a1.somotaro.com Open in urlscan Pro
193.106.175.107 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://a1.somotaro.com/
Submission: On June 14 via api (June 14th 2023, 4:40:11 am UTC) from GB — Scanned from GB

Summary HTTP 23 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 193.106.175.107, located in Russian Federation and belongs to IQHOST, RU. The main domain is a1.somotaro.com.

This is the only time a1.somotaro.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address		AS Autonomous System
23	193.106.175.107 193.106.175.107		50465 (IQHOST) (IQHOST)
23	1

23 193.106.175.107 (Russian Federation)

ASN50465 (IQHOST, RU)

a1.somotaro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	somotaro.com a1.somotaro.com	173 KB
23	1

	Domain	Requested by
23	a1.somotaro.com	a1.somotaro.com
23	1

This site contains links to these domains. Also see Links.

Domain
bank.barclays.co.uk
www.barclays.co.uk
www.lendingstandardsboard.org.uk
www.premierleague.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://a1.somotaro.com/
Frame ID: 1B4D440C48A7841A3980BFD6865CA030
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Step 1 - Who are you? - Barclays Online Banking

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

173 kB
Transfer

429 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://bank.barclays.co.uk/olb/auth/MobiLoginLink.action
Title: Mobile site

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/Contactus/Contactus/
Title: Contact us

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/security
Title: Security

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/

Search URL Search Domain Scan URL

URL: https://bank.barclays.co.uk/olb/auth/RegistrationLink_display.action
Title: Register now

Search URL Search Domain Scan URL

URL: http://www.lendingstandardsboard.org.uk/
Title: www.lendingstandardsboard.org.uk

Search URL Search Domain Scan URL

URL: http://www.premierleague.com/
Title: Proud sponsors of the Barclays Premier League

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response a1.somotaro.com/	24 KB 6 KB	1087ms 409ms	Document text/html	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `80cabafde762ce5d9635ebd86c9bc1c9a1a25eac2f1e770791cf978a291f174e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection close Content-Encoding gzip Content-Length 6176 Content-Type text/html; charset=UTF-8 Date Wed, 14 Jun 2023 04:40:05 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx/1.14.2 Vary Accept-Encoding
GET H/1.1	200 OK	barclays-ftb-login.css a1.somotaro.com/data/ftb/css/main/	203 KB 22 KB	352ms 267ms	Stylesheet text/css	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `312480b8f9cad225107dde480710455bda9c1bb4f2246fcd69c927790096b36e` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Content-Encoding gzip Last-Modified Mon, 09 May 2016 10:37:20 GMT Server nginx/1.14.2 ETag "32c1a-5326664a2d800-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 22481
GET H/1.1	200 OK	jquery.min.js Show response a1.somotaro.com/data/	84 KB 29 KB	350ms 265ms	Script application/javascript	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/data/jquery.min.js Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Content-Encoding gzip Last-Modified Wed, 16 Mar 2016 11:13:20 GMT Server nginx/1.14.2 ETag "14e55-52e2899f39400-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 29885
GET H/1.1	200 OK	visible Show response a1.somotaro.com/gcore/	4 KB 2 KB	420ms 332ms	Script application/javascript	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/gcore/visible Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `a8ca61ede2d4dd8c6b9626ccee0bd75e6d347603e2dc08e69f195fff19c09966` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Content-Encoding gzip Last-Modified Fri, 04 Mar 2022 14:31:06 GMT Server nginx/1.14.2 ETag "e8c-5d9655d6e7e80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 1396
GET H/1.1	200 OK	jslib Show response a1.somotaro.com/gcore/	10 KB 3 KB	430ms 342ms	Script application/javascript	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/gcore/jslib Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `faca32b854ce3d67dea6b3a5558a88e4c68806c6d8eab10ac8423080cc16ba2a` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Content-Encoding gzip Last-Modified Fri, 04 Mar 2022 14:31:06 GMT Server nginx/1.14.2 ETag "26fd-5d9655d6e7e80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 2898
GET H/1.1	200 OK	barclays-logo.png a1.somotaro.com/data/	4 KB 4 KB	762ms 243ms	Image image/png	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/barclays-logo.png Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 07:12:22 GMT Server nginx/1.14.2 ETag "ec0-53263879e4180" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3776
GET H/1.1	200 OK	card_number_card.jpg a1.somotaro.com/data/	6 KB 7 KB	829ms 270ms	Image image/jpeg	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/card_number_card.jpg Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `6ee1441c9f75388b957221fbc58d686c840012e845ed6e43b9a1cf85ac003e6d` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 07:10:30 GMT Server nginx/1.14.2 ETag "1944-5326380f14580" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 6468
GET H/1.1	200 OK	sortcode_account_number_card.jpg a1.somotaro.com/data/	6 KB 6 KB	968ms 236ms	Image image/jpeg	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/sortcode_account_number_card.jpg Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `d0060cbe7b7e1348fd897b9c2b80fdc0c2c549d9774d3f691a7eb443bd5c6466` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 07:10:30 GMT Server nginx/1.14.2 ETag "1847-5326380f14580" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 6215
GET H/1.1	200 OK	fscs.jpg a1.somotaro.com/data/	13 KB 14 KB	967ms 233ms	Image image/jpeg	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/fscs.jpg Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `e6bbce0b0f37c070f628375ca7e831f2fa3ae60ff61636103751955a2df6fd01` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 07:12:22 GMT Server nginx/1.14.2 ETag "3560-53263879e4180" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 13664
GET H/1.1	200 OK	premier_league_masthead.jpg a1.somotaro.com/data/	4 KB 4 KB	980ms 242ms	Image image/jpeg	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/premier_league_masthead.jpg Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/ Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 07:12:22 GMT Server nginx/1.14.2 ETag "1105-53263879e4180" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 4357
GET H/1.1	200 OK	barclays-logo.gif a1.somotaro.com/data/img/logos/	4 KB 4 KB	1043ms 234ms	Image image/gif	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/img/logos/barclays-logo.gif Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 08:09:06 GMT Server nginx/1.14.2 ETag "ef7-5326452832c80" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 3831
GET H/1.1	200 OK	login-panel-header-active-arrow.gif a1.somotaro.com/data/ftb/img/ftb/	129 B 366 B	620ms 240ms	Image image/gif	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/ftb/img/ftb/login-panel-header-active-arrow.gif Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 08:08:22 GMT Server nginx/1.14.2 ETag "81-532644fe3c980" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 129
GET H/1.1	200 OK	radio-sprite.gif a1.somotaro.com/data/ftb/img/ftb/	860 B 1 KB	618ms 229ms	Image image/gif	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/ftb/img/ftb/radio-sprite.gif Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `4710f88c657b9ce094b80cf825b3c4c981499501de33ded45929dcdcede6e6f8` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 08:07:46 GMT Server nginx/1.14.2 ETag "35c-532644dbe7880" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 860
GET H/1.1	200 OK	checkbox-sprite.png a1.somotaro.com/data/ftb/img/ftb/checkbox/	642 B 880 B	621ms 234ms	Image image/png	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/ftb/img/ftb/checkbox/checkbox-sprite.png Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `57ab67ac4ba7a87aeb13ef126842854ace4a226232138fb6b7f8f13ed4925f47` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:06 GMT Last-Modified Mon, 09 May 2016 09:17:56 GMT Server nginx/1.14.2 ETag "282-5326548adf900" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 642
GET H/1.1	200 OK	login-panel-header-disabled-arrow.gif a1.somotaro.com/data/ftb/img/ftb/	183 B 420 B	303ms 234ms	Image image/gif	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/ftb/img/ftb/login-panel-header-disabled-arrow.gif Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Last-Modified Mon, 09 May 2016 09:18:10 GMT Server nginx/1.14.2 ETag "b7-5326549839880" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 183
GET H/1.1	200 OK	side-bar-arrow.png a1.somotaro.com/data/ftb/img/ftb/	224 B 461 B	298ms 234ms	Image image/png	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL http://a1.somotaro.com/data/ftb/img/ftb/side-bar-arrow.png Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819` Request headers accept-language en-GB,en;q=0.9 Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Last-Modified Mon, 09 May 2016 08:05:56 GMT Server nginx/1.14.2 ETag "e0-5326447300100" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 224
GET H/1.1	200 OK	expertsans-bold-webfont.woff a1.somotaro.com/data/ftb/fonts/	20 KB 20 KB	298ms 256ms	Font font/woff	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/data/ftb/fonts/expertsans-bold-webfont.woff Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc` Request headers Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Origin http://a1.somotaro.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Last-Modified Mon, 09 May 2016 08:08:46 GMT Server nginx/1.14.2 ETag "4e70-532645151ff80" Content-Type font/woff Connection close Accept-Ranges bytes Content-Length 20080
GET H/1.1	200 OK	expertsans-light-webfont.woff a1.somotaro.com/data/ftb/fonts/	22 KB 22 KB	301ms 253ms	Font font/woff	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/data/ftb/fonts/expertsans-light-webfont.woff Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5` Request headers Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Origin http://a1.somotaro.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Last-Modified Mon, 09 May 2016 08:07:56 GMT Server nginx/1.14.2 ETag "5854-532644e570f00" Content-Type font/woff Connection close Accept-Ranges bytes Content-Length 22612
GET H/1.1	200 OK	ftb-new-login-icons.woff a1.somotaro.com/data/ftb/fonts/	2 KB 2 KB	302ms 230ms	Font font/woff	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/data/ftb/fonts/ftb-new-login-icons.woff Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `86869093c47433c73001830f69b74bdef672acc8aa8c6b63b8fa2cf02d610b28` Request headers Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Origin http://a1.somotaro.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Last-Modified Mon, 09 May 2016 08:06:38 GMT Server nginx/1.14.2 ETag "7d0-5326449b0df80" Content-Type font/woff Connection close Accept-Ranges bytes Content-Length 2000
GET H/1.1	200 OK	expertsans-regular-webfont.woff a1.somotaro.com/data/ftb/fonts/	21 KB 22 KB	340ms 261ms	Font font/woff	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/data/ftb/fonts/expertsans-regular-webfont.woff Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f` Request headers Referer http://a1.somotaro.com/data/ftb/css/main/barclays-ftb-login.css Origin http://a1.somotaro.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 14 Jun 2023 04:40:05 GMT Last-Modified Mon, 09 May 2016 08:06:18 GMT Server nginx/1.14.2 ETag "55a4-53264487fb280" Content-Type font/woff Connection close Accept-Ranges bytes Content-Length 21924
GET H/1.1	200 OK	gcgid Show response a1.somotaro.com/default/	272 B 1 KB	795ms 344ms	XHR text/html	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/default/gcgid?bid=%40ID%40&bank=18&_=1686717605586 Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/jquery.min.js Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `dd493ca37968b5f900629b0c79a8de1818cde83bf13ef354402e7e161c69182a` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://a1.somotaro.com/ X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jun 2023 04:40:06 GMT Content-Encoding gzip Server nginx/1.14.2 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection close Content-Length 193 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	prepare Show response a1.somotaro.com/default/gate/	0 364 B	584ms 492ms	XHR application/json	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/default/gate/prepare?bank=18&gid=f9d2544baba533d285eb61ba54436cb88a5b5f70ae317eb9464d0f6f3b78dbff&bid=%40ID%40&bgroup=%40GROUP%40 Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/jquery.min.js Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://a1.somotaro.com/ X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jun 2023 04:40:06 GMT Server nginx/1.14.2 Content-Type application/json; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection close Content-Length 0 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	update Show response a1.somotaro.com/default/gate/	12 B 377 B	420ms 334ms	XHR application/json	193.106.175.107 IQHOST
General Check archive.org Show headers Download Go to Full URL http://a1.somotaro.com/default/gate/update?userActivity=1&process=0&bid=%40ID%40&bgroup=%40GROUP%40 Requested by Host: a1.somotaro.com URL: http://a1.somotaro.com/data/jquery.min.js Protocol HTTP/1.1 Server 193.106.175.107 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash `fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7` Request headers Accept / Referer http://a1.somotaro.com/ X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jun 2023 04:40:10 GMT Server nginx/1.14.2 Content-Type application/json; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection close Content-Length 12 Expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.somotaro.com
193.106.175.107
312480b8f9cad225107dde480710455bda9c1bb4f2246fcd69c927790096b36e
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3
4710f88c657b9ce094b80cf825b3c4c981499501de33ded45929dcdcede6e6f8
4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f
57ab67ac4ba7a87aeb13ef126842854ace4a226232138fb6b7f8f13ed4925f47
5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff
6ee1441c9f75388b957221fbc58d686c840012e845ed6e43b9a1cf85ac003e6d
71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819
80cabafde762ce5d9635ebd86c9bc1c9a1a25eac2f1e770791cf978a291f174e
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
86869093c47433c73001830f69b74bdef672acc8aa8c6b63b8fa2cf02d610b28
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
a8ca61ede2d4dd8c6b9626ccee0bd75e6d347603e2dc08e69f195fff19c09966
adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
d0060cbe7b7e1348fd897b9c2b80fdc0c2c549d9774d3f691a7eb443bd5c6466
dd493ca37968b5f900629b0c79a8de1818cde83bf13ef354402e7e161c69182a
de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bbce0b0f37c070f628375ca7e831f2fa3ae60ff61636103751955a2df6fd01
f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5
faca32b854ce3d67dea6b3a5558a88e4c68806c6d8eab10ac8423080cc16ba2a
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

a1.somotaro.com Open in urlscan Pro 193.106.175.107 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

173 kBTransfer

429 kBSize

0 Cookies

8 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

a1.somotaro.com Open in urlscan Pro
193.106.175.107 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

173 kB
Transfer

429 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!