urlscan.io logo urlscan.io
SecurityTrails logo

kungfucompetition.com Open in urlscan Pro
107.180.14.32  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Submission Tags: @jcybersec_
Submission: On June 02 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 107.180.14.32, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is kungfucompetition.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 20th 2019. Valid for: a year.
This is the only time kungfucompetition.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
10 107.180.14.32 26496 (AS-26496-...)
1 104.111.235.54 16625 (AKAMAI-AS)
1 104.111.239.74 16625 (AKAMAI-AS)
12 3
Domain Requested by
10 kungfucompetition.com kungfucompetition.com
1 img.secureserver.net
1 img1.wsimg.com kungfucompetition.com
12 3

This site contains no links.

Subject Issuer Validity Valid
kungfucompetition.com
Go Daddy Secure Certificate Authority - G2		 2019-06-20 -
2020-06-20		 a year crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2018-09-25 -
2020-09-25		 2 years crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2019-10-22 -
2021-10-22		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://kungfucompetition.com/Konto/bnp-de/werden/
Frame ID: A087FE3AA74B82CC495940B6065553B1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<div[^>]+class="g-recaptcha"/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

168 kB
Transfer

727 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kungfucompetition.com/Konto/bnp-de/werden/ 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache / PHP/7.2.30
Resource Hash
9bc974ab00da0ff704084af734df3a4a6f5c1ca5cd3c141e7a30b7bc32bfb5d8

Request headers

:method
GET
:authority
kungfucompetition.com
:scheme
https
:path
/Konto/bnp-de/werden/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 02 Jun 2020 01:24:46 GMT
server
Apache
x-powered-by
PHP/7.2.30
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
2533
content-type
text/html; charset=UTF-8
mentions.css
kungfucompetition.com/Konto/bnp-de/werden/css/ 		578 B
310 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/css/mentions.css
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
6c8b69c95db8718675491d4d85905191ae8b23b6095b4590904c404497e43808

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 01:17:12 GMT
server
Apache
etag
"5d40315-242-5a18f82e51600-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
229
main.css
kungfucompetition.com/Konto/bnp-de/werden/css/ 		3 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/css/main.css
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
4b96d226db7b9e6583e266a2af9a8908ed35140113460bdb67eed049b794aaf6

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 01:17:32 GMT
server
Apache
etag
"5d40313-b48-5a18f84164300-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
733
aui.css
kungfucompetition.com/Konto/bnp-de/werden/css/ 		493 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/css/aui.css
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
a2232d4cb0593f8fa12a156277c0024b62b953bcbf87881b22735155d827a1f9

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 01:18:48 GMT
server
Apache
etag
"5d40312-7b3a2-5a18f889dee00-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
all.css
kungfucompetition.com/Konto/bnp-de/werden/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/css/all.css
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
35f16a0e12a0d5d16d4f2d62bfcd9591c411d6ea6a7345ae400f58343b8b1853

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 01:20:10 GMT
server
Apache
etag
"5d40311-11ec-5a18f8d812680-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
1194
main2.css
kungfucompetition.com/Konto/bnp-de/werden/css/ 		122 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/css/main2.css
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
8bc38983c5f761883f2c86002e3b5ff0a0afc57cead2fc85d1ed2377dc8e4bf7

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 01:51:40 GMT
server
Apache
etag
"5d40314-1e8ce-5a18ffe284300-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
20143
home.svg
kungfucompetition.com/Konto/bnp-de/werden/img/ 		20 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/img/home.svg
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
b95572e17ce1d3d3f8656c476ef05d7c9562fc0127d3805bc050bbca3f339304

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 02:14:40 GMT
server
Apache
etag
"5d4034d-5156-5a19050696400-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
7729
home2.png
kungfucompetition.com/Konto/bnp-de/werden/img/ 		633 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/img/home2.png
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
b787565fc9f1e2e4b21b61a878a871c31d6c0089a6033daf5e5c56430c079c11

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
last-modified
Tue, 24 Mar 2020 02:15:50 GMT
server
Apache
etag
"5d4034e-279-5a19054958180"
content-type
image/png
status
200
accept-ranges
bytes
content-length
633
captc.png
kungfucompetition.com/Konto/bnp-de/werden/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/img/captc.png
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
39d0ab2f722cc93e251adb07882f991d7339900ec8b1ef7fe7050762a2e136fd

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
last-modified
Tue, 24 Mar 2020 01:22:38 GMT
server
Apache
etag
"5d4034b-16e0-5a18f96537380"
content-type
image/png
status
200
accept-ranges
bytes
content-length
5856
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2017 16:26:41 GMT
status
200
etag
"52ef5c943baad21:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
4564
expires
Wed, 02 Jun 2021 01:24:46 GMT
bnpp-sans.woff
kungfucompetition.com/Konto/bnp-de/werden/fonts/bnpp-sans/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kungfucompetition.com/Konto/bnp-de/werden/fonts/bnpp-sans/bnpp-sans.woff
Requested by
Host: kungfucompetition.com
URL: https://kungfucompetition.com/Konto/bnp-de/werden/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.14.32 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-14-32.ip.secureserver.net
Software
Apache /
Resource Hash
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kungfucompetition.com/Konto/bnp-de/werden/css/main2.css
Origin
https://kungfucompetition.com

Response headers

date
Tue, 02 Jun 2020 01:24:46 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 20:44:20 GMT
server
Apache
etag
"5d40341-d648-59bbb12ca7100-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/woff
status
200
accept-ranges
bytes
content-length
54639
event
img.secureserver.net/t/1/tl/ 		43 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/t/1/tl/event?cts=1591061087197&tce=1591061086158&tcs=1591061085948&tdc=1591061086997&tdclee=1591061086844&tdcles=1591061086844&tdi=1591061086844&tdl=1591061086280&tdle=1591061085948&tdls=1591061085936&tfs=1591061085935&tns=1591061085935&trqs=1591061086158&tre=1591061086278&trps=1591061086277&tles=1591061086997&tlee=1591061086997&ht=perf&dh=kungfucompetition.com&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&vci=2077547601&cv=1.0.6&z=1171929916&vg=233ae05f-7198-4816-8f9c-0d90b93d26e9&vtg=233ae05f-7198-4816-8f9c-0d90b93d26e9&ap=cpsh&trfd=%7B%22cts%22%3A1591061086843%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0004%22%7D&dp=%2FKonto%2Fbnp-de%2Fwerden
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-74.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kungfucompetition.com/Konto/bnp-de/werden/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Tue, 02 Jun 2020 01:24:47 GMT
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://kungfucompetition.com, *
Access-Control-Max-Age
1000
Cache-Control
private
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true

2 Cookies

Domain/Path Name / Value
kungfucompetition.com/ Name: _tccl_visit
Value: 233ae05f-7198-4816-8f9c-0d90b93d26e9
kungfucompetition.com/ Name: _tccl_visitor
Value: 233ae05f-7198-4816-8f9c-0d90b93d26e9