krisoffset.com Open in urlscan Pro
41.190.93.254 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://krisoffset.com/forms/home
Effective URL:
http://krisoffset.com/forms/home/auth.php?id=89144246
Submission: On August 09 via manual (August 9th 2022, 10:23:01 am UTC) from BE — Scanned from DE

Summary HTTP 24 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 41.190.93.254, located in Malawi and belongs to SKYBAND, MW. The main domain is krisoffset.com.

This is the only time krisoffset.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 24	41.190.93.254 41.190.93.254	37187 (SKYBAND) (SKYBAND)
1	151.101.65.230 151.101.65.230	54113 (FASTLY) (FASTLY)
24	2

24 41.190.93.254 (Malawi) 1 redirects

ASN37187 (SKYBAND, MW)
PTR: a1mw.com

krisoffset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.230 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-uk.medallia.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	krisoffset.com 1 redirects krisoffset.com	490 KB
1	medallia.eu resources.digital-cloud-uk.medallia.eu — Cisco Umbrella Rank: 24204	2 KB
24	2

	Domain	Requested by
24	krisoffset.com	1 redirects krisoffset.com
1	resources.digital-cloud-uk.medallia.eu	krisoffset.com
24	2

This site contains links to these domains. Also see Links.

Domain
www.bt.com
my.bt.com
signin1.bt.com
shop.bt.com
support.bt.com
home.bt.com

Subject Issuer	Validity	Valid
resources.digital-cloud-uk.medallia.eu R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://krisoffset.com/forms/home/auth.php?id=89144246
Frame ID: 2ECC9B83E561A5AB44A9CEA90C8AA9AF
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email Login Page

Page URL History Show full URLs

http://krisoffset.com/forms/home HTTP 301
http://krisoffset.com/forms/home/ Page URL
http://krisoffset.com/forms/home/auth.php?id=89144246 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

24
Requests

4 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

492 kB
Transfer

489 kB
Size

1
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bt.com/
Title: For the home

Search URL Search Domain Scan URL

URL: https://my.bt.com/s/apps/appsmybt/#/packages
Title: Your products

Search URL Search Domain Scan URL

URL: https://signin1.bt.com/btapps/logout?external_target=https%3A%2F%2Fhome%2Ebt%2Ecom%2Flogin%2Floginform%3FTARGET%3D%24SM%24https%3A%2F%2Fsignin1%2Ebt%2Ecom%2Fbtmail%2Fsecure%2Femaillogin
Title: Log out

Search URL Search Domain Scan URL

URL: https://www.bt.com/landline/
Title: Landline

Search URL Search Domain Scan URL

URL: https://www.bt.com/landline/deals/
Title: Landline deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/broadband/digital-voice
Title: Digital Voice

Search URL Search Domain Scan URL

URL: https://www.bt.com/manage/moving-home/
Title: Moving home

Search URL Search Domain Scan URL

URL: https://www.bt.com/broadband/switch
Title: Switch to BT

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv
Title: TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/buy
Title: Buy TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/packages
Title: TV & Broadband Deals

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/add
Title: Add TV to your Broadband

Search URL Search Domain Scan URL

URL: https://www.bt.com/tv/about-tv
Title: About BT TV

Search URL Search Domain Scan URL

URL: https://www.bt.com/personalised-tv-packages
Title: Change your BT TV package

Search URL Search Domain Scan URL

URL: https://shop.bt.com/learnmore/bt-branded-products-and-services/bt-tv-accessories?ReferrerID=G600&utm_source=btcom&utm_medium=bt+marketing&utm_campaign=navigation&utm_content=G600
Title: TV accessories

Search URL Search Domain Scan URL

URL: https://www.bt.com/mobile/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.bt.com/mobile/switch/
Title: Switching to BT

Search URL Search Domain Scan URL

URL: https://www.bt.com/products/broadband/gaming
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.bt.com/faults
Title: Fault tracking and repair

Search URL Search Domain Scan URL

URL: https://support.bt.com/track/fault/?view=faulttracker
Title: Track a fault

Search URL Search Domain Scan URL

URL: https://home.bt.com/secure/loginforward?view=mybt&redirectURL=https%3A%2F%2Fmy.bt.com%2Fmybt
Title: My BT

Search URL Search Domain Scan URL

URL: https://signin1.bt.com/login/emailloginform
Title: Email

Search URL Search Domain Scan URL

URL: https://my.bt.com/s/apps/appsselfserve/index.html#/forgotlogindetails?srfd=y&view=btmail&TARGET=%24SM%24https%3A%2F%2Fsignin1%2Ebt%2Ecom%2Fbtmail%2Fsecure%2Femaillogin
Title: your login details?

Search URL Search Domain Scan URL

URL: http://my.bt.com/btmail/cookies
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://krisoffset.com/forms/home HTTP 301
http://krisoffset.com/forms/home/ Page URL
http://krisoffset.com/forms/home/auth.php?id=89144246 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://krisoffset.com/forms/home HTTP 301
http://krisoffset.com/forms/home/

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
krisoffset.com/forms/home/
Redirect Chain

http://krisoffset.com/forms/home
http://krisoffset.com/forms/home/

221 B
615 B

313ms
312ms

Document
text/html

41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset-UTF-8;charset=UTF-8
Date: Tue, 09 Aug 2022 10:22:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 09 Aug 2022 10:22:53 GMT
Keep-Alive: timeout=5, max=100
Location: http://krisoffset.com/forms/home/
Server: Apache

GET
H/1.1 200
OK Primary Request auth.php Show response
krisoffset.com/forms/home/ 30 KB
30 KB 315ms
314ms Document
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: f191e3ac72a674309f6371662415ab30d9410a14e975e51a5c847c73fdc3e997

Request headers

Referer: http://krisoffset.com/forms/home/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 10:22:53 GMT
Keep-Alive: timeout=5, max=98
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK email-login.css
krisoffset.com/forms/home/assets/css/ 17 KB
17 KB 234ms
233ms Stylesheet
text/css 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/css/email-login.css
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: 64c0b1a63d28aec88452fd52c825d41ac5db4fffbabda37c16d7938a2dc6dc9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:48 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17655

GET
H/1.1 200
OK main.css
krisoffset.com/forms/home/assets/css/ 378 KB
379 KB 447ms
223ms Stylesheet
text/css 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/css/main.css
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: 027fae39fa7bd05049ec06463b1f408d842cfbce740f731aa6b2cc6fab22e5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:48 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 387472

GET
H/1.1 200
OK responsive-menu.css
krisoffset.com/forms/home/assets/css/ 30 KB
30 KB 467ms
240ms Stylesheet
text/css 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: ba17e376fe781be2379255a95419d1d627a41d49a0d5284c99f60ac1e3b6e5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:48 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30562

GET
H/1.1 200
OK responsive-footer.css
krisoffset.com/forms/home/assets/css/ 9 KB
9 KB 461ms
230ms Stylesheet
text/css 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/css/responsive-footer.css
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: d72ecb212984592129b1aaaead91855a72dffa15bddb9f2e7d5cdca4edd0a63d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:50 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8916

GET
H/1.1 200
OK logo-2018.svg
krisoffset.com/forms/home/assets/img/ 1 KB
1 KB 466ms
235ms Image
image/svg+xml 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://krisoffset.com/forms/home/assets/img/logo-2018.svg
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: 07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1049

GET
H/1.1 200
OK footer-adjuster.css
krisoffset.com/forms/home/assets/css/ 165 B
406 B 251ms
243ms Stylesheet
text/css 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/css/footer-adjuster.css
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: d9824ada36c9e9fbea22b55eb21af77f129649bbe7d2cfb3378eca5f4fb98e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 165

GET
H/1.1 200
OK BT_logo.png
krisoffset.com/forms/home/assets/img/ 2 KB
2 KB 232ms
231ms Image
image/png 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://krisoffset.com/forms/home/assets/img/BT_logo.png
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: 670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1720

GET
H2 200 1534441432041_Feedback-Desktop-35X112px.png
resources.digital-cloud-uk.medallia.eu/wdcuk/244/resources/image/ 2 KB
2 KB 136ms
37ms Image
image/png 151.101.65.230
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.digital-cloud-uk.medallia.eu/wdcuk/244/resources/image/1534441432041_Feedback-Desktop-35X112px.png

Requested by

Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.230 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6119be7cc96b4af4062655f430e186e0d838a832c0d6e51ca073311ca0719632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 10:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26033
via: 1.1 varnish
x-cache: HIT
vary: Accept-Encoding
content-length: 1729
x-amz-id-2: m6hpIc7EcRWh5kJjX2WTZvO+/wVyzfvHkZyQRMCb+bQsyBiCJdzgPC75wni0LdyDyGPJnI7r2HU=
x-served-by: cache-hhn4059-HHN
last-modified: Thu, 16 Aug 2018 17:43:58 GMT
server: AmazonS3
x-timer: S1660040575.463480,VS0,VE0
etag: "fa69d67821b1fd43444871114f1f4ab3"
strict-transport-security: max-age=31557600
x-amz-request-id: K7HXFW28VB5C6XQ3
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: image/png
x-cache-hits: 2

GET
H/1.1 200
OK logo-footer2018.svg
krisoffset.com/forms/home/assets/img/ 1 KB
1 KB 233ms
233ms Image
image/svg+xml 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://krisoffset.com/forms/home/assets/img/logo-footer2018.svg
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: 07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:51:56 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1049

GET
H/1.1 200
OK kloader.gif
krisoffset.com/forms/home/assets/img/ 19 KB
19 KB 240ms
240ms Image
image/gif 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://krisoffset.com/forms/home/assets/img/kloader.gif
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/auth.php?id=89144246
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash: 24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://krisoffset.com/forms/home/auth.php?id=89144246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:54 GMT
Last-Modified: Sat, 04 Jun 2022 04:52:02 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 19110

GET
H/1.1 404
Not Found BTFont_Rg.woff
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 222ms
222ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont_Rg.woff
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTFont_Bd.woff
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 241ms
240ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont_Bd.woff
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTFont-Light.ttf
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 233ms
233ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Light.ttf
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/main.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTFont-Bold.ttf
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 231ms
231ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Bold.ttf
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/main.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTFont-Regular.ttf
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 234ms
234ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Regular.ttf
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/main.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTTV-Bold.woff
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 243ms
243ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTTV-Bold.woff
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bttvicons.woff
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 446ms
222ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/bttvicons.woff
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/main.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTTV_Bd.woff2
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 243ms
242ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTTV_Bd.woff2
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bttvicons.woff2
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 223ms
222ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/bttvicons.woff2
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/main.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTTV-Bold.otf
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 244ms
243ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTTV-Bold.otf
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/responsive-menu.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTFont-Bold.woff
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 243ms
242ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Bold.woff
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/main.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BTFont-Bold.otf
krisoffset.com/forms/home/assets/fonts/bt/ 0
0 249ms
248ms Font
text/html 41.190.93.254
SKYBAND

General

Check archive.org

Show headers Download Go to

Full URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Bold.otf
Requested by: Host: krisoffset.com
URL: http://krisoffset.com/forms/home/assets/css/main.css
Protocol: HTTP/1.1
Server: 41.190.93.254 , Malawi, ASN37187 (SKYBAND, MW),
Reverse DNS: a1mw.com
Software: Apache /
Resource Hash

Request headers

Referer: http://krisoffset.com/forms/home/assets/css/main.css
Origin: http://krisoffset.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 10:22:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			krisoffset.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b660fe86fb504487696ddf5e338ab243

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont_Rg.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont_Bd.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTTV-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/bttvicons.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTTV_Bd.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/bttvicons.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTTV-Bold.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://krisoffset.com/forms/home/assets/fonts/bt/BTFont-Bold.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

krisoffset.com
resources.digital-cloud-uk.medallia.eu
151.101.65.230
41.190.93.254
027fae39fa7bd05049ec06463b1f408d842cfbce740f731aa6b2cc6fab22e5e0
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
6119be7cc96b4af4062655f430e186e0d838a832c0d6e51ca073311ca0719632
64c0b1a63d28aec88452fd52c825d41ac5db4fffbabda37c16d7938a2dc6dc9b
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
ba17e376fe781be2379255a95419d1d627a41d49a0d5284c99f60ac1e3b6e5c8
d72ecb212984592129b1aaaead91855a72dffa15bddb9f2e7d5cdca4edd0a63d
d9824ada36c9e9fbea22b55eb21af77f129649bbe7d2cfb3378eca5f4fb98e9c
f191e3ac72a674309f6371662415ab30d9410a14e975e51a5c847c73fdc3e997

krisoffset.com Open in urlscan Pro 41.190.93.254 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

4 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

492 kBTransfer

489 kBSize

1 Cookies

24 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

1 Cookies

12 Console Messages

Indicators

krisoffset.com Open in urlscan Pro
41.190.93.254 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

4 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

492 kB
Transfer

489 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!