knot.com.co Open in urlscan Pro
162.241.43.69 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://knot.com.co/BankatFirst/
Submission: On November 23 via automatic, source phishtank (November 23rd 2024, 2:29:42 am UTC) — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 162.241.43.69, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is knot.com.co.
TLS certificate: Issued by R11 on October 7th 2024. Valid for: 3 months.

This is the only time knot.com.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: First Financial Bank (Financial)

Domain & IP information

	IP Address		AS Autonomous System
13	162.241.43.69 162.241.43.69		19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
13	1

13 162.241.43.69 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: vpsco.ventasdegaraje.com.co

knot.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	knot.com.co knot.com.co	857 KB
13	1

	Domain	Requested by
13	knot.com.co	knot.com.co
13	1

This site contains no links.

Subject Issuer	Validity	Valid
*.knot.com.co R11	`2024-10-07` - `2025-01-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://knot.com.co/BankatFirst/
Frame ID: 7AD539F72EC2CDEDF789D1867687684B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login · First Financial Bank

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

857 kB
Transfer

856 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response knot.com.co/BankatFirst/	5 KB 6 KB	317ms 61ms	Document text/html	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash `4ebbbe9746e7d781b273e63ce287a2e1df2c973fbfc1c4a3665bb4858d62df8d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 5518 Content-Type text/html Date Sat, 23 Nov 2024 02:29:34 GMT Keep-Alive timeout=5, max=100 Last-Modified Wed, 06 Sep 2023 11:17:56 GMT Server Apache
GET H/1.1	200 OK	vthreeallFullCss.css knot.com.co/BankatFirst/css/	771 KB 771 KB	52ms 51ms	Stylesheet text/css	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash `58d0a27afc6ed22f356c907579f15f41f120c913c118837dba9c1b8da13a5a4f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://knot.com.co/BankatFirst/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 789633 Keep-Alive timeout=5, max=99 Date Sat, 23 Nov 2024 02:29:34 GMT Last-Modified Thu, 04 May 2023 09:23:02 GMT Content-Type text/css Server Apache
GET H/1.1	200 OK	224.css knot.com.co/BankatFirst/css/	46 KB 46 KB	147ms 50ms	Stylesheet text/css	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/css/224.css Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash `bc054fd38e88a7c9c1db08bd40dfe7ad366fa23efdce184e372d2adb431c91d2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://knot.com.co/BankatFirst/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 47312 Keep-Alive timeout=5, max=100 Date Sat, 23 Nov 2024 02:29:34 GMT Last-Modified Thu, 04 May 2023 09:00:46 GMT Content-Type text/css Server Apache
GET H/1.1	200 OK	Logo.png knot.com.co/BankatFirst/images/	7 KB 8 KB	151ms 52ms	Image image/png	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://knot.com.co/BankatFirst/images/Logo.png Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash `697207724e3c91390ee837852545c786fc8add50c203f26b44a940df94c471d8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://knot.com.co/BankatFirst/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 7478 Keep-Alive timeout=5, max=100 Date Sat, 23 Nov 2024 02:29:34 GMT Last-Modified Wed, 06 Sep 2023 11:12:42 GMT Content-Type image/png Server Apache
GET H/1.1	200 OK	Background.png knot.com.co/BankatFirst/images/	11 KB 11 KB	77ms 77ms	Image image/png	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://knot.com.co/BankatFirst/images/Background.png Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/224.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash `2e093a8eec7f8ed38bf91b536cf597aa9f91cf3b45abc11313fdf310736e5e22` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://knot.com.co/BankatFirst/css/224.css Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 10785 Keep-Alive timeout=5, max=98 Date Sat, 23 Nov 2024 02:29:34 GMT Last-Modified Wed, 06 Sep 2023 11:12:32 GMT Content-Type image/png Server Apache
GET H/1.1	200 OK	roboto-regular-webfont.woff2 knot.com.co/BankatFirst/fonts/	15 KB 15 KB	77ms 76ms	Font font/woff2	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/fonts/roboto-regular-webfont.woff2 Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/224.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash `3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://knot.com.co Referer https://knot.com.co/BankatFirst/css/224.css Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 15344 Keep-Alive timeout=5, max=99 Date Sat, 23 Nov 2024 02:29:35 GMT Last-Modified Sun, 22 May 2022 00:08:20 GMT Content-Type font/woff2 Server Apache
GET H/1.1	404 Not Found	muli-v11-latin-700.woff2 knot.com.co/BankatFirst/fonts/	0 0	909ms 908ms	Font text/html	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/fonts/muli-v11-latin-700.woff2 Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://knot.com.co Referer https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Response headers Transfer-Encoding chunked Link <https://knot.com.co/wp-json/>; rel="https://api.w.org/" Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Expires Wed, 11 Jan 1984 05:00:00 GMT Keep-Alive timeout=5, max=99 Date Sat, 23 Nov 2024 02:29:34 GMT Content-Type text/html; charset=UTF-8 Server Apache
GET H/1.1	404 Not Found	muli-v11-latin-600.woff2 knot.com.co/BankatFirst/fonts/	0 0	1001ms 932ms	Font text/html	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/fonts/muli-v11-latin-600.woff2 Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://knot.com.co Referer https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Response headers Transfer-Encoding chunked Link <https://knot.com.co/wp-json/>; rel="https://api.w.org/" Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Expires Wed, 11 Jan 1984 05:00:00 GMT Keep-Alive timeout=5, max=97 Date Sat, 23 Nov 2024 02:29:35 GMT Content-Type text/html; charset=UTF-8 Server Apache
GET H/1.1	404 Not Found	muli-v11-latin-regular.woff2 knot.com.co/BankatFirst/fonts/	0 0	974ms 896ms	Font text/html	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/fonts/muli-v11-latin-regular.woff2 Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://knot.com.co Referer https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Response headers Transfer-Encoding chunked Link <https://knot.com.co/wp-json/>; rel="https://api.w.org/" Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Expires Wed, 11 Jan 1984 05:00:00 GMT Keep-Alive timeout=5, max=98 Date Sat, 23 Nov 2024 02:29:35 GMT Content-Type text/html; charset=UTF-8 Server Apache
GET H/1.1	404 Not Found	muli-v11-latin-600.woff knot.com.co/BankatFirst/fonts/	0 0	866ms 865ms	Font text/html	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/fonts/muli-v11-latin-600.woff Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://knot.com.co Referer https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Response headers Transfer-Encoding chunked Link <https://knot.com.co/wp-json/>; rel="https://api.w.org/" Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Expires Wed, 11 Jan 1984 05:00:00 GMT Keep-Alive timeout=5, max=96 Date Sat, 23 Nov 2024 02:29:36 GMT Content-Type text/html; charset=UTF-8 Server Apache
GET H/1.1	404 Not Found	muli-v11-latin-700.woff knot.com.co/BankatFirst/fonts/	0 0	861ms 861ms	Font text/html	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/fonts/muli-v11-latin-700.woff Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://knot.com.co Referer https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Response headers Transfer-Encoding chunked Link <https://knot.com.co/wp-json/>; rel="https://api.w.org/" Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Expires Wed, 11 Jan 1984 05:00:00 GMT Keep-Alive timeout=5, max=98 Date Sat, 23 Nov 2024 02:29:36 GMT Content-Type text/html; charset=UTF-8 Server Apache
GET H/1.1	404 Not Found	muli-v11-latin-regular.woff knot.com.co/BankatFirst/fonts/	0 0	864ms 864ms	Font text/html	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/fonts/muli-v11-latin-regular.woff Requested by Host: knot.com.co URL: https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://knot.com.co Referer https://knot.com.co/BankatFirst/css/vthreeallFullCss.css Response headers Transfer-Encoding chunked Link <https://knot.com.co/wp-json/>; rel="https://api.w.org/" Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Expires Wed, 11 Jan 1984 05:00:00 GMT Keep-Alive timeout=5, max=97 Date Sat, 23 Nov 2024 02:29:36 GMT Content-Type text/html; charset=UTF-8 Server Apache
GET H/1.1	200 OK	favicon.ico knot.com.co/BankatFirst/	293 B 537 B	59ms 59ms	Other image/x-icon	162.241.43.69 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://knot.com.co/BankatFirst/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.241.43.69 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS vpsco.ventasdegaraje.com.co Software Apache / Resource Hash `6e18a721d5559f569e5a6585bb6430c1965788e4607ea6704601872de8168811` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://knot.com.co/BankatFirst/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 293 Keep-Alive timeout=5, max=96 Date Sat, 23 Nov 2024 02:29:37 GMT Last-Modified Mon, 01 May 2023 08:45:18 GMT Content-Type image/x-icon Server Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: First Financial Bank (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://knot.com.co/BankatFirst/fonts/muli-v11-latin-600.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://knot.com.co/BankatFirst/fonts/muli-v11-latin-700.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://knot.com.co/BankatFirst/fonts/muli-v11-latin-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://knot.com.co/BankatFirst/fonts/muli-v11-latin-600.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://knot.com.co/BankatFirst/fonts/muli-v11-latin-700.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://knot.com.co/BankatFirst/fonts/muli-v11-latin-regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

knot.com.co
162.241.43.69
2e093a8eec7f8ed38bf91b536cf597aa9f91cf3b45abc11313fdf310736e5e22
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4ebbbe9746e7d781b273e63ce287a2e1df2c973fbfc1c4a3665bb4858d62df8d
58d0a27afc6ed22f356c907579f15f41f120c913c118837dba9c1b8da13a5a4f
697207724e3c91390ee837852545c786fc8add50c203f26b44a940df94c471d8
6e18a721d5559f569e5a6585bb6430c1965788e4607ea6704601872de8168811
bc054fd38e88a7c9c1db08bd40dfe7ad366fa23efdce184e372d2adb431c91d2

knot.com.co Open in urlscan Pro 162.241.43.69 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

857 kBTransfer

856 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

knot.com.co Open in urlscan Pro
162.241.43.69 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

857 kB
Transfer

856 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!