indusviva.com
Open in
urlscan Pro
166.62.27.173
Malicious Activity!
Public Scan
Effective URL: https://indusviva.com/avant/PHP/assets/fonts/ES/
Submission: On September 03 via api from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 10th 2020. Valid for: a year.
This is the only time indusviva.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Caixabank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.115.54 167.89.115.54 | 11377 (SENDGRID) (SENDGRID) | |
4 | 2.16.177.49 2.16.177.49 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
13 | 2600:9000:214... 2600:9000:214f:d400:f:858:b480:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:801::200e | 15169 (GOOGLE) (GOOGLE) | |
9 | 166.62.27.173 166.62.27.173 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 13.35.253.49 13.35.253.49 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0c::9d | 15169 (GOOGLE) (GOOGLE) | |
34 | 9 |
ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u5932608.ct.sendgrid.net |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-49.deploy.static.akamaitechnologies.com
site-2937676-6875-8419.mystrikingly.com |
ASN16509 (AMAZON-02, US)
static-assets.strikinglycdn.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-27-173.ip.secureserver.net
indusviva.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-49.fra6.r.cloudfront.net
d26b395fwzu5fz.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
strikinglycdn.com
static-assets.strikinglycdn.com |
2 MB |
9 |
indusviva.com
indusviva.com |
23 KB |
4 |
mystrikingly.com
site-2937676-6875-8419.mystrikingly.com |
24 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
34 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
101 B |
1 |
cloudfront.net
d26b395fwzu5fz.cloudfront.net |
10 KB |
1 |
sendgrid.net
1 redirects
u5932608.ct.sendgrid.net |
250 B |
0 |
keen.io
Failed
api.keen.io Failed |
|
34 | 9 |
Domain | Requested by | |
---|---|---|
13 | static-assets.strikinglycdn.com |
site-2937676-6875-8419.mystrikingly.com
static-assets.strikinglycdn.com |
9 | indusviva.com |
indusviva.com
|
4 | site-2937676-6875-8419.mystrikingly.com |
static-assets.strikinglycdn.com
|
2 | www.google-analytics.com |
site-2937676-6875-8419.mystrikingly.com
www.google-analytics.com |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | d26b395fwzu5fz.cloudfront.net |
static-assets.strikinglycdn.com
|
1 | ajax.googleapis.com |
site-2937676-6875-8419.mystrikingly.com
|
1 | fonts.googleapis.com |
site-2937676-6875-8419.mystrikingly.com
|
1 | u5932608.ct.sendgrid.net | 1 redirects |
0 | api.keen.io Failed |
d26b395fwzu5fz.cloudfront.net
|
34 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.strikinglycdn.com Amazon |
2020-05-16 - 2021-06-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
indusviva.com Go Daddy Secure Certificate Authority - G2 |
2020-08-10 - 2021-07-01 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://indusviva.com/avant/PHP/assets/fonts/ES/
Frame ID: 96A0AB312D84674E05991554C18C41E3
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://u5932608.ct.sendgrid.net/ls/click?upn=4HrYbn6iRq-2FMe5P83-2BC-2FQwC-2BYak-2BZQLIDla7V1W5IOCrAz3Pvr4yQ...
HTTP 302
http://site-2937676-6875-8419.mystrikingly.com/ Page URL
- https://indusviva.com/avant/PHP/assets/fonts/ES/ Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u5932608.ct.sendgrid.net/ls/click?upn=4HrYbn6iRq-2FMe5P83-2BC-2FQwC-2BYak-2BZQLIDla7V1W5IOCrAz3Pvr4yQxD3ohAIzwUS9buGUFsn-2Fm9a2C1Lq9rJbw-3D-3D4dGB_sUHOgrP97VXF8zXjCC-2Ft-2FQFVDJVm90JhLfzJ73wwxw5iGWf9L59T-2FnP7alqwAHcd-2Bz-2BnArPV-2BQPQAPIEvs4dO9KTb84lj9AScjIfy0PWQaIaSMPLT8bWOH3cNGp6LcCo71qQ16B27SZ4Fbfi-2FKUg8fZCVdUjqtH6wM74jh88RRuI1Wqtini8rYxkPEOvS3QhXwd2gpfiTyJy6iKAnz0vmd2JGyonQL8G0myZtz3uPMyCMd8UG-2FVF-2FMk3b2coA1fRZr8gMqyC1SAjBGBTB3RgJ4G2yszVDbO8SvUMQbAbOXQ-3D
HTTP 302
http://site-2937676-6875-8419.mystrikingly.com/ Page URL
- https://indusviva.com/avant/PHP/assets/fonts/ES/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://u5932608.ct.sendgrid.net/ls/click?upn=4HrYbn6iRq-2FMe5P83-2BC-2FQwC-2BYak-2BZQLIDla7V1W5IOCrAz3Pvr4yQxD3ohAIzwUS9buGUFsn-2Fm9a2C1Lq9rJbw-3D-3D4dGB_sUHOgrP97VXF8zXjCC-2Ft-2FQFVDJVm90JhLfzJ73wwxw5iGWf9L59T-2FnP7alqwAHcd-2Bz-2BnArPV-2BQPQAPIEvs4dO9KTb84lj9AScjIfy0PWQaIaSMPLT8bWOH3cNGp6LcCo71qQ16B27SZ4Fbfi-2FKUg8fZCVdUjqtH6wM74jh88RRuI1Wqtini8rYxkPEOvS3QhXwd2gpfiTyJy6iKAnz0vmd2JGyonQL8G0myZtz3uPMyCMd8UG-2FVF-2FMk3b2coA1fRZr8gMqyC1SAjBGBTB3RgJ4G2yszVDbO8SvUMQbAbOXQ-3D HTTP 302
- http://site-2937676-6875-8419.mystrikingly.com/
- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
site-2937676-6875-8419.mystrikingly.com/ Redirect Chain
|
67 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_reset-e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332.css
static-assets.strikinglycdn.com/ |
1 KB 984 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 867 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_v4.4c690062a7a32e0170a1.bundle.css
static-assets.strikinglycdn.com/themes/s5-theme/ |
568 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js
static-assets.strikinglycdn.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.png
static-assets.strikinglycdn.com/images/fb_images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.0/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n-2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97.js
static-assets.strikinglycdn.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js
static-assets.strikinglycdn.com/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Redirect Chain
|
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
indusviva.com/avant/PHP/assets/fonts/ES/ |
7 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-dll.b7a7cfc114443459fda6.js
static-assets.strikinglycdn.com/webpack/ |
3 MB 645 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-site-bundle.e882df6de9a71ed58424.js
static-assets.strikinglycdn.com/webpack/ |
3 MB 718 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keen.min.js
d26b395fwzu5fz.cloudfront.net/2.1.2/ |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20.e882df6de9a71ed58424-site-bundle.js
static-assets.strikinglycdn.com/webpack/ |
341 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24.e882df6de9a71ed58424-site-bundle.js
static-assets.strikinglycdn.com/webpack/ |
859 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51.e882df6de9a71ed58424-site-bundle.js
static-assets.strikinglycdn.com/webpack/ |
60 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.png
static-assets.strikinglycdn.com/images/fb_images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ecommerce
site-2937676-6875-8419.mystrikingly.com/r/v1/sites/14034739/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
active
site-2937676-6875-8419.mystrikingly.com/r/v1/sites/14034739/popups/ |
139 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23.e882df6de9a71ed58424-site-bundle.js
static-assets.strikinglycdn.com/webpack/ |
45 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
strikingly_pageviews
api.keen.io/3.0/projects/5317e03605cd66236a000002/events/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 82 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
strikingly_pageviews
api.keen.io/3.0/projects/5317e03605cd66236a000002/events/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list
site-2937676-6875-8419.mystrikingly.com/r/v1/sites/14034739/multiple_languages/ |
53 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
khawarezmialgo.js
indusviva.com/avant/PHP/assets/fonts/ES/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
estilos-login.css
indusviva.com/avant/PHP/assets/fonts/ES/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.10.4.custom.css
indusviva.com/avant/PHP/assets/fonts/ES/css/ |
34 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.css
indusviva.com/avant/PHP/assets/fonts/ES/css/ |
1 KB 544 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caixabank-logo.svg
indusviva.com/avant/PHP/assets/fonts/ES/img/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
candado.png
indusviva.com/avant/PHP/assets/fonts/ES/css/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Semibold-webfont.woff
indusviva.com/avant/PHP/assets/fonts/ES/fonts/ |
69 KB 0 |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular-webfont.woff
indusviva.com/avant/PHP/assets/fonts/ES/fonts/ |
0 0 |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.keen.io
- URL
- https://api.keen.io/3.0/projects/5317e03605cd66236a000002/events/strikingly_pageviews
- Domain
- api.keen.io
- URL
- https://api.keen.io/3.0/projects/5317e03605cd66236a000002/events/strikingly_pageviews
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Caixabank (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| Aes object| Base64 object| Utf8 string| khawarezmifou string| khawarezmic string| output string| ctrTxt1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
indusviva.com/ | Name: PHPSESSID Value: 0f46fb03e202d24e3c497eebdec9455d |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.keen.io
d26b395fwzu5fz.cloudfront.net
fonts.googleapis.com
indusviva.com
site-2937676-6875-8419.mystrikingly.com
static-assets.strikinglycdn.com
stats.g.doubleclick.net
u5932608.ct.sendgrid.net
www.google-analytics.com
api.keen.io
13.35.253.49
166.62.27.173
167.89.115.54
2.16.177.49
2600:9000:214f:d400:f:858:b480:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:821::200a
2a00:1450:400c:c0c::9d
18f40ec7eebad0f047ee2cfb0c07766d1914a69b3293c69f1ace52528fe68674
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97
496c8409d6327ddb8c36f3f3f80fbbc43f0a1c5b957fcd8aae575779c5b4030e
4d9bfe0ed15fcef6b1725545cce930e5b6fcd177c650a7a295ef86b1862ab869
6c2fa62e957bd158d50e8c28b07d370c8913cda81c848ccb56e2ee431efc3033
9515feebe336ea0ef2f7406dee5583b9cc493210d9cd04956391c5aa6c999801
9723a6d5f5ea669e43fd75e6af8770704573ebc065e148c13c78c334654f9007
98a0cacca0d1fb08b998161b9e8262f857a6c9d5b2797b05f2ad1682d95ce158
9a9ddcdbb31d8bb2e11ac52bc29b333a1d9dff079a854172e07251e71c97d5f0
9f167233cb8b06ef9cb3bff81b156bd95e920c99373116247a2defd7c8dbe232
a866337babaa443c561a33460ae202c00624ae3a35b643fdafc02125b99f6f5d
c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4
e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332
f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4
fdb78b5e22377a70fb30a107cc6ecb3a8f5c6c07a87f025677c849cffb11d6ef