kess-info.xyz Open in urlscan Pro
161.97.109.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kess-info.xyz/verification/sms2.php
Submission: On December 01 via automatic, source openphish (December 1st 2022, 1:15:28 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 161.97.109.178, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is kess-info.xyz.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.

This is the only time kess-info.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	161.97.109.178 161.97.109.178		51167 (CONTABO) (CONTABO)
10	1

10 161.97.109.178 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: germanymachine.hh-web.cf

kess-info.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	kess-info.xyz kess-info.xyz	46 KB
10	1

	Domain	Requested by
10	kess-info.xyz	kess-info.xyz
10	1

This site contains no links.

Subject Issuer	Validity	Valid
*.kess-info.xyz R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kess-info.xyz/verification/sms2.php
Frame ID: 2382C63A5E44E409234BF385A22DDFFD
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

3D Payment

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

46 kB
Transfer

50 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request sms2.php Show response kess-info.xyz/verification/	6 KB 2 KB	252ms 204ms	Document text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Full URL https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash `617f6756f926aad28ea6e6b5579299c08466230cb09e92f6a1275f70c920d5e7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-encoding br content-length 1663 content-type text/html; charset=UTF-8 date Thu, 01 Dec 2022 13:15:23 GMT server LiteSpeed vary Accept-Encoding
GET H2	404	none.css kess-info.xyz/verification/files/style/	0 0	15ms 12ms	Stylesheet text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Full URL https://kess-info.xyz/verification/files/style/none.css Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Thu, 01 Dec 2022 13:15:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1237 content-type text/html
GET H2	404	none2.css kess-info.xyz/verification/files/style/	0 0	16ms 13ms	Stylesheet text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Full URL https://kess-info.xyz/verification/files/style/none2.css Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Thu, 01 Dec 2022 13:15:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1237 content-type text/html
GET H2	404	modernizr.min.js kess-info.xyz/verification/files/js/	0 0	16ms 14ms	Script text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Full URL https://kess-info.xyz/verification/files/js/modernizr.min.js Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Thu, 01 Dec 2022 13:15:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1237 content-type text/html
GET H2	404	jquery.js kess-info.xyz/verification/files/js/	0 0	16ms 14ms	Script text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Full URL https://kess-info.xyz/verification/files/js/jquery.js Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Thu, 01 Dec 2022 13:15:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1237 content-type text/html
GET H2	404	jquery.ccvalid.js kess-info.xyz/verification/files/js/	0 0	16ms 15ms	Script text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Full URL https://kess-info.xyz/verification/files/js/jquery.ccvalid.js Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Thu, 01 Dec 2022 13:15:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1237 content-type text/html
GET H2	404	jquery.mask.js kess-info.xyz/verification/files/js/	0 0	17ms 15ms	Script text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Full URL https://kess-info.xyz/verification/files/js/jquery.mask.js Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Thu, 01 Dec 2022 13:15:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1237 content-type text/html
GET H2	200	vbvmcs.png kess-info.xyz/verification/files/	13 KB 13 KB	13ms 12ms	Image image/png	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://kess-info.xyz/verification/files/vbvmcs.png Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash `022920b873a68b6421753a0004b8e7ebc8127391be76d1a73a93d7d061fb873b` Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:15:23 GMT last-modified Fri, 26 Aug 2022 17:23:10 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 13332 expires Thu, 08 Dec 2022 13:15:23 GMT
GET H2	200	post-office.png kess-info.xyz/verification/files/	29 KB 29 KB	13ms 13ms	Image image/png	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://kess-info.xyz/verification/files/post-office.png Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash `9f5e847ab53432a39446a024aa814527eb769fb7edcbd41e94313f0d5aaaf125` Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:15:23 GMT last-modified Sun, 04 Sep 2022 15:16:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 29954 expires Thu, 08 Dec 2022 13:15:23 GMT
GET H2	404	lod2.gif kess-info.xyz/verification/files/img/	1 KB 1 KB	25ms 25ms	Image text/html	161.97.109.178 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://kess-info.xyz/verification/files/img/lod2.gif Requested by Host: kess-info.xyz URL: https://kess-info.xyz/verification/sms2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 161.97.109.178 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS germanymachine.hh-web.cf Software LiteSpeed / Resource Hash `79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d` Request headers accept-language de-DE,de;q=0.9 Referer https://kess-info.xyz/verification/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Thu, 01 Dec 2022 13:15:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1237 content-type text/html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange number| seconds function| secondPassed number| countdownTimer

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kess-info.xyz/verification/files/style/none.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kess-info.xyz/verification/files/style/none2.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kess-info.xyz/verification/files/js/modernizr.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kess-info.xyz/verification/files/js/jquery.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kess-info.xyz/verification/files/js/jquery.ccvalid.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kess-info.xyz/verification/files/js/jquery.mask.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kess-info.xyz/verification/files/img/lod2.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kess-info.xyz
161.97.109.178
022920b873a68b6421753a0004b8e7ebc8127391be76d1a73a93d7d061fb873b
617f6756f926aad28ea6e6b5579299c08466230cb09e92f6a1275f70c920d5e7
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
9f5e847ab53432a39446a024aa814527eb769fb7edcbd41e94313f0d5aaaf125

kess-info.xyz Open in urlscan Pro 161.97.109.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

46 kBTransfer

50 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

kess-info.xyz Open in urlscan Pro
161.97.109.178 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

46 kB
Transfer

50 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions