portal.tvlicensing.kismiciass.me Open in urlscan Pro
8.211.5.49 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qrku.org/bri/
Effective URL:
https://portal.tvlicensing.kismiciass.me/web-signin-identity/
Submission: On March 19 via manual (March 19th 2021, 8:24:51 pm UTC) from GB

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 8.211.5.49, located in Singapore and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is portal.tvlicensing.kismiciass.me.
TLS certificate: Issued by R3 on March 17th 2021. Valid for: 3 months.

This is the only time portal.tvlicensing.kismiciass.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: British Gas (Utility)

Domain & IP information

	IP Address	AS Autonomous System
1	159.89.206.210 159.89.206.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
17	8.211.5.49 8.211.5.49	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
18	2

1 159.89.206.210 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

qrku.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 8.211.5.49 (Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

portal.tvlicensing.kismiciass.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	kismiciass.me portal.tvlicensing.kismiciass.me	260 KB
1	qrku.org qrku.org	254 B
18	2

	Domain	Requested by
17	portal.tvlicensing.kismiciass.me	qrku.org portal.tvlicensing.kismiciass.me
1	qrku.org
18	2

This site contains no links.

Subject Issuer	Validity	Valid
qrku.org Sectigo RSA Domain Validation Secure Server CA	`2020-05-28` - `2021-05-28`	a year	crt.sh
online.tvlicensing.co.uk.kismiciass.xyz R3	`2021-03-17` - `2021-06-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portal.tvlicensing.kismiciass.me/web-signin-identity/
Frame ID: 966A8EB47686B808947B7B1A48623D54
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://qrku.org/bri/ Page URL
https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

260 kB
Transfer

606 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qrku.org/bri/ Page URL
https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response qrku.org/bri/	121 B 254 B	665ms 208ms	Document text/html	159.89.206.210 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://qrku.org/bri/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.206.210 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `1b939c699746947cb73074284613bd0659aed29ceceb2299de5bb8ca7c344ae2` Request headers :method GET :authority qrku.org :scheme https :path /bri/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx/1.10.3 (Ubuntu) date Fri, 19 Mar 2021 20:24:32 GMT content-type text/html content-length 121 last-modified Thu, 18 Mar 2021 18:00:56 GMT etag "60539558-79" accept-ranges bytes
GET H/1.1	200 OK	Primary Request / Show response portal.tvlicensing.kismiciass.me/web-signin-identity/	11 KB 3 KB	374ms 82ms	Document text/html	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Requested by Host: qrku.org URL: https://qrku.org/bri/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / PHP/5.4.16 Resource Hash `4cbc12aeae5403f6c7521114c5e27cb67ada5fc7d2124f24f4ca8be12a424b48` Request headers Host portal.tvlicensing.kismiciass.me Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://qrku.org/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://qrku.org/ Response headers Server nginx Date Fri, 19 Mar 2021 20:24:33 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/5.4.16 Content-Encoding gzip
GET H/1.1	200 OK	bg-vi-3.0.2.css portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	256 KB 39 KB	206ms 206ms	Stylesheet text/css	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `b4cac2afee6017de56452cc6a8186da6c86b3050dd0e1eb68724198c4e2c089b` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Content-Encoding gzip Last-Modified Tue, 09 Oct 2018 08:22:26 GMT Server nginx ETag W/"5bbc6542-4001a" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	font-awesome.min.css portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	30 KB 7 KB	188ms 94ms	Stylesheet text/css	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/font-awesome.min.css Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `b7e4ad0d6ad4c7eb74e69e6e90573965819855d3abc399ddafbdf9de97ffd78f` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Content-Encoding gzip Last-Modified Tue, 09 Oct 2018 08:22:32 GMT Server nginx ETag W/"5bbc6548-790f" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	vendor-6593e5f4e090a11492d9b56eb4e38aaa.css portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	103 KB 17 KB	252ms 158ms	Stylesheet text/css	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/vendor-6593e5f4e090a11492d9b56eb4e38aaa.css Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `f2b574839f1d5ce8925b021956475c312700817c64090524598bdf2180400949` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Content-Encoding gzip Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag W/"5bbc62e8-19bc7" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	identity-f3bfb218359aabfe20b6c891ec255dcb.css portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	17 KB 3 KB	178ms 83ms	Stylesheet text/css	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/identity-f3bfb218359aabfe20b6c891ec255dcb.css Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `764fe32c45a3799fe31d5ed5f9560139c28891129bd1547e3e1526a21b9682f0` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Content-Encoding gzip Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag W/"5bbc62e8-4210" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	hpp-embedded-integration-library.css portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	1 KB 754 B	180ms 79ms	Stylesheet text/css	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/hpp-embedded-integration-library.css Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `54b42426f6ba0f866610ffb0f40bf0e911a1cec856db9d40698a0e4abc26ba4d` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Content-Encoding gzip Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag W/"5bbc62e8-4be" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	bg-logo-mobile.svg portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	5 KB 5 KB	179ms 77ms	Image image/svg+xml	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-logo-mobile.svg Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `0b09bd432167b281c5a25bcc8b257e2f1c1ae28a7930d0cad0cbfbfb10759d21` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag "5bbc62e8-14a8" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 5288
GET H/1.1	200 OK	Icon_Twitter.svg portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	1 KB 1 KB	83ms 76ms	Image image/svg+xml	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/Icon_Twitter.svg Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `d62644999f39f595e1b30aac2a761b2d8b737099929c5697b789d41c4c6301bb` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag "5bbc62e8-466" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1126
GET H/1.1	200 OK	Icon_YouTube.svg portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	3 KB 3 KB	82ms 76ms	Image image/svg+xml	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/Icon_YouTube.svg Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `bc5c5b55010b215fda08a316c43cd46457222282277f075770b121bd17f42b89` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag "5bbc62e8-c89" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 3209
GET H/1.1	200 OK	Icon_Facebook.svg portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	673 B 908 B	1087ms 1081ms	Image image/svg+xml	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/Icon_Facebook.svg Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `dc40a98e7b83ebb528bee5f96d4d0af97b320ca2ab201f44ce57c903051010f6` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:34 GMT Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag "5bbc62e8-2a1" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 673
GET H/1.1	200 OK	Icon_News.svg portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	852 B 1 KB	72ms 71ms	Image image/svg+xml	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/Icon_News.svg Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `3db5ee91578360c1c725bac3f7d9de9421e5f627a752961356bb444ed2e7fd60` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag "5bbc62e8-354" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 852
GET H/1.1	200 OK	bg_logo_white.svg portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	4 KB 4 KB	72ms 72ms	Image image/svg+xml	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg_logo_white.svg Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `a391c60287bb2b30133526ff803b607fb5a791a0779080222a3a2be3d776ac7e` Request headers Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:12:24 GMT Server nginx ETag "5bbc62e8-fee" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 4078
GET H/1.1	200 OK	BGFlameWeb-Regular.woff2 portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	25 KB 26 KB	93ms 93ms	Font font/woff2	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/BGFlameWeb-Regular.woff2 Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `50647b5bfeb2b1b5ed0e0d0455ec76f9a13a7abacf6174e6db3062ca6d45b80a` Request headers Origin https://portal.tvlicensing.kismiciass.me Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:20:36 GMT Server nginx ETag "5bbc64d4-65ac" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 26028
GET H/1.1	200 OK	BGFlameWeb-Bold.woff2 portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	25 KB 26 KB	103ms 100ms	Font font/woff2	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/BGFlameWeb-Bold.woff2 Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `a900f743055a4adf42c76a01dcb1fda797874fbc04399dd0b3b58538229d1c7c` Request headers Origin https://portal.tvlicensing.kismiciass.me Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:20:30 GMT Server nginx ETag "5bbc64ce-65b8" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 26040
GET H/1.1	200 OK	BGFlameWeb-Light.woff2 portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	25 KB 25 KB	113ms 107ms	Font font/woff2	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/BGFlameWeb-Light.woff2 Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `b4edebaab409b49a09bb0e9fcddf4f260cf4f26d243b66bd83cff6a732060568` Request headers Origin https://portal.tvlicensing.kismiciass.me Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:20:34 GMT Server nginx ETag "5bbc64d2-6260" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 25184
GET H/1.1	200 OK	glyphicons-halflings-regular.woff portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	23 KB 23 KB	113ms 108ms	Font font/woff	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/glyphicons-halflings-regular.woff Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e` Request headers Origin https://portal.tvlicensing.kismiciass.me Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/bg-vi-3.0.2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:20:40 GMT Server nginx ETag "5bbc64d8-5b18" Content-Type font/woff Connection keep-alive Accept-Ranges bytes Content-Length 23320
GET H/1.1	200 OK	fontawesome-webfont.woff2 portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/	75 KB 76 KB	156ms 119ms	Font font/woff2	8.211.5.49 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: portal.tvlicensing.kismiciass.me URL: https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/font-awesome.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.211.5.49 , Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers Origin https://portal.tvlicensing.kismiciass.me Referer https://portal.tvlicensing.kismiciass.me/web-signin-identity/login_files/font-awesome.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 20:24:33 GMT Last-Modified Tue, 09 Oct 2018 08:20:38 GMT Server nginx ETag "5bbc64d6-12d68" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 77160

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: British Gas (Utility)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

portal.tvlicensing.kismiciass.me
qrku.org
159.89.206.210
8.211.5.49
0b09bd432167b281c5a25bcc8b257e2f1c1ae28a7930d0cad0cbfbfb10759d21
1b939c699746947cb73074284613bd0659aed29ceceb2299de5bb8ca7c344ae2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3db5ee91578360c1c725bac3f7d9de9421e5f627a752961356bb444ed2e7fd60
4cbc12aeae5403f6c7521114c5e27cb67ada5fc7d2124f24f4ca8be12a424b48
50647b5bfeb2b1b5ed0e0d0455ec76f9a13a7abacf6174e6db3062ca6d45b80a
54b42426f6ba0f866610ffb0f40bf0e911a1cec856db9d40698a0e4abc26ba4d
764fe32c45a3799fe31d5ed5f9560139c28891129bd1547e3e1526a21b9682f0
a391c60287bb2b30133526ff803b607fb5a791a0779080222a3a2be3d776ac7e
a900f743055a4adf42c76a01dcb1fda797874fbc04399dd0b3b58538229d1c7c
b4cac2afee6017de56452cc6a8186da6c86b3050dd0e1eb68724198c4e2c089b
b4edebaab409b49a09bb0e9fcddf4f260cf4f26d243b66bd83cff6a732060568
b7e4ad0d6ad4c7eb74e69e6e90573965819855d3abc399ddafbdf9de97ffd78f
bc5c5b55010b215fda08a316c43cd46457222282277f075770b121bd17f42b89
d62644999f39f595e1b30aac2a761b2d8b737099929c5697b789d41c4c6301bb
dc40a98e7b83ebb528bee5f96d4d0af97b320ca2ab201f44ce57c903051010f6
f2b574839f1d5ce8925b021956475c312700817c64090524598bdf2180400949
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

portal.tvlicensing.kismiciass.me Open in urlscan Pro 8.211.5.49 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

260 kBTransfer

606 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

portal.tvlicensing.kismiciass.me Open in urlscan Pro
8.211.5.49 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

260 kB
Transfer

606 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!