stb-india.com Open in urlscan Pro
2606:4700:3031::ac43:c49e  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request card.php Show response stb-india.com/auth/Login/	16 KB 6 KB	291ms 233ms	Document text/html	2606:4700:3031::ac43:c49e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Login/card.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c49e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6a0c7fff5ca34a23a71825a27e92254a2bb9f9ec1d7f59294200edf50cf0013 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 787dec4fadd36927-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 11 Jan 2023 13:15:46 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO7tekdNsfag%2FiSJsu3OqS1534ARb8xbb2M3uDkuis67AVbb3nAbfBP2li5zVfBrGxhDjPkoLXkksAwEH%2BNDQLcb8hAh4e3frXBORa1gATCGCxlVkhglOkLTepViUOvbHgxw%2FHKBeYXgnVWi"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.css stb-india.com/auth/Export/css/	222 KB 22 KB	25ms 24ms	Stylesheet text/css	2606:4700:3031::ac43:c49e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/css/jquery.css Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/card.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c49e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0396673b1cdaca721ce8254086d905d612d0b3f703fe9244daff8097e0581b8 Request headers accept-language de-DE,de;q=0.9 Referer https://stb-india.com/auth/Login/card.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 13:15:46 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3730 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Z8w0nx48jcEs3bqXrg1pARuotxxtKv%2BYMhyUq4mRUVRVsc85%2BmymX8yzicKwhE%2BAlbGE7cgscHt4WU7mru3UYIAaXoKp3p33kwFaM3%2B%2BErMgVm2Pt5PH3LnHfoh07FA%2B5WhS1%2FViVWyWYvc"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 787dec5128236927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	desktop-tablet.css stb-india.com/auth/Export/css/	225 KB 33 KB	32ms 31ms	Stylesheet text/css	2606:4700:3031::ac43:c49e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/css/desktop-tablet.css Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/card.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c49e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fbdf69d10e1676635a17ed58b198175684ffa11ba3a5fc73dbe0b76220dcf9d Request headers accept-language de-DE,de;q=0.9 Referer https://stb-india.com/auth/Login/card.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 13:15:46 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3730 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7noEcyow4tuBUTMaLTNoVYNiuWovzOcGFcxov2J2Jl3OFam9FtcQezR6usTx4S5g9k%2BebjQNinYZtY8B%2BOzY2JXrQsb%2FzV0VpwbOvca78zkgAxlb2a7rLhPfSoU2NMBMbqPbjMhyVvvBgkP"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 787dec5128256927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	cleave.js Show response stb-india.com/auth/Export/js/	91 KB 20 KB	27ms 27ms	Script application/javascript	2606:4700:3031::ac43:c49e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/js/cleave.js Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/card.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c49e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5 Request headers accept-language de-DE,de;q=0.9 Referer https://stb-india.com/auth/Login/card.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 13:15:46 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jun 2021 17:15:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3730 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXJcH0jRv7Ka%2BbBjNeI7mBJbKXbWMHjG%2BCPhJjT0BEALRv5Q1yr%2BcV1SzI9L7zdCt9slGsvqlr%2Fs%2FITU9mer7ve5SBektDCpIpLkAiuVo8z1JCoZqZ3GuGrmLDVQqE5SvCJ0KCRFN0JN74j3"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 787dec5128266927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	card.js Show response stb-india.com/auth/Export/js/	4 KB 1 KB	23ms 22ms	Script application/javascript	2606:4700:3031::ac43:c49e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/js/card.js Requested by Host: stb-india.com URL: https://stb-india.com/auth/Login/card.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c49e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b3466b0d86a639a63bec376e2d966bbb98e5ad5533a0581989e2601ba14f244 Request headers accept-language de-DE,de;q=0.9 Referer https://stb-india.com/auth/Login/card.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 13:15:46 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Feb 2022 22:50:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3730 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F51Iv4rINKIF4wJIQvqiRrPd%2BrOWtXKKsU1ns%2B5ajs4wjq4q%2BFtHX7vuw8%2BikebQX2rq%2BqWfK6KHmMzwdLFXjsAeNqr86X7h%2FwdoQIPGXGOZ9XJX1MQlqho%2Fj7OdD3qInggGR1dE1snTxBSb"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 787dec5128286927-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5f7d5fb148b72d2c8c3a459d94eb65d1c927da54c1ecb43f9bddfe6449730cfe Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	archer.css stb-india.com/auth/Export/css/	21 KB 17 KB	274ms 273ms	Stylesheet text/css	2606:4700:3031::ac43:c49e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/css/archer.css Requested by Host: stb-india.com URL: https://stb-india.com/auth/Export/css/desktop-tablet.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c49e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6e072b9dc9fc055e10203e964eb885e7acaab23b18bfde1bc513ef852a23296 Request headers accept-language de-DE,de;q=0.9 Referer https://stb-india.com/auth/Export/css/desktop-tablet.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 13:15:47 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jun 2021 17:15:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFm%2FRIRBgKb1JVFyoOvEkcU1V1axThab%2BK9r9IQCIqOo4vAVf1OwwlNy1Yo1yNTqYFM65iMjdOuWCFqAFsEjEFtBdTyj5RJhESsw6NgWVkuNT3IPN8bf8P%2F0xM3f07A1uobi66I9xuYuwteR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 787dec516990920d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	428 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 03de4b9cf46dd5570223a4f4b3f57a02b609fc53430d95c2f265e8b6368713a3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	MYRIADPRO-REGULAR.woff stb-india.com/auth/Export/fonts/	60 KB 61 KB	351ms 351ms	Font font/woff	2606:4700:3031::ac43:c49e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stb-india.com/auth/Export/fonts/MYRIADPRO-REGULAR.woff Requested by Host: stb-india.com URL: https://stb-india.com/auth/Export/css/desktop-tablet.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c49e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19b0448c23352d3e85e3f42e9a157a40242b0a36d907e078f7e82d1b8c8c1f8f Request headers Referer https://stb-india.com/auth/Export/css/desktop-tablet.css Origin https://stb-india.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 11 Jan 2023 13:15:47 GMT cf-cache-status MISS last-modified Tue, 01 Jun 2021 17:15:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7QaF9wBG7jTDjHFwMYv2cr6nOfFPHbFBoNkHLJEYKwayv6PLqUhAdV3H1kVEFkKkfgjFRXFRyyXzt4CCiquGjhe5GpvSn7pLHY3QN5Vlb8nB2G%2FTvXltDOQmSwkcPmIXOsiuXAb%2BoF8gWVx"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 787dec533c01920d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 61848
GET DATA	200 OK	truncated /	16 KB 16 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e96b46a59ee68d66d600ccd8ce06ac4144a225e5125a8ad23ddaf024e09d71eb Request headers Referer Origin https://stb-india.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type application/x-font-woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| Cleave function| validateCC function| checkExp object| card object| exp object| cvv object| atm object| btn object| form object| error object| c1 object| e1 object| c2 object| a1

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			stb-india.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fac65f810bb6b1694583a104d89344d1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

stb-india.com
2606:4700:3031::ac43:c49e
03de4b9cf46dd5570223a4f4b3f57a02b609fc53430d95c2f265e8b6368713a3
0fbdf69d10e1676635a17ed58b198175684ffa11ba3a5fc73dbe0b76220dcf9d
19b0448c23352d3e85e3f42e9a157a40242b0a36d907e078f7e82d1b8c8c1f8f
3b3466b0d86a639a63bec376e2d966bbb98e5ad5533a0581989e2601ba14f244
5f7d5fb148b72d2c8c3a459d94eb65d1c927da54c1ecb43f9bddfe6449730cfe
c0396673b1cdaca721ce8254086d905d612d0b3f703fe9244daff8097e0581b8
c6e072b9dc9fc055e10203e964eb885e7acaab23b18bfde1bc513ef852a23296
e96b46a59ee68d66d600ccd8ce06ac4144a225e5125a8ad23ddaf024e09d71eb
f6a0c7fff5ca34a23a71825a27e92254a2bb9f9ec1d7f59294200edf50cf0013
f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5