kbodienst.web11736.web09.bero-webspace.de
Open in
urlscan Pro
45.82.121.115
Malicious Activity!
Public Scan
Effective URL: https://kbodienst.web11736.web09.bero-webspace.de/
Submission: On September 28 via manual from BE — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.
This is the only time kbodienst.web11736.web09.bero-webspace.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Kruispuntbank van Ondernemingen (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 66.29.141.36 66.29.141.36 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
12 | 45.82.121.115 45.82.121.115 | 44486 (SYNLINQ s...) (SYNLINQ synlinq.de) | |
3 | 142.250.185.234 142.250.185.234 | 15169 (GOOGLE) (GOOGLE) | |
3 | 142.250.185.163 142.250.185.163 | 15169 (GOOGLE) (GOOGLE) | |
18 | 4 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server310-4.web-hosting.com
brawalloleba.info |
ASN44486 (SYNLINQ synlinq.de, DE)
PTR: web09.bero-host.de
kbodienst.web11736.web09.bero-webspace.de |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
bero-webspace.de
kbodienst.web11736.web09.bero-webspace.de |
243 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113 |
2 KB |
1 |
brawalloleba.info
1 redirects
brawalloleba.info |
155 B |
18 | 4 |
Domain | Requested by | |
---|---|---|
12 | kbodienst.web11736.web09.bero-webspace.de |
kbodienst.web11736.web09.bero-webspace.de
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | fonts.googleapis.com |
kbodienst.web11736.web09.bero-webspace.de
|
1 | brawalloleba.info | 1 redirects |
18 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
economie.fgov.be |
www.kbo.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
kbodienst.web11736.web09.bero-webspace.de R3 |
2023-09-27 - 2023-12-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kbodienst.web11736.web09.bero-webspace.de/
Frame ID: E88EA3D33B49B2703C70A673638660AC
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Kruispuntbank van OndernemingenPage URL History Show full URLs
-
https://brawalloleba.info/
HTTP 301
https://kbodienst.web11736.web09.bero-webspace.de/ Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Kruispuntbank van Ondernemingen
Search URL Search Domain Scan URL
Title: privacyverklaring
Search URL Search Domain Scan URL
Title: cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://brawalloleba.info/
HTTP 301
https://kbodienst.web11736.web09.bero-webspace.de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
kbodienst.web11736.web09.bero-webspace.de/ Redirect Chain
|
47 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
burrito.css
kbodienst.web11736.web09.bero-webspace.de/assets/css/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exists.css
kbodienst.web11736.web09.bero-webspace.de/assets/css/ |
3 KB 902 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
kbodienst.web11736.web09.bero-webspace.de/assets/css/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
breakpoints.css
kbodienst.web11736.web09.bero-webspace.de/assets/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main2.css
kbodienst.web11736.web09.bero-webspace.de/assets/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plaza.css
kbodienst.web11736.web09.bero-webspace.de/assets/css/ |
27 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plaza-grid.css
kbodienst.web11736.web09.bero-webspace.de/assets/css/ |
17 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 860 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 869 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
kbodienst.web11736.web09.bero-webspace.de/assets/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
kbodienst.web11736.web09.bero-webspace.de/assets/js/ |
1 KB 588 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert.svg
kbodienst.web11736.web09.bero-webspace.de/assets/images/ |
715 B 888 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ciutadella-rounded-medium.ttf
kbodienst.web11736.web09.bero-webspace.de/assets/fonts/ |
169 KB 170 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Kruispuntbank van Ondernemingen (Government)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| SendDats0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
brawalloleba.info
fonts.googleapis.com
fonts.gstatic.com
kbodienst.web11736.web09.bero-webspace.de
142.250.185.163
142.250.185.234
45.82.121.115
66.29.141.36
05d61676243a64ccad78057a170807e5239b41c35d8d9d74df51ded98849b5ab
18e91510a233c637db58a9388a776a9dc418c6eb4bfe75ccb4d20d33f671d9e7
203558a4dd493b0204cb12bb86669e48433cb4c9cc3eb2cdf25a64ae64bddb4c
436e1554c80aa4a1b2712f349598f422106c2fb4d6433b08f1df96446f7a5ea7
4823d915e0eaa7bd350945631c90deb037a1ed4fc59670bcc68d9de59ff4435e
48d79b32a3b3060e0161b8cbd8e8ce53c7f870d4873fc3f577dfe1fdb63ef262
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
77169b4d9aac5b14700eca3b6e916358a6f1f832f345eec61c7e8c9953fed3c8
7bf2688ce758efffebd6d4a178909ffd856ae574edd5666d861cc99be330fa3e
a3027732a57ef92bfefab69910f2aa6126d1e37c4c861c0fafd1ead6545f9e4d
ae875c1f0ec18b2036699e6b3b7c938fce072730e1ab62f45b9fdc21765bb31b
af4ee60a07e329578ba096ffc105286b38f89ddbdaba3e669a305442bc8ccb3e
bc018c6d22989d796494a768aed6fc1d977cfd5d8c5d93c3f247483b0a7bf11e
bcfd0997c75acc5ec0cecb8deb53fdf5bc3b8d3d586fc015dde0fade08ea80ac
e5051c302da8cfcbfbb76ad060969b65a1b8aa7948de489ddccad7b48903b030
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e