urlscan.io logo urlscan.io
SecurityTrails logo

ugotechnologies.in Open in urlscan Pro
13.126.18.145  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encrypte...
Submission Tags: @ipnigh
Submission: On July 03 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 13.126.18.145, located in Mumbai, India and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is ugotechnologies.in.
This is the only time ugotechnologies.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

IP Address AS Autonomous System
3 13.126.18.145 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 4
Domain Requested by
3 ugotechnologies.in ugotechnologies.in
1 fonts.gstatic.com ugotechnologies.in
1 fonts.googleapis.com ugotechnologies.in
1 cdnjs.cloudflare.com ugotechnologies.in
6 4

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-02 -
2019-09-08		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
Frame ID: 8541DB55A8AFB5AB9C434EF56A230565
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

6
Requests

50 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

73 kB
Transfer

128 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request main.html
ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
Protocol
HTTP/1.1
Server
13.126.18.145 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server.ugotechnologies.com
Software
Apache /
Resource Hash
8521f13f979b35da561ee24b1919f75abb38ed36fd7ee821cc7fe63e5329847d

Request headers

Host
ugotechnologies.in
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 03 Jul 2019 06:03:29 GMT
Server
Apache
Last-Modified
Mon, 23 Jul 2018 01:38:02 GMT
Accept-Ranges
bytes
Content-Length
2306
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
style.css
ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/style.css
Requested by
Host: ugotechnologies.in
URL: http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
Protocol
HTTP/1.1
Security
, ,
Server
13.126.18.145 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server.ugotechnologies.com
Software
Apache /
Resource Hash
e0d2300699cc73b888d5ab86d225b66e7fa8615fa7e5816bd1a6a84a76d2fb5b

Request headers

Referer
http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 03 Jul 2019 06:03:29 GMT
Last-Modified
Thu, 22 Mar 2018 03:03:44 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1815
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: ugotechnologies.in
URL: http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 03 Jul 2019 06:03:29 GMT
content-encoding
br
cf-cache-status
HIT
age
4160552
cf-ray
4f06a8123a6463dd-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-14983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 22 Jun 2020 06:03:28 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Non-Authoritative-Reason
HSTS
oneDrive.jpeg
ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/oneDrive.jpeg
Requested by
Host: ugotechnologies.in
URL: http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
Protocol
HTTP/1.1
Security
, ,
Server
13.126.18.145 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server.ugotechnologies.com
Software
Apache /
Resource Hash
950e189035a6e9bf2a5ec797699ec47ee6dadccc31ff16c780f9020093899e76

Request headers

Referer
http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 03 Jul 2019 06:03:29 GMT
Last-Modified
Thu, 22 Mar 2018 03:06:58 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
29029
css
fonts.googleapis.com/ 		2 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300
Requested by
Host: ugotechnologies.in
URL: http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2b08c932460844c1e54d66136fc7db2b722d0f1753e267e229d1bd4abb758500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 03 Jul 2019 06:03:29 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 03 Jul 2019 06:03:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 03 Jul 2019 06:03:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: ugotechnologies.in
URL: http://ugotechnologies.in/Product_crm/user_guide/overview/Folder/o6/main.html?accessToFile=valid&fileAccess=10112&encryptedCookie=9dbb340e8ef9a4d25152196db70f6828&u=7d617526680e57c464572e35802ee048&connecting=667c147ed6986ed987b18afbf137b9b4&phaseAccess=fc014966cc54c1162cf584d31006adbd&p=b361aa910a4a7e84b000cfc0dd469abf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300
Origin
http://ugotechnologies.in

Response headers

date
Mon, 03 Jun 2019 02:07:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:42 GMT
server
sffe
age
2606158
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Tue, 02 Jun 2020 02:07:31 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery

0 Cookies