vedabharathipeetham.org
Open in
urlscan Pro
103.120.178.165
Malicious Activity!
Public Scan
Effective URL: https://vedabharathipeetham.org/wp-includes/assets/gospel/njqtr2n06jwv8ri1u3zkhmcr.php?JADJ961629905829a13e50da8a4f4f1dbe7fdeaab...
Submission: On August 25 via manual from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 15th 2021. Valid for: 3 months.
This is the only time vedabharathipeetham.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 103.120.178.165 103.120.178.165 | 17439 (NETMAGIC-...) (NETMAGIC-AP Netmagic Datacenter Mumbai) | |
10 | 1 |
ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN)
PTR: server51.hostingraja.org
vedabharathipeetham.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
vedabharathipeetham.org
1 redirects
vedabharathipeetham.org |
1 MB |
10 | 1 |
Domain | Requested by | |
---|---|---|
11 | vedabharathipeetham.org |
1 redirects
vedabharathipeetham.org
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
vedabharathipeetham.org cPanel, Inc. Certification Authority |
2021-08-15 - 2021-11-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://vedabharathipeetham.org/wp-includes/assets/gospel/njqtr2n06jwv8ri1u3zkhmcr.php?JADJ961629905829a13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6e&Official=&AdnanSami
Frame ID: 5FE81FE34D80CD90BAF87DF85B52673D
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
WelcomePage URL History Show full URLs
-
https://vedabharathipeetham.org/wp-includes/assets/gospel/cd.php?_christophin=12786
HTTP 302
https://vedabharathipeetham.org/wp-includes/assets/gospel/njqtr2n06jwv8ri1u3zkhmcr.php?JADJ961629905829a13e5... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://vedabharathipeetham.org/wp-includes/assets/gospel/cd.php?_christophin=12786
HTTP 302
https://vedabharathipeetham.org/wp-includes/assets/gospel/njqtr2n06jwv8ri1u3zkhmcr.php?JADJ961629905829a13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6ea13e50da8a4f4f1dbe7fdeaabb6ccc6e&Official=&AdnanSami Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
njqtr2n06jwv8ri1u3zkhmcr.php
vedabharathipeetham.org/wp-includes/assets/gospel/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s1.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
268 KB 268 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s2.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
442 KB 442 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s3.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
87 KB 88 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s4.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s5.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
81 KB 82 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s6.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s7.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s8.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s11.png
vedabharathipeetham.org/wp-includes/assets/gospel/images/ |
759 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
vedabharathipeetham.org
103.120.178.165
41a5192d0adba2c5e00a84270231ae69a5548004a5035e79dbf6735507fc9b2d
58299b10514c1a6be836d88077ee8949b6c934f16d0bc38a93b8c9c6ce1a1c65
67040c5652986503dac0575e30ec78b9360b6cbbf902ea8973e0d01efd3b6e07
6def462665fae5ae18f60729651c1302ba94ef9fc6af4cf2d31a4e953623d6f4
9bc09922fa474135c3d1d0ad8d9c5d6226b1abb00ce13d6fe02a0b625e75d3c0
9c770225c1cc3f53944a040e69a763a7882a6215b1affc24d7663e2b1c8f285c
a10431b0ad5b897201617c0141dbdd1ed9ba4d269abc55c1db40e0be415b5329
b5957e22d2ee386c432331c486b6ff490c7d23f6e22d460848c5999de3269b7a
c8b294c68b9b4af4c40efed9d2541b338aed1ba0178e6936d9900afa6f3349ea
ecc471b3b762896c2eb99f0a26d38e0bfbfb5fa72b6a2ae1bdf5230444a0c24f