![](/screenshots/41fe3b37-6c89-4f86-982e-817bbea41191.png)
corporacionjkys.com
Open in
urlscan Pro
192.185.85.30
Malicious Activity!
Public Scan
Submission: On October 06 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.
This is the only time corporacionjkys.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: La Cassa di Ravenna (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 192.185.85.30 192.185.85.30 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 | 193.41.84.67 193.41.84.67 | 15981 (CSEBO-NET) (CSEBO-NET) | |
12 | 2 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-85-30.unifiedlayer.com
corporacionjkys.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
corporacionjkys.com
1 redirects
corporacionjkys.com |
487 KB |
1 |
lacassa.com
www.lacassa.com |
191 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
12 | corporacionjkys.com |
1 redirects
corporacionjkys.com
|
1 | www.lacassa.com | |
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
corporacionjkys.com R3 |
2023-09-20 - 2023-12-19 |
3 months | crt.sh |
COMODO RSA Extended Validation Secure Server CA |
2022-11-29 - 2023-12-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://corporacionjkys.com/cs/
Frame ID: 8288512DEC9B424BF708975F9B385DD2
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/41fe3b37-6c89-4f86-982e-817bbea41191.png)
Page Title
PortalePage URL History Show full URLs
-
https://corporacionjkys.com/cs
HTTP 301
https://corporacionjkys.com/cs/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://corporacionjkys.com/cs
HTTP 301
https://corporacionjkys.com/cs/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
corporacionjkys.com/cs/ Redirect Chain
|
73 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.5e3596c38d64f18f.css
corporacionjkys.com/cs/files/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.e48d692aa102e613.css
corporacionjkys.com/cs/files/ |
401 B 213 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
palette.8ad1af8fb8a2bbed.css
corporacionjkys.com/cs/files/ |
60 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
typography.86ee5add774707db.css
corporacionjkys.com/cs/files/ |
105 B 114 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.4d5a4c6d1c8b1bc7.css
corporacionjkys.com/cs/files/ |
586 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-light-theme-header-logo.png
corporacionjkys.com/cs/files/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginBanner1.jpg
www.lacassa.com/upload/carira/PIB2/desktop/ |
190 KB 191 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-light-theme-footer-logo.png
corporacionjkys.com/cs/files/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Bold.8840acc77623e354.ttf
corporacionjkys.com/cs/files/ |
163 KB 164 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.7b3f4bf1bf83f4e9.woff2
corporacionjkys.com/cs/files/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.298c1099d7ff5993.ttf
corporacionjkys.com/cs/files/ |
164 KB 164 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: La Cassa di Ravenna (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
corporacionjkys.com
www.lacassa.com
192.185.85.30
193.41.84.67
1200f77c8ed7a33fd999f98554d226971e33ff10db5771e14904cfd336b7ced6
2de17661bbaca097802f6f53c16be976d48b40c51617cf3fd99e3b07b4eea8da
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
436934dedf27713f53c99c28e0c30df873a919c394f89decf095ce42a4560715
661ff9c440a9b3df087ebc8b2f85f498a1dba848ad56d3c2b03da24e4b161334
6ca326a2ebbfb6ec4a27c8f8e8cbff06580d466670a1c8f6f1b1020b2b39aa76
7bc6f6de016729def50c152b6b39ee337cfff046c1f0ac5b5ad26a272d99b6d3
9a1b7676023371b2180920dabb0ee1683e47dab872e0b08f71e4a0b5f8e872d3
9cdfd9b9ef1ffadfa3bc4c96b8840df686a71983000a247e7eeba3232b40a894
afb5ded8ec141ccfc3329474aeb27a8e86350abe6752763be409bef21e36c354
b8039a22669238f786d9db7552e3dd1b4cac8e4b9ac806ad8858775e460e05e7
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4