urlscan.io logo urlscan.io
SecurityTrails logo

kikblox.com Open in urlscan Pro
172.67.171.230  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Effective URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Submission: On December 21 via api from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 172.67.171.230, located in United States and belongs to CLOUDFLARENET, US. The main domain is kikblox.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2022. Valid for: a year.
This is the only time kikblox.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DKB (Banking)

Domain & IP information

IP Address AS Autonomous System
2 5 172.67.171.230 13335 (CLOUDFLAR...)
2 104.16.88.20 13335 (CLOUDFLAR...)
10 104.21.95.250 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
16 5
Apex Domain
Subdomains		 Transfer
15 kikblox.com
www.kikblox.com
kikblox.com
246 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
141 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
961 B
16 3
Domain Requested by
13 kikblox.com kikblox.com
2 cdn.jsdelivr.net kikblox.com
cdn.jsdelivr.net
2 www.kikblox.com 2 redirects
1 fonts.googleapis.com cdn.jsdelivr.net
16 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-07 -
2023-03-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Frame ID: E35FA3FF566A3D920FA79B5580A82589
Requests: 15 HTTP requests in this frame

Frame: https://kikblox.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671624000
Frame ID: 79B778373BFCA0F9C5BBC368AED46D63
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Willkommen,

Page URL History Show full URLs

  1. http://www.kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f& HTTP 301
    https://www.kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f& HTTP 301
    https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]+semantic(?:\.min)\.css"
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

428 kB
Transfer

1327 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f& HTTP 301
    https://www.kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f& HTTP 301
    https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
kikblox.com/dkbdirect/web/
Redirect Chain
  • http://www.kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
  • https://www.kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
  • https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de13be8d2051a55a3f140a8f4f9496cb40f5699007539fbe77ab4120b492085f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77d12cbe5c581e9d-AMS
content-encoding
br
content-type
text/html; charset-UTF-8;charset=UTF-8
date
Wed, 21 Dec 2022 14:05:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e25z7uBbuajWYVlHjPGSW2OX4AFlcZl0ZeGRQpB5MSYZM7PwEBUYUe446hYSYGzIyt2YyWe0yKzu6VpHYhgBLnsw%2B9%2FXFFEoQFxLboqrHynv1y%2BnHZDGkeurhkqQbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
IS_SUBREQ,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-ua-compatible
IE=edge

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77d12cb9a9b31e9d-AMS
content-type
text/html; charset=iso-8859-1
date
Wed, 21 Dec 2022 14:05:49 GMT
location
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJQku4kdkATOaoSQmZ6JttTkswWuuiABEwTXxqCh5BzApI2VzgbwIan5%2FRds5nMnioUlH%2BxDGU3s%2FQ5tUoZjgoH9YJD8WwtW9Lv%2F%2BtSup18kMUdJx9BmAtGnN4jbYBOJEa0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
semantic.min.css
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/ 		614 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23777049
x-jsd-version
2.4.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19152-FRA, cache-bma1650-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"99738-xBtVnjRc5piOJZyFKbhk0QxxYOQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyIr1wf3bnOllk9aEG%2FA2wjWvBTRbPM%2BSsVxhnB8pBx98abZ2uV2DrhzpTfgDoTJUwUHNrvjJXFK29ShUQfvk8m0GVkmtXlnh7kEe4WpcZDJxo%2BVuM%2B9y%2BHGaEm%2BugwO2a4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77d12cc21e8c0a2b-ARN
main.css
kikblox.com/dkbdirect/web/layout/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kikblox.com/dkbdirect/web/layout/css/main.css
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a544f151174b6c9bc33a1dd4f8bb40aa8674fbe370960c8a17f4a209af5b17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=11012
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsmUFegeMqFe1PCgbRj33pKzCymwPn3fR2PEAtXDyRE4qjViCJnJMKYIxLSAlINtBO25UqO8VYaJjkCwRTxXDEdwFfxDeWovCvhM6cD5WEIN22HFjb%2FnS0n8VOX8rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
cf-ray
77d12cc1bdf01e9d-AMS
expires
Thu, 14 Dec 2023 06:05:34 GMT
main.js
kikblox.com/dkbdirect/web/layout/js/ 		495 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kikblox.com/dkbdirect/web/layout/js/main.js
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9718369441829f20a3ae98532a970d163fbbb73113082071b896dff82bef5b63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=857514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43SBPCjV6PTGXdiJS9y7vqRXrWVPduph5fE4sFjwyvCdVzHc1iHiGT7bjilzfA1hKlrbdhD3p8ufq59ZCsm%2FYUMHaoOpxPntbDrXyJcZ4u0Y0hEMfNIluKp3HbaONQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
cf-ray
77d12cc1bdf21e9d-AMS
expires
Sat, 16 Dec 2023 08:34:04 GMT
logo.png
kikblox.com/dkbdirect/web/layout/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kikblox.com/dkbdirect/web/layout/img/logo.png
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b35e728a11ebaa486217f6c05103335902d1bdcbe2e7640a6df44f8b7f936a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1029
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkkOmpHiFRlVEcNWXSJUPSlkIG6bUWx%2F7KoM4LdRekNqM0mfzDsHit38NjKoALMoK75HQ8txj%2BCtTwxSVYGAK0G3kbuzBTTb0nFXn8eC0WWGlgvqTT5%2BKxpFQoKF0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
77d12cc64ecb1cb0-AMS
expires
Fri, 13 Jan 2023 06:05:35 GMT
search.png
kikblox.com/dkbdirect/web/layout/img/ 		650 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kikblox.com/dkbdirect/web/layout/img/search.png
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78a7546181abd93801044ffa526b2716da93bfdf3062f68ebf51fb7327dd6ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
650
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QYYURU8XQzKWoj1c%2FaICCzJw0sV3towWpg4ehP5WMM9NqcD5GlHls6kUfWn7zjJDufQ7ZPEdinxCHSm50jSUWzYGxRqwcNBP4zwsogWNvkc0vPiohV2V9ssYJVd2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
77d12cc7b8911cb0-AMS
expires
Fri, 13 Jan 2023 06:05:35 GMT
aside_1.png
kikblox.com/dkbdirect/web/layout/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kikblox.com/dkbdirect/web/layout/img/aside_1.png
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d23c696ace7e88ea64474450d8cc42f27fe298e268c60a4c0f9e4d375a45c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3843
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxzuWyGg5SPdVGFQwiY3yyba0E5eWG%2FeU94Tbz9vyqUkHim%2FxI%2BrvPUNhrfXeJsbnTrhCFyRVlgOIaY3J%2BPn6J0G0VN7tsMD22sKpGcQP%2Bsm6Kqg1qT3IaMwtzZX%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
77d12cc92aab1cb0-AMS
expires
Sun, 15 Jan 2023 07:40:54 GMT
banner_1.png
kikblox.com/dkbdirect/web/layout/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kikblox.com/dkbdirect/web/layout/img/banner_1.png
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ecab11ca4a18e2fa96a9b5683187ad779b2762f1ae904ed65aebe0d7247cc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8908
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UAXHvcGfQLSFxlectEeEIa%2FVbKhvkUeg1mCZb6VATdN0o2XHoKsRX9%2FrgpUo3a1PFsr15%2FdUwhJCPxpjrxn33VeDaArS%2BBB4xKJElgwCD8WWxu%2B5e5iICAzYlJo3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
77d12ccaacc11cb0-AMS
expires
Fri, 13 Jan 2023 06:05:35 GMT
keyboard.png
kikblox.com/dkbdirect/web/layout/img/ 		315 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kikblox.com/dkbdirect/web/layout/img/keyboard.png
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09347f6a4e4d4863e0a665b0bff9c9d17a5b022b4fff6ceb185c3dde0f087494
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
315
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTu8xHfdnk5CnkD%2B%2FErwm9IUe9sJmE%2FfJB%2B1KNRthqVCWcQZ6rwcUYk4JVlMDrEQvHU4bYlFdmzQwxaaES2ESJGQrYTh1GD8%2Bvnbh3cDT4dw%2FFq5d%2BGHi2HCCv3fEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
77d12ccb5e0f1cb0-AMS
expires
Fri, 13 Jan 2023 06:05:35 GMT
aside_2.png
kikblox.com/dkbdirect/web/layout/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kikblox.com/dkbdirect/web/layout/img/aside_2.png
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51dd2d5cd058a7c9eecae574a2896089032ee1e7c35adf3b0a9dfa2549e7fe5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34401
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x438mFnoBPZPX5srbYk7qvp6WxVmy4jYHDd3XdhZqZUwRoP3BJkYDZzcX0fGdp83muvnZIinIULQ9Yvu1uuagzvEkgXvuf1NR0FupXxHw%2BdZPWOWzIYY1kR9B3qlow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
77d12ccb8e501cb0-AMS
expires
Fri, 13 Jan 2023 06:05:35 GMT
footer.png
kikblox.com/dkbdirect/web/layout/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kikblox.com/dkbdirect/web/layout/img/footer.png
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2362595d4adabb5a7119d6ac37ab03d9e39ffc5ed49bd41adfbc0ffddc14b7ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14375
last-modified
Wed, 14 Dec 2022 03:43:59 GMT
server
cloudflare
vary
IS_SUBREQ,User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTA2ThqjfdP%2BF%2Bjq0px0%2B8pEwm%2BNFIE9HDQpBCB1H7Qr%2FDPQR8VjwlMiFzmmn%2FmKLzD3ZkV8CwBAdiTa4JcHujYfsokOpVuw2GS4f7mb4caG2qN0hpMrFkhQFKfaJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
77d12ccb8e511cb0-AMS
expires
Sun, 15 Jan 2023 09:30:33 GMT
css
fonts.googleapis.com/ 		3 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cdn.jsdelivr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Dec 2022 14:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:46:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Dec 2022 14:05:50 GMT
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79b6bfed5b8e93eafbc4b6cc1aeb1a66256446899c27bfb099fc336fb59d3171

Request headers

Referer
Origin
https://kikblox.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
icons.woff2
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/themes/default/assets/fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/themes/default/assets/fonts/icons.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Origin
https://kikblox.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23777050
x-jsd-version
2.4.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40148
x-served-by
cache-fra19173-FRA, cache-bma1659-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"9cd4-bsbTbLJGS06CHPq7Uy8xC9NCYBw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyK5ZQ73YM4YQxzBL9lGlkvBNSFhDYf5bt2CdETT3Nfh60Ik39uqkFq7Bqm0RcCMnmBRvp6jJ1PMCtHrUVMwUsvcfz5xBuS6Lt2Yo9Lc7JEpFH8fdb0p9eiB2juaHclcsjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77d12ccc6dcc95f4-ARN
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20887aa995532d3a50cc4e65454d8e5e0a0ecc7862c465b12a4478972885bed1

Request headers

Referer
Origin
https://kikblox.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
invisible.js
kikblox.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 79B7 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kikblox.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671624000
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d6657df1a841054ec94d6ce880efb25bf787d547a8e62a9f729d29c163a031

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX1rBKTi4z%2F2gVACb4xj5g31qkwSmT%2FLco8EV21QqHU%2Fqju8St0YDqQV1FpUs3KLfkkuMVBi9R4AlJnQPQaqmEWTrh1RbpiNrcN%2BoDhgBzdMOL%2Fu4LLxk9Q5Kza7uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77d12ccbcea61cb0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
kikblox.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 79B7 		20 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kikblox.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: kikblox.com
URL: https://kikblox.com/dkbdirect/web/login.php?authId=761a66b5a04d1511e233874d4454644d472d728f&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e500040b482bcfef562c5d94af5142a9c296feb186e59b788b75b1e6acdd8e00

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBzEfT5dYp3TXwQ8IpKN1Tj8fVCLwX0rKzGSAKhtHpd%2FCOua4AOZxbfln53ewxz6Xq9jSO1yruNE46yzqZoocNbg0mbQYjGmJ8M15Fwp%2F4azhNBo7OLnC4kK988jFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77d12ccc8fe51cb0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
77d12cbe5c581e9d
kikblox.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 79B7 		2 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kikblox.com/cdn-cgi/challenge-platform/h/g/cv/result/77d12cbe5c581e9d
Requested by
Host: kikblox.com
URL: https://kikblox.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671624000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Dec 2022 14:05:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuP3PHeUArp0u890Yi1U9JUEgn8ymFj1UaRRci%2BxwaUs2Y0i1nv9VCnPaVMq5g3MZ0mzIZP3lo1eCDONjcDKiRyIDM6pxdh795M9QlkIvcIpo7XTeu6Grp5vE5xAnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
77d12ccf1bba1cb0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DKB (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| Modernizr function| $ function| jQuery string| get string| set

2 Cookies

Domain/Path Name / Value
kikblox.com/ Name: PHPSESSID
Value: 50adc6fef0fc262038bcf32bf4cf5d73
.kikblox.com/ Name: __cf_bm
Value: NWKCKg7UxmYZzqIa_FJgzzQ5SxhuybGWNASQNn3mFE0-1671631551-0-AQj6C4oNhBvDAY20b48N5NA0W+/cd07mWGCSr1vD3E4MBRwZau6JQcAO5jBUidUra+LICM5lO8we+gGtsFyex96enez85/MN51bxcfyDsIYnByj+BDQIOMYa4O2tHUUf0dDDqyk9Ty9L484iCdR/AU0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff