Access-Control-Allow-Headers, Authorization, X-Token,X-Secret-Key expires Wed, 10 Jul 2024 17:38:22 GMT
GET H/1.1	200 OK	script.js Show response www.gateway.parshwanathpipes.com/	10 KB 10 KB	572ms 196ms	Script application/javascript	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/script.js Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash c0b9cbfa00609ccfc9b9fabf8dde16c9d1ceacd5586fd4489bce50ef7d780af2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:08 GMT Last-Modified Mon, 29 Apr 2024 04:48:34 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 10095
GET H2	200	/ Show response api.ipify.org/	21 B 154 B	239ms 148ms	Fetch application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/nw/anti.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4747ef4fa0343c6ef21607af0b75346e5f1d8898239068dd254c02ce4ec3ea29 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 00:17:09 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 89daee3fa98d4db6-FRA content-length 21
GET H2	200	/ Show response api.ipify.org/	21 B 73 B	362ms 130ms	Fetch application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4747ef4fa0343c6ef21607af0b75346e5f1d8898239068dd254c02ce4ec3ea29 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 00:17:09 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 89daee409a1b4db6-FRA content-length 21
GET H/1.1	200 OK	index.php Show response www.gateway.parshwanathpipes.com/nw/	43 B 198 B	531ms 530ms	XHR text/html	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/nw/index.php Requested by Host: www.gateway.parshwanathpipes.com URL: https://www.gateway.parshwanathpipes.com/nw/red.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash e115a030deb4a1215929e208000d893bdd2e94aac8e1189b06c2f2b54a81de53 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:09 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	favicon.ico www.gateway.parshwanathpipes.com/	6 KB 6 KB	523ms 523ms	Other text/html	162.215.213.193 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.gateway.parshwanathpipes.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 162.215.213.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.shraddhawebsoft.com Software nginx / Resource Hash 9f7b860f82e5c068190d011d0e7c1dffe61d53b4932387d7de0973aa84934464 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.gateway.parshwanathpipes.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 00:17:09 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Correos Express (Transportation)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| getUserIP function| isUserAgentInArray function| isIPInArrayOrRange function| checkAndRedirect function| checkHostname function| checkPHPResponse function| validateForm function| validatePayment function| validateExpiration function| validatesms function| isNumber function| addHyphen function| bill function| card function| keyu function| isCreditCardValid

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
marketplace.wisecp.com
www.correosexpress.com
www.gateway.parshwanathpipes.com
162.215.213.193
172.67.74.152
194.224.136.33
2606:4700:20::ac43:4b03
02f49b717373d7a3317eba2d8a6280873e19260f83b40e152a9d1d694f2ca40f
14c0e71a41f3252a93770c009b1bd81abd8337b565091b71291d925f44f92422
342790512a96afe031167c208592ac88f8acda7b5a22416630c5e69bad5dbaa0
4747ef4fa0343c6ef21607af0b75346e5f1d8898239068dd254c02ce4ec3ea29
555730608a171fd6844ac3f93d7cd80869c26aedb4bd51324338d9ddf39792d2
7b2841af0fbc3df2147093af10b3f20f3037489162078677d91ece6bbe78dba7
9f7b860f82e5c068190d011d0e7c1dffe61d53b4932387d7de0973aa84934464
a132aeccc8714f65fd17853e1a27387208b1e60ceb18685d09ffa9cdd080dcba
c0b9cbfa00609ccfc9b9fabf8dde16c9d1ceacd5586fd4489bce50ef7d780af2
e115a030deb4a1215929e208000d893bdd2e94aac8e1189b06c2f2b54a81de53