panupload.co.in Open in urlscan Pro
68.178.221.66  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/VtH2qmTTCA Page URL
2. http://panupload.co.in/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	VtH2qmTTCA Show response t.co/	259 B 678 B	143ms 126ms	Document text/html	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/VtH2qmTTCA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash 8a225ca4674d7708bc057510e982899da64b494abc582e6eba4a122f6cefb073 Security Headers Name Value Content-Security-Policy referrer always; Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 22 Nov 2021 12:34:18 GMT vary Origin server tsa_o expires Mon, 22 Nov 2021 12:39:19 GMT content-type text/html; charset=utf-8 cache-control private,max-age=300 content-length 187 referrer-policy unsafe-url content-encoding gzip x-xss-protection 0 content-security-policy referrer always; strict-transport-security max-age=0 x-response-time 118 x-connection-hash 0fcb4ca5eec8b545dc991a4947f8894b12e576c85403b993626ef02093e0f917
GET H/1.1	200 OK	Primary Request / Show response panupload.co.in/	837 B 770 B	328ms 303ms	Document text/html	68.178.221.66 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://panupload.co.in/ Requested by Host: t.co URL: https://t.co/VtH2qmTTCA Protocol HTTP/1.1 Server 68.178.221.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-68-178-221-66.ip.secureserver.net Software Apache / PHP/7.4.24 Resource Hash f6fb98b3e701ae8e3a8e90033e4f4675fc785f0fb38243aeef51226af0ea08cd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://t.co/VtH2qmTTCA Response headers Date Mon, 22 Nov 2021 12:34:19 GMT Server Apache X-Powered-By PHP/7.4.24 Upgrade h2,h2c Connection Upgrade, Keep-Alive Vary Accept-Encoding Content-Encoding gzip Content-Length 491 Keep-Alive timeout=5 Content-Type text/html; charset=UTF-8
GET H/1.1	404 Not Found	style.css panupload.co.in/css/	0 0	156ms 155ms	Stylesheet text/html	68.178.221.66 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://panupload.co.in/css/style.css Requested by Host: panupload.co.in URL: http://panupload.co.in/ Protocol HTTP/1.1 Server 68.178.221.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-68-178-221-66.ip.secureserver.net Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer http://panupload.co.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 12:34:19 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	css fonts.googleapis.com/	2 KB 1 KB	24ms 21ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Ubuntu+Condensed Requested by Host: panupload.co.in URL: http://panupload.co.in/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3916d9ebc0339d16ee5b88583353a25f449e8833dee112543729919ed566202f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://panupload.co.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 12:34:19 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin X-XSS-Protection 0 Last-Modified Mon, 22 Nov 2021 12:34:19 GMT Server ESF Cross-Origin-Opener-Policy same-origin-allow-popups X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires Mon, 22 Nov 2021 12:34:19 GMT
GET H/1.1	200 OK	bootstrap.css panupload.co.in/	141 KB 20 KB	307ms 303ms	Stylesheet text/css	68.178.221.66 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://panupload.co.in/bootstrap.css Requested by Host: panupload.co.in URL: http://panupload.co.in/ Protocol HTTP/1.1 Server 68.178.221.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-68-178-221-66.ip.secureserver.net Software Apache / Resource Hash f98e18506344c2298218d228d15377b6d25e2cf0f685c9d47f090911ad61b7a3 Request headers Accept-Language de-DE,de;q=0.9 Referer http://panupload.co.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 12:34:19 GMT Content-Encoding gzip Last-Modified Fri, 16 Apr 2021 16:12:24 GMT Server Apache ETag "37427ed-234fd-5c0193eceaa00-gzip" Vary Accept-Encoding Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5 Content-Length 20387
GET H/1.1	200 OK	first.jpg panupload.co.in/	313 KB 314 KB	302ms 299ms	Image image/jpeg	68.178.221.66 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://panupload.co.in/first.jpg Requested by Host: panupload.co.in URL: http://panupload.co.in/ Protocol HTTP/1.1 Server 68.178.221.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-68-178-221-66.ip.secureserver.net Software Apache / Resource Hash f26cd63251bcad4975ccd13226f76eb7aa48a041619606fb641b26de9c0c1f02 Request headers Accept-Language de-DE,de;q=0.9 Referer http://panupload.co.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 12:34:19 GMT Last-Modified Fri, 16 Apr 2021 16:12:22 GMT Server Apache ETag "37427ee-4e5a5-5c0193eb02580" Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5 Content-Length 320933

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: State Bank of India (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| hideURLbar

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t.co/	1970-01-20 16:24:16	Name: muc Value: 16d630d7-7699-4cd3-8f55-bbf376560f93
			.t.co/	1970-01-20 16:24:16	Name: muc_ads Value: 16d630d7-7699-4cd3-8f55-bbf376560f93

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/VtH2qmTTCA Message: Unrecognized Content-Security-Policy directive 'referrer'.
network	error	URL: http://panupload.co.in/css/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
panupload.co.in
t.co
104.244.42.133
2a00:1450:4001:808::200a
68.178.221.66
3916d9ebc0339d16ee5b88583353a25f449e8833dee112543729919ed566202f
8a225ca4674d7708bc057510e982899da64b494abc582e6eba4a122f6cefb073
f26cd63251bcad4975ccd13226f76eb7aa48a041619606fb641b26de9c0c1f02
f6fb98b3e701ae8e3a8e90033e4f4675fc785f0fb38243aeef51226af0ea08cd
f98e18506344c2298218d228d15377b6d25e2cf0f685c9d47f090911ad61b7a3