whatsecurityuk.co.uk Open in urlscan Pro
160.153.131.196 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://whatsecurityuk.co.uk/User/
Submission: On April 26 via automatic, source openphish (April 26th 2021, 1:37:45 pm UTC)

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 160.153.131.196, located in Amsterdam, Netherlands and belongs to GODADDY-AMS, DE. The main domain is whatsecurityuk.co.uk.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 18th 2020. Valid for: a year.

This is the only time whatsecurityuk.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swedbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	160.153.131.196 160.153.131.196	21501 (GODADDY-AMS) (GODADDY-AMS)
20	164.10.48.64 164.10.48.64	19905 (NEUSTAR-AS6) (NEUSTAR-AS6)
28	3

2 160.153.131.196 (Amsterdam, Netherlands)

ASN21501 (GODADDY-AMS, DE)

whatsecurityuk.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 164.10.48.64 (Sweden)

ASN19905 (NEUSTAR-AS6, US)

online.swedbank.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	swedbank.se online.swedbank.se	1000 KB
2	whatsecurityuk.co.uk whatsecurityuk.co.uk	77 KB
28	2

	Domain	Requested by
20	online.swedbank.se	whatsecurityuk.co.uk online.swedbank.se
2	whatsecurityuk.co.uk	whatsecurityuk.co.uk
28	2

This site contains no links.

Subject Issuer	Validity	Valid
whatsecurityuk.co.uk Go Daddy Secure Certificate Authority - G2	`2020-07-18` - `2021-07-18`	a year	crt.sh
online.swedbank.se DigiCert SHA2 Extended Validation Server CA	`2020-11-05` - `2021-11-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://whatsecurityuk.co.uk/User/
Frame ID: 633E8DD19D0FE8E7667A8C4730363AED
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

28
Requests

79 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1196 kB
Transfer

3075 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response whatsecurityuk.co.uk/User/	83 KB 13 KB	139ms 56ms	Document text/html	160.153.131.196 GODADDY-AMS
General Check archive.org Show headers Download Go to Full URL https://whatsecurityuk.co.uk/User/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.131.196 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE), Reverse DNS Software Apache / Resource Hash `c51d8fdd3a42f50a59dd22ef909aa7bdd58febad4f6da148169a2ee44fd7579c` Request headers :method GET :authority whatsecurityuk.co.uk :scheme https :path /User/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 13:37:28 GMT server Apache last-modified Sun, 25 Apr 2021 13:35:00 GMT etag "8c22662-14d00-5c0cc188317e6-gzip" accept-ranges bytes vary Accept-Encoding,User-Agent content-encoding gzip content-length 13477 content-type text/html
GET H/1.1	200 OK	legacy-detection.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/	5 KB 3 KB	313ms 57ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/legacy-detection.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `6c1d2636b1695c41dd90e20e53121e2498120ff43306e8ceb6fca90988a66a98` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "1435-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 2793
GET H/1.1	200 OK	styles.39a25728cf93d69e8705.css online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	1 MB 442 KB	331ms 75ms	Stylesheet text/css	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/styles.39a25728cf93d69e8705.css Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `4cf546f041cd82149a3f45d1a3ee9ff28c03cf5c0ccf9e0522740928c49fb5cf` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "13bc65-6077f784" Vary Accept-Encoding Content-type text/css Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Transfer-Encoding chunked Accept-ranges bytes
GET H/1.1	200 OK	0-es2015.abe45e0ddd93c7bfa579.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	21 KB 8 KB	319ms 61ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/0-es2015.abe45e0ddd93c7bfa579.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `a2eb022634e7b5f300fa77a1f6c474e87a23dbb80246e530a25cc3749d1640a7` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "52ec-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 7881
GET H/1.1	200 OK	2-es2015.abfde8f996438aa0d437.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	44 KB 16 KB	327ms 67ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/2-es2015.abfde8f996438aa0d437.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `d1526af1884f49b0a12cc28c0452e5f54dd63d0a5d76c09b9a4a2c3a05d99e43` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "b1da-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 16185
GET H/1.1	200 OK	4-es2015.b4b1ebb75a4b2dc5865a.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	42 KB 11 KB	329ms 72ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/4-es2015.b4b1ebb75a4b2dc5865a.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `86487eba18fb273840e57c21484a38fedcb9ed2f2f1f0e63fb0f48311d1ff067` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "a8fa-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 10734
GET H/1.1	200 OK	5-es2015.e1e364dff216fd100811.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	43 KB 15 KB	326ms 68ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/5-es2015.e1e364dff216fd100811.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `5cbc71196cd1e3d1f1fea5c3ce167ca7dc855c985acdb9f1923d00510197c200` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "aa81-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 15119
GET H/1.1	200 OK	6-es2015.fc522296942d5fa3ab9b.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	36 KB 11 KB	371ms 62ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/6-es2015.fc522296942d5fa3ab9b.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `d69a7cea88d8a003d02fbcb44a51dc77fa778916749b9a01d082c576db3d451e` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "9093-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 10567
GET H/1.1	200 OK	7-es2015.e12fde819d10ba184249.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	20 KB 7 KB	377ms 61ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/7-es2015.e12fde819d10ba184249.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `f3ad390eb777325e1feb69377e44a4f12344a9727ad6538efb9742f1e188ef1a` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "4fa9-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 6890
GET H/1.1	200 OK	10-es2015.72082fac230cf789993a.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	61 KB 24 KB	395ms 69ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/10-es2015.72082fac230cf789993a.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `0f75dbe35fc3e6a26da27099b8e54a02b012d703ce5f0f369d8f7bddcbc412f5` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "f265-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 24126
GET H/1.1	200 OK	12-es2015.15a12c99a95d1b951729.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	37 KB 14 KB	397ms 69ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/12-es2015.15a12c99a95d1b951729.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `ce5015e759e48e439ff3a2a4fc22b89eb932080401ee04d734c1e76131948c45` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "93c8-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 13625
GET H/1.1	200 OK	common-es2015.eb0204dc9dc90ecb38de.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	35 KB 13 KB	397ms 69ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/common-es2015.eb0204dc9dc90ecb38de.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `cc309661d6e4e3137ad4e48d27d79cbfa37dde478682d83f000dab017d265ed4` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "8bdc-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 12916
GET H/1.1	200 OK	54-es2015.d192c02b2c1a95d35c20.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	103 KB 38 KB	439ms 68ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/54-es2015.d192c02b2c1a95d35c20.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `c5c25033d2e5ae6470e603e9ac9e278a168b437f92c0aca59745873ccec5cc0e` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "19aa4-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 38487
GET H/1.1	200 OK	3-es2015.ea26fc3f971f769b6f6b.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	40 KB 16 KB	444ms 66ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/3-es2015.ea26fc3f971f769b6f6b.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `827b4ec5cadead8c9fd7621d5b47baa2388e1e72c1e1f799f383684f8f1ba5de` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "a17b-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 15891
GET H/1.1	200 OK	52-es2015.374074aa45d22832ce14.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	29 KB 13 KB	466ms 69ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/52-es2015.374074aa45d22832ce14.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `67ba9c78b818c04c0972ce03ed897eec5666735c89d507c7a96b4d8f6a446f05` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "7585-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 13017
GET H/1.1	200 OK	9-es2015.8453ae32b2c8ba709ceb.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	83 KB 26 KB	468ms 71ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/9-es2015.8453ae32b2c8ba709ceb.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `f1555c027408503b1b473c19d34b3fdc20f722251690c65cc40d5e04671ee0ec` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "14b85-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 25747
GET H/1.1	200 OK	13-es2015.9f48e4f45d96929c98da.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	16 KB 7 KB	461ms 63ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/13-es2015.9f48e4f45d96929c98da.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `9cba9addd53bda3762b31b09d2bddc70c654d1e68b66a6b6d5b84ec037dc7eef` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "40ac-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 6558
GET H/1.1	200 OK	19-es2015.e1dfaa8aff45ba42e5d4.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	61 KB 23 KB	511ms 68ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/19-es2015.e1dfaa8aff45ba42e5d4.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `1f756174c34f545be11caeb677fca0c660f13d3920dfb6d68593dcf97ec8ac97` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "f563-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 22979
GET H/1.1	200 OK	73-es2015.4cb248a12052fa9486b5.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	2 KB 2 KB	525ms 62ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/73-es2015.4cb248a12052fa9486b5.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `8f90e450e40f4aceb19062dfa89019065ed2e2b20c94c6da093771d3fd38ae47` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "6e4-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Connection Keep-Alive Accept-ranges bytes Content-length 1183
GET		runtime-es2015.08cacfcf8fb06c1bb6e6.js online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	0 0

GET		polyfills-es2015.d084f3483664f444e5fe.js online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	0 0

GET H/1.1	200 OK	acorn.86efeb0af4d2fd00cc6a.js Show response online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	859 KB 305 KB	75ms 74ms	Script application/x-javascript	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/acorn.86efeb0af4d2fd00cc6a.js Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `510c1851b216b56f8a5ac888b5c3d743d32ceacc00db361447e9c44ffdac21b3` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:28 GMT Content-Encoding gzip Last-modified Thu, 15 Apr 2021 08:21:24 GMT Etag "d6b9b-6077f784" Vary Accept-Encoding Content-type application/x-javascript Cache-control max-age=27000000, s-maxage=27000000, must-revalidate, proxy-revalidate, public, no-transform Transfer-Encoding chunked Accept-ranges bytes
GET		main-es2015.6918beea1ea4013778b9.js online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/	0 0

GET DATA	200 OK	truncated /	43 KB 43 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8a29a44d0575bbb9c598d1190b9b53f45574297ad219b0f0c3dd326d97bdfd8b` Request headers Origin https://whatsecurityuk.co.uk Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET DATA	200 OK	truncated /	24 KB 24 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `31e99c1ca1a2170b668452ac639b744d47b8462a69b98ffb4e423dd7661389d4` Request headers Origin https://whatsecurityuk.co.uk Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET DATA	200 OK	truncated /	51 KB 51 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `399988545ac5483fcc4faa2643124fa258f61f84316febecbccb7c53b5ff1c42` Request headers Origin https://whatsecurityuk.co.uk Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H/1.1	200 OK	swb-sb-logo.png online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/	8 KB 8 KB	64ms 63ms	Image image/png	164.10.48.64 NEUSTAR-AS6
General Check archive.org Show headers Download Go to Show image Full URL https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/swb-sb-logo.png Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.10.48.64 , Sweden, ASN19905 (NEUSTAR-AS6, US), Reverse DNS Software / Resource Hash `608c72448722e7ce09e6ca293cb4c94fc4878c162f722ae199b52c9d11873376` Request headers Referer https://whatsecurityuk.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Apr 2021 13:37:29 GMT Last-modified Thu, 15 Apr 2021 08:21:25 GMT Etag "2019-6077f785" Vary Accept-Encoding Content-type image/png Cache-control max-age=2592000, s-maxage=2592000, must-revalidate, proxy-revalidate, public, no-transform Accept-ranges bytes Content-length 8217
GET DATA	200 OK	truncated /	695 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f9d05f87b12629e4111bca6bc2f0071b1da308a9b9d65e9125a2a1a3552ee121` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET		SWB_Icons-63.f573cb0c15269e5fd2c0e2ccc71986a9.woff2 online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/	0 0

GET DATA	200 OK	truncated /	227 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0f5e4cc2c902e9017727b8d0a81245c5223232da27e6b0262d1bed82fa743d5e` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ whatsecurityuk.co.uk/User/	64 KB 64 KB	47ms 47ms	Image text/html	160.153.131.196 GODADDY-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://whatsecurityuk.co.uk/User/ Requested by Host: whatsecurityuk.co.uk URL: https://whatsecurityuk.co.uk/User/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.131.196 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE), Reverse DNS Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers :path /User/ pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority whatsecurityuk.co.uk referer https://whatsecurityuk.co.uk/User/ :scheme https sec-fetch-site same-origin :method GET Referer https://whatsecurityuk.co.uk/User/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 13:37:29 GMT content-encoding gzip last-modified Sun, 25 Apr 2021 13:35:00 GMT server Apache etag "8c22662-14d00-5c0cc188317e6-gzip" vary Accept-Encoding,User-Agent content-type text/html accept-ranges bytes content-length 13477
GET		SWB_Icons-63.c76a5e7c6d445e8b2b8673c998e368f5.woff online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/	0 0

GET		SWB_Icons-63.c7c6d58728555b71eb094e94a0dc6dcc.ttf online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.swedbank.se
URL: https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/runtime-es2015.08cacfcf8fb06c1bb6e6.js

Domain: online.swedbank.se
URL: https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/polyfills-es2015.d084f3483664f444e5fe.js

Domain: online.swedbank.se
URL: https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/sv/main-es2015.6918beea1ea4013778b9.js

Domain: online.swedbank.se
URL: https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/SWB_Icons-63.f573cb0c15269e5fd2c0e2ccc71986a9.woff2

Domain: online.swedbank.se
URL: https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/SWB_Icons-63.c76a5e7c6d445e8b2b8673c998e368f5.woff

Domain: online.swedbank.se
URL: https://online.swedbank.se/SWB-INTERNET-BANK-178.1.0-5d240a2d1aa23eda97774f298a4d9c0695f2c3c1/resources/images/SWB_Icons-63.c7c6d58728555b71eb094e94a0dc6dcc.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swedbank (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.swedbank.se
whatsecurityuk.co.uk
online.swedbank.se
160.153.131.196
164.10.48.64
0f5e4cc2c902e9017727b8d0a81245c5223232da27e6b0262d1bed82fa743d5e
0f75dbe35fc3e6a26da27099b8e54a02b012d703ce5f0f369d8f7bddcbc412f5
1f756174c34f545be11caeb677fca0c660f13d3920dfb6d68593dcf97ec8ac97
31e99c1ca1a2170b668452ac639b744d47b8462a69b98ffb4e423dd7661389d4
399988545ac5483fcc4faa2643124fa258f61f84316febecbccb7c53b5ff1c42
4cf546f041cd82149a3f45d1a3ee9ff28c03cf5c0ccf9e0522740928c49fb5cf
510c1851b216b56f8a5ac888b5c3d743d32ceacc00db361447e9c44ffdac21b3
5cbc71196cd1e3d1f1fea5c3ce167ca7dc855c985acdb9f1923d00510197c200
608c72448722e7ce09e6ca293cb4c94fc4878c162f722ae199b52c9d11873376
67ba9c78b818c04c0972ce03ed897eec5666735c89d507c7a96b4d8f6a446f05
6c1d2636b1695c41dd90e20e53121e2498120ff43306e8ceb6fca90988a66a98
827b4ec5cadead8c9fd7621d5b47baa2388e1e72c1e1f799f383684f8f1ba5de
86487eba18fb273840e57c21484a38fedcb9ed2f2f1f0e63fb0f48311d1ff067
8a29a44d0575bbb9c598d1190b9b53f45574297ad219b0f0c3dd326d97bdfd8b
8f90e450e40f4aceb19062dfa89019065ed2e2b20c94c6da093771d3fd38ae47
9cba9addd53bda3762b31b09d2bddc70c654d1e68b66a6b6d5b84ec037dc7eef
a2eb022634e7b5f300fa77a1f6c474e87a23dbb80246e530a25cc3749d1640a7
c51d8fdd3a42f50a59dd22ef909aa7bdd58febad4f6da148169a2ee44fd7579c
c5c25033d2e5ae6470e603e9ac9e278a168b437f92c0aca59745873ccec5cc0e
cc309661d6e4e3137ad4e48d27d79cbfa37dde478682d83f000dab017d265ed4
ce5015e759e48e439ff3a2a4fc22b89eb932080401ee04d734c1e76131948c45
d1526af1884f49b0a12cc28c0452e5f54dd63d0a5d76c09b9a4a2c3a05d99e43
d69a7cea88d8a003d02fbcb44a51dc77fa778916749b9a01d082c576db3d451e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1555c027408503b1b473c19d34b3fdc20f722251690c65cc40d5e04671ee0ec
f3ad390eb777325e1feb69377e44a4f12344a9727ad6538efb9742f1e188ef1a
f9d05f87b12629e4111bca6bc2f0071b1da308a9b9d65e9125a2a1a3552ee121

whatsecurityuk.co.uk Open in urlscan Pro 160.153.131.196 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

28 Requests

79 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1196 kBTransfer

3075 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

0 Cookies

whatsecurityuk.co.uk Open in urlscan Pro
160.153.131.196 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

79 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1196 kB
Transfer

3075 kB
Size

0
Cookies

28 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!