www.verifykbconline.com Open in urlscan Pro
198.54.120.64 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.verifykbconline.com/
Submission: On February 11 via automatic, source certstream-suspicious (February 11th 2022, 12:51:07 pm UTC) — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 198.54.120.64, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.verifykbconline.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 7th 2020. Valid for: 2 years.

This is the only time www.verifykbconline.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: KBC Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
19	198.54.120.64 198.54.120.64	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9983	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
24	3

19 198.54.120.64 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server319-3.web-hosting.com

www.verifykbconline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:fb::5f64:9983 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

online.kbc.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	verifykbconline.com www.verifykbconline.com	985 KB
3	kbc.ie online.kbc.ie	539 KB
24	2

	Domain	Requested by
19	www.verifykbconline.com	www.verifykbconline.com
3	online.kbc.ie	www.verifykbconline.com online.kbc.ie
24	2

This site contains no links.

Subject Issuer	Validity	Valid
*.web-hosting.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-07` - `2022-04-05`	2 years	crt.sh
online.kbc.ie DigiCert TLS RSA SHA256 2020 CA1	`2021-12-03` - `2022-12-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.verifykbconline.com/
Frame ID: D5521FE83DA349BDE842CA96D269139D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KBC Online BankingBack ButtonSearch IconFilter Icon

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

13 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1524 kB
Transfer

1964 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.verifykbconline.com/ 127 KB
24 KB 862ms
469ms Document
text/html 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: b25c2b084a2134a97a96a115a9c76b3ec59dc5d7dda501026d243769d462d75a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.2.34
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 11 Feb 2022 12:51:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery.js Show response
www.verifykbconline.com/files/ 106 KB
36 KB 172ms
170ms Script
application/javascript 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/jquery.js
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c7377440c6b67578abf2e061a4dfb3d7fd3e369d3f1de4fc190e3920029d5126

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 21:00:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 36239
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 theme.css
www.verifykbconline.com/files/ 34 KB
5 KB 171ms
170ms Stylesheet
text/css 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/theme.css
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 00afe6ba68ff2480f5384c2d152434074c329bc9b8212cfabaf6b30d59cbcb20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 20:55:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5181
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 theme2.css
www.verifykbconline.com/files/ 20 KB
2 KB 487ms
486ms Stylesheet
text/css 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/theme2.css
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2c9ec4c13c0936a449abd831cfe3ca37db47591d3f6439df013ec24dfed3ed01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 20:55:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2200
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 primefaces.css
www.verifykbconline.com/files/ 69 KB
11 KB 486ms
485ms Stylesheet
text/css 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/primefaces.css
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6144b5b0aad22502197b2291bf05970d76656682675e04901c089a5da5a851ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 21:06:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11361
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 main.min.css
online.kbc.ie/kbc-online/assets/css/ 203 KB
37 KB 589ms
446ms Stylesheet
text/css 2a02:26f0:fb::5f64:9983
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.kbc.ie/kbc-online/assets/css/main.min.css?1628980437802

Requested by

Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9983 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Off /

Resource Hash

cc4ed5d3cd546a249e5c082bfb7a9ba1b49300a0e06793d645685c3a64d0a372

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 10:32:30 GMT
server: Off
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 37382
expires: Sat, 12 Feb 2022 12:51:02 GMT

GET
H2 200 loader-white.gif
www.verifykbconline.com/files/ 22 KB
22 KB 163ms
162ms Image
image/gif 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/loader-white.gif
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2892a46043ce15c14cae684786e210cdd6e40e546fe367c6c231d9306be29304

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 20:57:20 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 22749
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 kbc-mobile-logo.png
www.verifykbconline.com/files/ 2 KB
3 KB 323ms
322ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/kbc-mobile-logo.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 054340b8c6e8c6fbeee6e0c9db6556ccddb18e887355f39337427d50d0d7c39d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 20:57:47 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2538
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 google-play.png
www.verifykbconline.com/files/ 17 KB
17 KB 164ms
162ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/google-play.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 941323585ef5c5b120969dc5680e089741b5b6dd5a0b429e58c656ba3a163b8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 20:58:17 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17453
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 app-store.png
www.verifykbconline.com/files/ 16 KB
16 KB 321ms
319ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/app-store.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f0b6c951b20961de78e6f1e8745ae1ddc619bc61d1974e669a2e11c565337909

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 20:58:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16039
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 logo.svg
www.verifykbconline.com/files/ 2 KB
1 KB 320ms
319ms Image
image/svg+xml 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/logo.svg
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: b6061dc3c4073bc8b8e99780abac25d148d8b1f9e8ee84fcb3dcbe71ecc4fdc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 20:58:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 879
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 login-mobile-digital-key.png
www.verifykbconline.com/files/ 25 KB
25 KB 477ms
476ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/login-mobile-digital-key.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 43b29da72e7f91c7b1c2e7446ce800680bb9edd88895e0d0182065fdd98ddcd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 21:09:03 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 25264
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 ico_vasco_cr_default.png
www.verifykbconline.com/files/ 1 KB
1 KB 323ms
322ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/ico_vasco_cr_default.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9e207f717755f1abec39a89dc60e02b8da754fea7bc9d3a7429be8f881af0ea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 20:58:59 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1235
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 login-digital-key-card.png
www.verifykbconline.com/files/ 22 KB
22 KB 323ms
323ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/login-digital-key-card.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6fba937c2e0b0d5f37e895b4d3b5dc198ca497c1b66cf19c32b828b6001d3bbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 21:10:09 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 22459
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 btn_ok.png
www.verifykbconline.com/files/ 754 B
954 B 322ms
321ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/btn_ok.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 253d387d9fe05934ec1b0416bb6a2b97f476e21f1dfa91cb4bbdc830e354bac2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 20:59:12 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 754
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 200 btn_no1.png
www.verifykbconline.com/files/ 2 KB
2 KB 323ms
322ms Image
image/png 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.verifykbconline.com/files/btn_no1.png
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 09a883265a965e97bd1d621be37b7bf0a69afd77ec899d78ff46b8860ff198c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.verifykbconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:02 GMT
last-modified: Fri, 17 Sep 2021 20:59:38 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1773
expires: Fri, 18 Feb 2022 12:51:02 GMT

GET
H2 206 mobile.webm
www.verifykbconline.com/files/ 279 KB
279 KB 628ms
628ms Media
video/webm 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/mobile.webm
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6e435ede9e0dcd75b91dd0543483f5447f6a872c40622ba822a553de9e615ed5

Request headers

Referer: https://www.verifykbconline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-285514/285515
date: Fri, 11 Feb 2022 12:51:03 GMT
last-modified: Fri, 17 Sep 2021 21:09:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
Content-Length: 285515
content-type: video/webm

GET
H2 206 digikey.webm
www.verifykbconline.com/files/ 497 KB
497 KB 631ms
630ms Media
video/webm 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/digikey.webm
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6893a2eb80e5af1d7b6c42ddc5e2f1365269b0f0720e1bd58e8fbd24092046c7

Request headers

Referer: https://www.verifykbconline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-508690/508691
date: Fri, 11 Feb 2022 12:51:03 GMT
last-modified: Fri, 17 Sep 2021 21:10:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
Content-Length: 508691
content-type: video/webm

GET
H2 200 login-bg.jpg
online.kbc.ie/kbc-online/assets/img/ 478 KB
479 KB 44ms
44ms Image
image/jpeg 2a02:26f0:fb::5f64:9983
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.kbc.ie/kbc-online/assets/img/login-bg.jpg

Requested by

Host: online.kbc.ie
URL: https://online.kbc.ie/kbc-online/assets/css/main.min.css?1628980437802

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9983 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Off /

Resource Hash

8739c4a103acf907967609edb8ca52c0b1c6aec69955d43fed779dcbb10a6f0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.kbc.ie/kbc-online/assets/css/main.min.css?1628980437802
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:03 GMT
last-modified: Thu, 13 Jan 2022 10:26:18 GMT
server: Off
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
cache-control: max-age=61313
accept-ranges: bytes
content-length: 489507
expires: Sat, 12 Feb 2022 05:52:56 GMT

GET
H2 200 sprites.png
online.kbc.ie/kbc-online/assets/img/ 22 KB
23 KB 53ms
53ms Image
image/png 2a02:26f0:fb::5f64:9983
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.kbc.ie/kbc-online/assets/img/sprites.png

Requested by

Host: online.kbc.ie
URL: https://online.kbc.ie/kbc-online/assets/css/main.min.css?1628980437802

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9983 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Off /

Resource Hash

886f92aa410ee4e4562af5c8104c37f8415d4ac69dfa30b96b6e05f811cd7840

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.kbc.ie/kbc-online/assets/css/main.min.css?1628980437802
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:03 GMT
last-modified: Thu, 13 Jan 2022 10:32:26 GMT
server: Off
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
cache-control: max-age=59852
accept-ranges: bytes
content-length: 22850
expires: Sat, 12 Feb 2022 05:28:35 GMT

GET k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
online.kbc.ie/kbc-online/assets/fonts/opensans/ 0
0

GET
H2 200 icons.ttf
www.verifykbconline.com/files/ 5 KB
5 KB 351ms
350ms Font
font/ttf 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/icons.ttf
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8459214e07d201e514c39ec8e2711f95ed9f0e2720e8231e07ecbb8ad3859e6d

Request headers

Referer: https://www.verifykbconline.com/
Origin: https://www.verifykbconline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:03 GMT
last-modified: Fri, 17 Sep 2021 21:12:44 GMT
server: LiteSpeed
content-type: font/ttf
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4936
expires: Fri, 18 Feb 2022 12:51:03 GMT

GET DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
online.kbc.ie/kbc-online/assets/fonts/opensans/ 0
0

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
www.verifykbconline.com/files/ 15 KB
15 KB 351ms
351ms Font
font/woff2 198.54.120.64
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.verifykbconline.com/files/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by: Host: www.verifykbconline.com
URL: https://www.verifykbconline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.120.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server319-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Request headers

Referer: https://www.verifykbconline.com/
Origin: https://www.verifykbconline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 12:51:03 GMT
last-modified: Fri, 17 Sep 2021 21:13:39 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 15572
expires: Fri, 18 Feb 2022 12:51:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.kbc.ie
URL: https://online.kbc.ie/kbc-online/assets/fonts/opensans/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Domain: online.kbc.ie
URL: https://online.kbc.ie/kbc-online/assets/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: KBC Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.verifykbconline.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2678ef80fbe92e4d699781e62f242d92

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.verifykbconline.com/ Message: Access to font at 'https://online.kbc.ie/kbc-online/assets/fonts/opensans/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2' from origin 'https://www.verifykbconline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.kbc.ie/kbc-online/assets/fonts/opensans/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.verifykbconline.com/ Message: Access to font at 'https://online.kbc.ie/kbc-online/assets/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2' from origin 'https://www.verifykbconline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.kbc.ie/kbc-online/assets/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.kbc.ie
www.verifykbconline.com
online.kbc.ie
198.54.120.64
2a02:26f0:fb::5f64:9983
00afe6ba68ff2480f5384c2d152434074c329bc9b8212cfabaf6b30d59cbcb20
054340b8c6e8c6fbeee6e0c9db6556ccddb18e887355f39337427d50d0d7c39d
09a883265a965e97bd1d621be37b7bf0a69afd77ec899d78ff46b8860ff198c1
253d387d9fe05934ec1b0416bb6a2b97f476e21f1dfa91cb4bbdc830e354bac2
2892a46043ce15c14cae684786e210cdd6e40e546fe367c6c231d9306be29304
2c9ec4c13c0936a449abd831cfe3ca37db47591d3f6439df013ec24dfed3ed01
43b29da72e7f91c7b1c2e7446ce800680bb9edd88895e0d0182065fdd98ddcd1
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6144b5b0aad22502197b2291bf05970d76656682675e04901c089a5da5a851ac
6893a2eb80e5af1d7b6c42ddc5e2f1365269b0f0720e1bd58e8fbd24092046c7
6e435ede9e0dcd75b91dd0543483f5447f6a872c40622ba822a553de9e615ed5
6fba937c2e0b0d5f37e895b4d3b5dc198ca497c1b66cf19c32b828b6001d3bbf
8459214e07d201e514c39ec8e2711f95ed9f0e2720e8231e07ecbb8ad3859e6d
8739c4a103acf907967609edb8ca52c0b1c6aec69955d43fed779dcbb10a6f0a
886f92aa410ee4e4562af5c8104c37f8415d4ac69dfa30b96b6e05f811cd7840
941323585ef5c5b120969dc5680e089741b5b6dd5a0b429e58c656ba3a163b8c
9e207f717755f1abec39a89dc60e02b8da754fea7bc9d3a7429be8f881af0ea5
b25c2b084a2134a97a96a115a9c76b3ec59dc5d7dda501026d243769d462d75a
b6061dc3c4073bc8b8e99780abac25d148d8b1f9e8ee84fcb3dcbe71ecc4fdc4
c7377440c6b67578abf2e061a4dfb3d7fd3e369d3f1de4fc190e3920029d5126
cc4ed5d3cd546a249e5c082bfb7a9ba1b49300a0e06793d645685c3a64d0a372
f0b6c951b20961de78e6f1e8745ae1ddc619bc61d1974e669a2e11c565337909

www.verifykbconline.com Open in urlscan Pro 198.54.120.64 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

13 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1524 kBTransfer

1964 kBSize

1 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

www.verifykbconline.com Open in urlscan Pro
198.54.120.64 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

13 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1524 kB
Transfer

1964 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!