krishnamotors.co
Open in
urlscan Pro
194.28.85.182
Malicious Activity!
Public Scan
Submission: On March 24 via api from CA
Summary
This is the only time krishnamotors.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: US Universities (Education)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 194.28.85.182 194.28.85.182 | 196645 (HOSTPRO-AS) (HOSTPRO-AS) | |
2 | 132.236.101.10 132.236.101.10 | 26 (CORNELL) (CORNELL - Cornell University) | |
5 | 3 |
ASN26 (CORNELL - Cornell University, US)
PTR: adfs.ad.cornell.edu
adfs.ad.cornell.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
cornell.edu
adfs.ad.cornell.edu |
37 KB |
1 |
krishnamotors.co
krishnamotors.co |
6 KB |
5 | 2 |
Domain | Requested by | |
---|---|---|
2 | adfs.ad.cornell.edu |
krishnamotors.co
|
1 | krishnamotors.co |
krishnamotors.co
|
5 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.it.cornell.edu |
netid.cornell.edu |
www.cit.cornell.edu |
it.cornell.edu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
adfs.ad.cornell.edu GeoTrust EV SSL CA - G4 |
2016-05-27 - 2017-05-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://krishnamotors.co/ag/cornell.html
Frame ID: 18141.1
Requests: 5 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: What is this?
Search URL Search Domain Scan URL
Title: I forgot my password!
Search URL Search Domain Scan URL
Title: I don't have a NetID. Now what?
Search URL Search Domain Scan URL
Title: IT Service Desk
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
cornell.html
krishnamotors.co/ag/ |
18 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
adfs.ad.cornell.edu/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
adfs.ad.cornell.edu/adfs/portal/logo/ |
29 KB 29 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
illustration.jpg
krishnamotors.co/adfs/portal/illustration/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
krishnamotors.co/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- krishnamotors.co
- URL
- http://krishnamotors.co/adfs/portal/illustration/illustration.jpg?id=7D9C2396EA13D643F3561670A3273100C6B4E5C3FBF2975F3A66CF5B3C954C62
- Domain
- krishnamotors.co
- URL
- http://krishnamotors.co/favicon.ico
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: US Universities (Education)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adfs.ad.cornell.edu
krishnamotors.co
krishnamotors.co
132.236.101.10
194.28.85.182
20e1d7b4ab695d11a2d9834597263be8ab2d397385f64a1d79aaead644fe3e8c
6f0220eab314dbf0e7335b4fe5c621432ca7210071efd9eb9ba20632e913f631
e9062ad930de3023f16fc2ff28e0eb9a6be44c032d16781fc00597bdb0e3d15e