krisoffset.com
Open in
urlscan Pro
41.190.93.254
Malicious Activity!
Public Scan
Effective URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Submission: On August 09 via manual from BE — Scanned from DE
Summary
This is the only time krisoffset.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BT (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 24 | 41.190.93.254 41.190.93.254 | 37187 (SKYBAND) (SKYBAND) | |
1 | 151.101.65.230 151.101.65.230 | 54113 (FASTLY) (FASTLY) | |
24 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
krisoffset.com
1 redirects
krisoffset.com |
490 KB |
1 |
medallia.eu
resources.digital-cloud-uk.medallia.eu — Cisco Umbrella Rank: 24204 |
2 KB |
24 | 2 |
Domain | Requested by | |
---|---|---|
24 | krisoffset.com |
1 redirects
krisoffset.com
|
1 | resources.digital-cloud-uk.medallia.eu |
krisoffset.com
|
24 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bt.com |
my.bt.com |
signin1.bt.com |
shop.bt.com |
support.bt.com |
home.bt.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
resources.digital-cloud-uk.medallia.eu R3 |
2022-07-20 - 2022-10-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://krisoffset.com/forms/home/auth.php?id=89144246
Frame ID: 2ECC9B83E561A5AB44A9CEA90C8AA9AF
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Email Login PagePage URL History Show full URLs
-
http://krisoffset.com/forms/home
HTTP 301
http://krisoffset.com/forms/home/ Page URL
- http://krisoffset.com/forms/home/auth.php?id=89144246 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Title: For the home
Search URL Search Domain Scan URL
Title: Your products
Search URL Search Domain Scan URL
Title: Log out
Search URL Search Domain Scan URL
Title: Landline
Search URL Search Domain Scan URL
Title: Landline deals
Search URL Search Domain Scan URL
Title: Digital Voice
Search URL Search Domain Scan URL
Title: Moving home
Search URL Search Domain Scan URL
Title: Switch to BT
Search URL Search Domain Scan URL
Title: TV
Search URL Search Domain Scan URL
Title: Buy TV
Search URL Search Domain Scan URL
Title: TV & Broadband Deals
Search URL Search Domain Scan URL
Title: Add TV to your Broadband
Search URL Search Domain Scan URL
Title: About BT TV
Search URL Search Domain Scan URL
Title: Change your BT TV package
Search URL Search Domain Scan URL
Title: TV accessories
Search URL Search Domain Scan URL
Title: Mobile
Search URL Search Domain Scan URL
Title: Switching to BT
Search URL Search Domain Scan URL
Title: Gaming
Search URL Search Domain Scan URL
Title: Fault tracking and repair
Search URL Search Domain Scan URL
Title: Track a fault
Search URL Search Domain Scan URL
Title: My BT
Search URL Search Domain Scan URL
Title: Email
Search URL Search Domain Scan URL
Title: your login details?
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://krisoffset.com/forms/home
HTTP 301
http://krisoffset.com/forms/home/ Page URL
- http://krisoffset.com/forms/home/auth.php?id=89144246 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://krisoffset.com/forms/home HTTP 301
- http://krisoffset.com/forms/home/
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
krisoffset.com/forms/home/ Redirect Chain
|
221 B 615 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
auth.php
krisoffset.com/forms/home/ |
30 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email-login.css
krisoffset.com/forms/home/assets/css/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
krisoffset.com/forms/home/assets/css/ |
378 KB 379 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-menu.css
krisoffset.com/forms/home/assets/css/ |
30 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-footer.css
krisoffset.com/forms/home/assets/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-2018.svg
krisoffset.com/forms/home/assets/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-adjuster.css
krisoffset.com/forms/home/assets/css/ |
165 B 406 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BT_logo.png
krisoffset.com/forms/home/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1534441432041_Feedback-Desktop-35X112px.png
resources.digital-cloud-uk.medallia.eu/wdcuk/244/resources/image/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-footer2018.svg
krisoffset.com/forms/home/assets/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kloader.gif
krisoffset.com/forms/home/assets/img/ |
19 KB 19 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont_Rg.woff
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont_Bd.woff
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont-Light.ttf
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont-Bold.ttf
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont-Regular.ttf
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTTV-Bold.woff
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttvicons.woff
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTTV_Bd.woff2
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttvicons.woff2
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTTV-Bold.otf
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont-Bold.woff
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont-Bold.otf
krisoffset.com/forms/home/assets/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BT (Telecommunication)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
krisoffset.com/ | Name: PHPSESSID Value: b660fe86fb504487696ddf5e338ab243 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
krisoffset.com
resources.digital-cloud-uk.medallia.eu
151.101.65.230
41.190.93.254
027fae39fa7bd05049ec06463b1f408d842cfbce740f731aa6b2cc6fab22e5e0
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
6119be7cc96b4af4062655f430e186e0d838a832c0d6e51ca073311ca0719632
64c0b1a63d28aec88452fd52c825d41ac5db4fffbabda37c16d7938a2dc6dc9b
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
ba17e376fe781be2379255a95419d1d627a41d49a0d5284c99f60ac1e3b6e5c8
d72ecb212984592129b1aaaead91855a72dffa15bddb9f2e7d5cdca4edd0a63d
d9824ada36c9e9fbea22b55eb21af77f129649bbe7d2cfb3378eca5f4fb98e9c
f191e3ac72a674309f6371662415ab30d9410a14e975e51a5c847c73fdc3e997