p6taa7fq.dreamwp.com
Open in
urlscan Pro
176.74.26.59
Malicious Activity!
Public Scan
URL:
https://p6taa7fq.dreamwp.com/SN20/
Submission: On January 18 via manual from NO — Scanned from GB
Submission: On January 18 via manual from NO — Scanned from GB
Summary
This website contacted 13 IPs
in 3 countries
across 12 domains to perform 44 HTTP transactions.
The main IP is 176.74.26.59, located in
London, United Kingdom and
belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU.
The main domain is p6taa7fq.dreamwp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 11th 2024. Valid for: a year.
This is the only time p6taa7fq.dreamwp.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 11th 2024. Valid for: a year.
This is the only time p6taa7fq.dreamwp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BankID (Banking)Domain & IP information
22
176.74.26.59
(London, United Kingdom)
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: ipb04a1a3b.ipv4.lon01.ds.network
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: ipb04a1a3b.ipv4.lon01.ds.network
| p6taa7fq.dreamwp.com |
4
178.63.128.65
(Kempten (Allgaeu), Germany)
ASN24940 (HETZNER-AS, DE)
PTR: service.giosg.com
ASN24940 (HETZNER-AS, DE)
PTR: service.giosg.com
| service.giosg.com |
2
2a00:1450:4001:810::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2a00:1450:4001:808::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
5
142.250.74.198
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
| 6522680.fls.doubleclick.net |
4
216.58.206.34
(United States)
ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
| www.googleadservices.com |
1
2a00:1450:4001:830::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| adservice.google.co.uk |
2
2a00:1450:4001:800::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
dreamwp.com
p6taa7fq.dreamwp.com |
648 KB |
| 7 |
doubleclick.net
4 redirects
6522680.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 |
5 KB |
| 4 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145 |
40 KB |
| 4 |
google.com
2 redirects
adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2 |
3 KB |
| 4 |
giosg.com
service.giosg.com — Cisco Umbrella Rank: 99907 |
86 KB |
| 3 |
google.co.uk
1 redirects
adservice.google.co.uk — Cisco Umbrella Rank: 8810 www.google.co.uk — Cisco Umbrella Rank: 3619 |
1 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
96 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
| 1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998 |
7 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324 |
9 KB |
| 1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
|
| 1 |
mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7068 |
|
| 44 | 12 |
| Domain | Requested by | |
|---|---|---|
| 22 | p6taa7fq.dreamwp.com |
p6taa7fq.dreamwp.com
|
| 5 | 6522680.fls.doubleclick.net |
2 redirects
p6taa7fq.dreamwp.com
adservice.google.com |
| 4 | www.googleadservices.com |
6522680.fls.doubleclick.net
www.googleadservices.com |
| 4 | service.giosg.com |
p6taa7fq.dreamwp.com
service.giosg.com |
| 2 | www.google.co.uk |
6522680.fls.doubleclick.net
|
| 2 | www.google.com | 2 redirects |
| 2 | googleads.g.doubleclick.net | 2 redirects |
| 2 | adservice.google.com |
6522680.fls.doubleclick.net
|
| 2 | www.googletagmanager.com |
p6taa7fq.dreamwp.com
|
| 1 | adservice.google.co.uk | 1 redirects |
| 1 | fonts.googleapis.com |
p6taa7fq.dreamwp.com
|
| 1 | stackpath.bootstrapcdn.com |
p6taa7fq.dreamwp.com
|
| 1 | cdn.jsdelivr.net |
p6taa7fq.dreamwp.com
|
| 1 | www.google-analytics.com |
p6taa7fq.dreamwp.com
|
| 1 | cdn.mouseflow.com |
p6taa7fq.dreamwp.com
|
| 44 | 15 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.dreamwp.com Sectigo RSA Domain Validation Secure Server CA |
2024-01-11 - 2025-02-10 |
a year | crt.sh |
| *.giosg.com Starfield Secure Certificate Authority - G2 |
2023-07-26 - 2024-08-26 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| cdn.mouseflow.com Cloudflare Inc ECC CA-3 |
2023-10-25 - 2024-10-23 |
a year | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
| bootstrapcdn.com GTS CA 1P5 |
2023-11-30 - 2024-02-28 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://p6taa7fq.dreamwp.com/SN20/
Frame ID: 4C5CB0D6512C71F5070FD7708ECCEEC1
Requests: 20 HTTP requests in this frame
Frame:
https://p6taa7fq.dreamwp.com/SN20/id.html
Frame ID: 9B369D107712398CD020D29FB051475F
Requests: 13 HTTP requests in this frame
Frame:
https://6522680.fls.doubleclick.net/activityi;dc_pre=CKSlyJ215oMDFYRIHgIdxC4C5A;src=6522680;type=s360_001;cat=s360_0;ord=1;num=5035180122919;auiddc=1853619772.1697328433;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
Frame ID: 83865E4451925F3339AC7AE9C543E1AA
Requests: 5 HTTP requests in this frame
Frame:
https://6522680.fls.doubleclick.net/activityi;dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
Frame ID: 233B33F94100887CDE29AD6A2E9EFEB0
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
Frame ID: D8D5C3302F6E559EF297B4D3F806E8DA
Requests: 1 HTTP requests in this frame
Frame:
https://6522680.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
Frame ID: 071AF8D3CB4DD6972D20893C61CC7CD1
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Signering av låne- og leasingdokumenter | Santander Consumer BankDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtag/js
Mouse Flow
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.mouseflow\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://6522680.fls.doubleclick.net/activityi;src=6522680;type=s360_001;cat=s360_0;ord=1;num=5035180122919;auiddc=1853619772.1697328433;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin HTTP 302
- https://6522680.fls.doubleclick.net/activityi;dc_pre=CKSlyJ215oMDFYRIHgIdxC4C5A;src=6522680;type=s360_001;cat=s360_0;ord=1;num=5035180122919;auiddc=1853619772.1697328433;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
- https://6522680.fls.doubleclick.net/activityi;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin HTTP 302
- https://6522680.fls.doubleclick.net/activityi;dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
- https://adservice.google.co.uk/ddm/fls/i/dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin HTTP 302
- https://6522680.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/728090057/?random=58600740&cv=9&fst=1705562982564&num=1&npa=1&label=Ucm2CPXbpKMYEMmLl9sC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6522680.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKSlyJ215oMDFYRIHgIdxC4C5A%3Bsrc%3D6522680%3Btype%3Ds360_001%3Bcat%3Ds360_0%3Bord%3D1%3Bnum%3D5035180122919%3Bauiddc%3D1853619772.1697328433%3Bgtm%3D45He3an0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin%3F&ref=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&top=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&ocp_id=ZtOoZYmmJdSZ78EPvLyM8AQ&sscte=1&crd=&pscrd=IhMIifHhnbXmgwMV1Mw7Ah08HgNO HTTP 302
- https://www.google.com/pagead/1p-conversion/728090057/?random=58600740&cv=9&fst=1705562982564&num=1&npa=1&label=Ucm2CPXbpKMYEMmLl9sC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6522680.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKSlyJ215oMDFYRIHgIdxC4C5A%3Bsrc%3D6522680%3Btype%3Ds360_001%3Bcat%3Ds360_0%3Bord%3D1%3Bnum%3D5035180122919%3Bauiddc%3D1853619772.1697328433%3Bgtm%3D45He3an0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin%3F&ref=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&top=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIifHhnbXmgwMV1Mw7Ah08HgNO&is_vtc=1&ocp_id=ZtOoZYmmJdSZ78EPvLyM8AQ&cid=CAQSKQAvHhf_itB0A-2Xov4VANHqMgGjxNdT0J452z2GYpVUYXv2dPDJLzip&random=2278510281&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.co.uk/pagead/1p-conversion/728090057/?random=58600740&cv=9&fst=1705562982564&num=1&npa=1&label=Ucm2CPXbpKMYEMmLl9sC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6522680.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKSlyJ215oMDFYRIHgIdxC4C5A%3Bsrc%3D6522680%3Btype%3Ds360_001%3Bcat%3Ds360_0%3Bord%3D1%3Bnum%3D5035180122919%3Bauiddc%3D1853619772.1697328433%3Bgtm%3D45He3an0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin%3F&ref=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&top=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIifHhnbXmgwMV1Mw7Ah08HgNO&is_vtc=1&ocp_id=ZtOoZYmmJdSZ78EPvLyM8AQ&cid=CAQSKQAvHhf_itB0A-2Xov4VANHqMgGjxNdT0J452z2GYpVUYXv2dPDJLzip&random=2278510281&resp=GooglemKTybQhCsO&ipr=y
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/728090057/?random=1174116236&cv=9&fst=1705562982990&num=1&npa=1&label=m1tqCK_jpKMYEMmLl9sC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6522680.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKyqyJ215oMDFUdeHgIdCQgNTg%3Bsrc%3D6522680%3Btype%3Ds360_002%3Bcat%3Ds360_0%3Bord%3D1%3Bnum%3D8301488084670%3Bauiddc%3D1853619772.1697328433%3Bu1%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin%3Bgtm%3D45He3an0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&top=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&ocp_id=Z9OoZc3IAqzR78EPnsKaoAI&sscte=1&crd=&pscrd=IhMIjZj8nbXmgwMVrOg7Ah0eoQYk HTTP 302
- https://www.google.com/pagead/1p-conversion/728090057/?random=1174116236&cv=9&fst=1705562982990&num=1&npa=1&label=m1tqCK_jpKMYEMmLl9sC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6522680.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKyqyJ215oMDFUdeHgIdCQgNTg%3Bsrc%3D6522680%3Btype%3Ds360_002%3Bcat%3Ds360_0%3Bord%3D1%3Bnum%3D8301488084670%3Bauiddc%3D1853619772.1697328433%3Bu1%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin%3Bgtm%3D45He3an0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&top=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIjZj8nbXmgwMVrOg7Ah0eoQYk&is_vtc=1&ocp_id=Z9OoZc3IAqzR78EPnsKaoAI&cid=CAQSKQAvHhf_Hvzn_3uxk8YYVoJP6ubBjxdqxQT7VvuavoqLlJFxRUNbENvP&random=3005146751&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.co.uk/pagead/1p-conversion/728090057/?random=1174116236&cv=9&fst=1705562982990&num=1&npa=1&label=m1tqCK_jpKMYEMmLl9sC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6522680.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKyqyJ215oMDFUdeHgIdCQgNTg%3Bsrc%3D6522680%3Btype%3Ds360_002%3Bcat%3Ds360_0%3Bord%3D1%3Bnum%3D8301488084670%3Bauiddc%3D1853619772.1697328433%3Bu1%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin%3Bgtm%3D45He3an0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.santanderconsumer.no%252Fsignering%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&top=https%3A%2F%2Fp6taa7fq.dreamwp.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIjZj8nbXmgwMVrOg7Ah0eoQYk&is_vtc=1&ocp_id=Z9OoZc3IAqzR78EPnsKaoAI&cid=CAQSKQAvHhf_Hvzn_3uxk8YYVoJP6ubBjxdqxQT7VvuavoqLlJFxRUNbENvP&random=3005146751&resp=GooglemKTybQhCsO&ipr=y
44 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
p6taa7fq.dreamwp.com/SN20/ |
929 KB 602 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
service.giosg.com/live/ |
279 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm
www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
giosgClient.693ffe24773c6bcf31bb
service.giosg.com/static/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
291 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bab103f3-adef-43b5-968b-95ed1a9e2a6c
cdn.mouseflow.com/projects/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics
www.google-analytics.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bowser.min
p6taa7fq.dreamwp.com/SN20/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
giosgClient.0089d53e5bc33d43.css
p6taa7fq.dreamwp.com/SN20/css/ |
25 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
maintenance
p6taa7fq.dreamwp.com/SN20/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
browserValidator
p6taa7fq.dreamwp.com/SN20/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle
p6taa7fq.dreamwp.com/SN20/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id.html
p6taa7fq.dreamwp.com/SN20/ Frame 9B36 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CKSlyJ215oMDFYRIHgIdxC4C5A;src=6522680;type=s360_001;cat=s360_0;ord=1;num=5035180122919;auiddc=1853619772.1697328433;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer....
6522680.fls.doubleclick.net/ Frame 8386 Redirect Chain
|
1 KB 719 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;g...
6522680.fls.doubleclick.net/ Frame 233B Redirect Chain
|
586 B 475 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6111a3c3-8891-4abd-ab61-c786139e0ba3.woff2
p6taa7fq.dreamwp.com/signering/src/santander-styles/fonts/1473187/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7aeacd4a-1569-4794-bb75-7124c4de5eb5.woff2
p6taa7fq.dreamwp.com/signering/src/santander-styles/fonts/1473247/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
service.giosg.com/api/v5/orgs/3653/client-settings/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
service.giosg.com/api/v5/orgs/3653/client-settings/ |
30 B 379 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ Frame 9B36 |
64 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 9B36 |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
p6taa7fq.dreamwp.com/SN20/css/ Frame 9B36 |
188 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lary.css
p6taa7fq.dreamwp.com/SN20/css/ Frame 9B36 |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
acc.svg
p6taa7fq.dreamwp.com/SN20/image/ Frame 9B36 |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bar_lg.png
p6taa7fq.dreamwp.com/SN20/image/ Frame 9B36 |
884 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info.svg
p6taa7fq.dreamwp.com/SN20/image/ Frame 9B36 |
760 B 946 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sahm.svg
p6taa7fq.dreamwp.com/SN20/image/ Frame 9B36 |
172 B 358 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
protege.png
p6taa7fq.dreamwp.com/SN20/image/ Frame 9B36 |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.min.js
p6taa7fq.dreamwp.com/SN20/js/ Frame 9B36 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mask.js
p6taa7fq.dreamwp.com/SN20/js/ Frame 9B36 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ Frame 9B36 |
20 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8bd5d8f7-54d5-42ca-a619-b5f75277d539.woff
p6taa7fq.dreamwp.com/signering/src/santander-styles/fonts/1473247/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an...
adservice.google.com/ddm/fls/i/ Frame D8D5 |
588 B 393 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion.js
www.googleadservices.com/pagead/ Frame 8386 |
50 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CKSlyJ215oMDFYRIHgIdxC4C5A;src=6522680;type=s360_001;cat=s360_0;ord=1;num=5035180122919;auiddc=*;gtm=45He3an0;epver=2;~oref=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin
adservice.google.com/ddm/fls/z/ Frame 8386 |
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56c57025-d225-4399-b820-776d49f59b36.woff
p6taa7fq.dreamwp.com/signering/src/santander-styles/fonts/1473187/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
dc_pre=CKyqyJ215oMDFUdeHgIdCQgNTg;src=6522680;type=s360_002;cat=s360_0;ord=1;num=8301488084670;auiddc=1853619772.1697328433;u1=https%3A%2F%2Fwww.santanderconsumer.no%2Fsignering%2Flogin;gtm=45He3an...
6522680.fls.doubleclick.net/ddm/fls/r/ Frame 071A Redirect Chain
|
851 B 363 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.googleadservices.com/pagead/conversion/728090057/ Frame 8386 |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.uk/pagead/1p-conversion/728090057/ Frame 8386 Redirect Chain
|
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
conversion.js
www.googleadservices.com/pagead/ Frame 071A |
50 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.googleadservices.com/pagead/conversion/728090057/ Frame 071A |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.uk/pagead/1p-conversion/728090057/ Frame 071A Redirect Chain
|
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2773fe384d453c2d64d308c1aef1b589.ttf
p6taa7fq.dreamwp.com/signering/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2377ca782c832e4523317772ba7412d1.ttf
p6taa7fq.dreamwp.com/signering/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BankID (Banking)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| dataLayer object| giosgWebpackJsonp undefined| _ object| giosg object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady function| _giosg object| newScript object| scriptnode object| head object| newStyle object| stylenode string| page_visited undefined| tags undefined| categories function| audience function| jsUcfirst undefined| price undefined| id undefined| category undefined| brand function| getVariables function| oddOrEven function| calculateAge function| jGiosg1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnleDdJ98pIEioTWQZ0DfPnxLevP0Cb-kadxQJz-ELajeYzz4AWFRr3anlUnw4 |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6522680.fls.doubleclick.net
adservice.google.co.uk
adservice.google.com
cdn.jsdelivr.net
cdn.mouseflow.com
fonts.googleapis.com
googleads.g.doubleclick.net
p6taa7fq.dreamwp.com
service.giosg.com
stackpath.bootstrapcdn.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
142.250.74.198
176.74.26.59
178.63.128.65
216.58.206.34
2606:4700::6810:5814
2606:4700::6812:1a32
2606:4700::6812:bcf
2a00:1450:4001:800::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334
13aada436d6b8bf146ae1c3417b7d5a86a8ad71227ba4d13ff0696ae5bd88a65
2135db17253f889e03a392ec096f45b3a79cdb97b498841a698b2bf4a54e1bb4
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766
537b3458fc20332b83c6dd5e38df1c3fafbfae2105d86a4ee111636a0cf6796d
5cbd287372f85da69a0fe359df76f74cf0e6322f8e699feb30ec82633b95eed3
5dbd19221448f90507b7aaf64de919a3e82cdf9d1586e79429a2ae92cac07bd8
6b92a5737505223c2156908103cb5c468c28dd3cd9445d0500853157ce3f1932
6e18f127c8c28b3405df47a99617b1b13d86457b0b279ecee0352c48e804373a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1
833f92112e7b82de2d40e3413e6519b64e792217f5c1092b8c888cbd17b56a3f
8f3fc6e8eafcaffb525b24ee3f4e7208c1aefc10c64b42ee53463e1ca9c71d65
91b8485fb1c174bae0c4ac45868864adbd8d07f3a4a399cb0437ac8a129435bb
968a3494582c038681cf78ecf0bee20bbf2ab0eab8979b6ed49020dd64e8a97d
bd1eeab01ddc90adab4171265ea26531a6809f200f42b5d0e00912851dc8c370
c24eee8058989c41bc06d345bbc3e5332a6181ddf4ba4cec8b7e56f9e82af8f7
c47a35798fd4a25788b7dbb54dcee0d01447b328c49b104406c31071c18dd991
c59a41f3608a5c66dfce7ffd9d560a2dea9196c797d0f6a4462402eff98b0188
c7c507bb71038107ffbef4f6b8f3e6b636ca8303e9221ea8322643443a929bf5
cba05bfbcf9755ce28b86a2fca72718d2e821af148b7a856776edd8cca755c48
d931deb63af660da7bbeaacfd4ff82d4e793ba153e218dfc21ffcedc1ad5ba1b
eea3d1970195855c70a0957484d1985ecf544a9898831646a0d02bb3dcff0a1f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629