gukcentrl.ru
Open in
urlscan Pro
194.63.140.199
Malicious Activity!
Public Scan
URL:
http://gukcentrl.ru/up-to-date.santander.co.uk_olb-app-logon-access-logon-request.servicemissing-info.html
Submission: On May 20 via api from GB
Submission: On May 20 via api from GB
Summary
This website contacted 12 IPs
in 5 countries
across 7 domains to perform 38 HTTP transactions.
The main IP is 194.63.140.199, located in
Russian Federation and
belongs to SUPERSERVERSDATACENTER, CZ.
The main domain is gukcentrl.ru.
This is the only time gukcentrl.ru was scanned on urlscan.io!
This is the only time gukcentrl.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 194.63.140.199 194.63.140.199 | 50113 (SUPERSERV...) (SUPERSERVERSDATACENTER) | |
| 12 | ::ffff:c17f:d281 ::ffff:c17f:d281 | () () | |
| 7 | 176.34.115.244 176.34.115.244 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 54.217.233.224 54.217.233.224 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 54.195.243.212 54.195.243.212 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 108.128.24.72 108.128.24.72 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 2 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 107.21.12.8 107.21.12.8 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 2406:da00:ff0... 2406:da00:ff00::1717:a4da | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 46.51.188.79 46.51.188.79 | 16509 (AMAZON-02) (AMAZON-02) | |
| 38 | 12 |
7
176.34.115.244
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-115-244.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-115-244.eu-west-1.compute.amazonaws.com
| events.santander.co.uk |
4
54.217.233.224
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-233-224.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-233-224.eu-west-1.compute.amazonaws.com
| analytics.santander.co.uk |
2
54.195.243.212
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-243-212.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-243-212.eu-west-1.compute.amazonaws.com
| assets.santander.co.uk |
2
2a00:1450:4001:811::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2a00:1450:4001:82f::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
46.51.188.79
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-188-79.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-188-79.eu-west-1.compute.amazonaws.com
| aweuwv.advanced-web-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
santander.co.uk
retail.santander.co.uk events.santander.co.uk analytics.santander.co.uk assets.santander.co.uk press.retail.santander.co.uk Failed |
356 KB |
| 2 |
googletagmanager.com
1 redirects
www.googletagmanager.com |
39 KB |
| 2 |
splash-screen.net
www.splash-screen.net events.splash-screen.net |
1 KB |
| 1 |
advanced-web-analytics.com
aweuwv.advanced-web-analytics.com |
24 KB |
| 1 |
path-logic.com
www.path-logic.com |
111 B |
| 1 |
google-analytics.com
www.google-analytics.com |
17 KB |
| 1 |
gukcentrl.ru
gukcentrl.ru |
14 KB |
| 38 | 7 |
| Domain | Requested by | |
|---|---|---|
| 12 | retail.santander.co.uk |
gukcentrl.ru
retail.santander.co.uk |
| 7 | events.santander.co.uk |
retail.santander.co.uk
gukcentrl.ru |
| 4 | analytics.santander.co.uk |
retail.santander.co.uk
gukcentrl.ru |
| 2 | www.googletagmanager.com |
1 redirects
gukcentrl.ru
|
| 2 | assets.santander.co.uk |
retail.santander.co.uk
assets.santander.co.uk |
| 1 | aweuwv.advanced-web-analytics.com |
gukcentrl.ru
|
| 1 | www.path-logic.com |
gukcentrl.ru
|
| 1 | events.splash-screen.net |
gukcentrl.ru
|
| 1 | www.google-analytics.com |
gukcentrl.ru
|
| 1 | www.splash-screen.net |
gukcentrl.ru
|
| 1 | gukcentrl.ru | |
| 0 | press.retail.santander.co.uk Failed |
gukcentrl.ru
|
| 38 | 12 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.santander.co.uk |
| business.santander.co.uk |
| corporate.santander.co.uk |
| bbsavings.santander.co.uk |
| www.abbeysharedealing.com |
| www.inscape.com |
| retail.santander.co.uk |
| www.santander-products.co.uk |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| retail.santander.co.uk Entrust Certification Authority - L1M |
2021-03-08 - 2022-04-04 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
| *.splash-screen.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-04 - 2022-03-09 |
a year | crt.sh |
| www.path-logic.com GeoTrust TLS RSA CA G1 |
2019-11-13 - 2022-01-11 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
http://gukcentrl.ru/up-to-date.santander.co.uk_olb-app-logon-access-logon-request.servicemissing-info.html
Frame ID: 88D5A73C1BA68CEFED4A87BA47675D31
Requests: 35 HTTP requests in this frame
Frame:
http://analytics.santander.co.uk/96366421/qUm5.html?si=0&e=http%3A%2F%2Fgukcentrl.ru&LSESSIONID=eyJpIjoiWFdaWjdRcXdRckxzK0VOVGZnVDVUUT09IiwiZSI6Ijh1YlQwM1djNEQ0b1wvc0tEYWo5ZUlqdUk1VG9hK01tMjY2ZUlkYmNHUVhVaHV6a1hcL3B5YXBIYnBZZkRibkFnTTB3K3I5NGRISEJiNExcL1RyZEJxSVpxMDRqa2tmeFdmeWxHQlhjSFRNMklJUmFKdjBhdHRXdGtiMjJMMmNBdzRwTjdGd001YTNQbEZxMEFna3JrRXFsZz09In0%3D.319f7cc47db05cb9.Nzc3MmMzOTBiZWRjMDhkNWVjMDUzZjkwNGViNzA5MTM3Zjc4ZTk0OGRlMzU5YTdkNzI2NDQ0Y2MzYjNiNzQwMg%3D%3D&t=xframe&eu=http%3A%2F%2Fgukcentrl.ru%2Fup-to-date.santander.co.uk_olb-app-logon-access-logon-request.servicemissing-info.html&icid=162153368449471592
Frame ID: C7FF0AD1AF253B2A2D31597A780186AF
Requests: 1 HTTP requests in this frame
Frame:
http://aweuwv.advanced-web-analytics.com/96366421/bYjHD_TRAnGKq.html?e=http%3A%2F%2Fgukcentrl.ru&es=eyJpIjoiWFdaWjdRcXdRckxzK0VOVGZnVDVUUT09IiwiZSI6Ijh1YlQwM1djNEQ0b1wvc0tEYWo5ZUlqdUk1VG9hK01tMjY2ZUlkYmNHUVhVaHV6a1hcL3B5YXBIYnBZZkRibkFnTTB3K3I5NGRISEJiNExcL1RyZEJxSVpxMDRqa2tmeFdmeWxHQlhjSFRNMklJUmFKdjBhdHRXdGtiMjJMMmNBdzRwTjdGd001YTNQbEZxMEFna3JrRXFsZz09In0%3D.319f7cc47db05cb9.Nzc3MmMzOTBiZWRjMDhkNWVjMDUzZjkwNGViNzA5MTM3Zjc4ZTk0OGRlMzU5YTdkNzI2NDQ0Y2MzYjNiNzQwMg%3D%3D&re=http%3A%2F%2Fgukcentrl.ru%2Fup-to-date.santander.co.uk_olb-app-logon-access-logon-request.servicemissing-info.html&eu=http%3A%2F%2Fgukcentrl.ru%2Fup-to-date.santander.co.uk_olb-app-logon-access-logon-request.servicemissing-info.html&icid=162153368451531576
Frame ID: 35EDE9FE23A0CBD7CA4491BF7E1A4C28
Requests: 1 HTTP requests in this frame
Frame:
http://events.santander.co.uk/96366421/9fkc.html?sui=f5f73f1a11ad09c11e5bda643b126bc84e257e4c9e7eb58606fd667044429c17
Frame ID: 3B671493D9E76C23D8A908B16B6F39AB
Requests: 1 HTTP requests in this frame
18 Outgoing links
These are links going to different origins than the main page.
URL: http://www.santander.co.uk/
Title: Santander
Title: Santander
Search URL Search Domain Scan URL
URL: https://business.santander.co.uk/LGSBBI_NS_ENS/BtoChannelDriver.ssobto?dse_operationName=LGSBBI_LOGON&dse_processorState=initial&redirect=S
Title: Business
Title: Business
Search URL Search Domain Scan URL
URL: https://corporate.santander.co.uk/LOGSCU_NS_ENS/BtoChannelDriver.bto?dse_operationName=OP_LOG_ON
Title: Corporate
Title: Corporate
Search URL Search Domain Scan URL
URL: https://bbsavings.santander.co.uk/OFIS/login.aspx
Title: Bradford & Bingley online savings
Title: Bradford & Bingley online savings
Search URL Search Domain Scan URL
URL: https://www.abbeysharedealing.com/
Title: Sharedealing
Title: Sharedealing
Search URL Search Domain Scan URL
URL: https://www.inscape.com/html_site/html/account/login.asp
Title: Clients of Premium Investments
Title: Clients of Premium Investments
Search URL Search Domain Scan URL
URL: https://retail.santander.co.uk/Estatico/ALP_LOGSUK_Logon/Html/migracionv1_FAQ_Help.html
Title: Online Banking help
Title: Online Banking help
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/help-support/online-banking
Title: About Online Banking
Title: About Online Banking
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/help-support/demo-guides/
Title: View Online Banking Demos
Title: View Online Banking Demos
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/csgs/Satellite?appID=abbey.internet.Abbeycom&c=Page&canal=CABBEYCOM&cid=1237877606230&empr=Abbeycom&leng=en_GB&pagename=Abbeycom%2FPage%2FWC_ACOM_TemplateA2
Title: Changes to Online Banking Terms and Conditions
Title: Changes to Online Banking Terms and Conditions
Search URL Search Domain Scan URL
URL: https://retail.santander.co.uk/LOGSUK_NS_ENS/Estatico/ALP_LOGSUK_Logon/Html/migracionv1_contactUs.html
Title: Contact us
Title: Contact us
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/help-support/security-centre/keeping-yourself-secure/
Title: here
Title: here
Search URL Search Domain Scan URL
URL: http://www.santander-products.co.uk/rapportsecuritysoftware/index.html
Title: Trusteer Rapport
Title: Trusteer Rapport
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/online-mobile-banking-commitment/
Title: Online Banking Guarantee
Title: Online Banking Guarantee
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/accessibility/
Title: Site Help & Accessibility
Title: Site Help & Accessibility
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/help-support/security-centre/data-protection/
Title: Security & Privacy
Title: Security & Privacy
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/help-support/online-banking-terms-conditions/
Title: Terms & Conditions
Title: Terms & Conditions
Search URL Search Domain Scan URL
URL: http://www.santander.co.uk/uk/website-legal/
Title: Legal
Title: Legal
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- http://www.googletagmanager.com/gtm.js?id=GTM-FTB8 HTTP 302
- https://www.googletagmanager.com/gtm.js?id=GTM-FTB8
- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
38 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
up-to-date.santander.co.uk_olb-app-logon-access-logon-request.servicemissing-info.html
gukcentrl.ru/ |
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
santander.css
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/ |
125 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.11.0.min.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ |
94 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.10.4.custom.min.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ |
79 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
quicktransferROC.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
calendar2.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ |
8 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
behaviour2.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ |
50 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iframekiller.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ |
91 B 632 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pm_fp.js
retail.santander.co.uk/Estatico/ALP_LOGSUK_LogonJs/Scripts/ |
23 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico_help.gif
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Images/ |
834 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
print.css
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/ |
197 B 677 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sanns.js
events.santander.co.uk/96366421/ |
92 KB 40 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ukfs.js
analytics.santander.co.uk/96366421/ |
69 KB 31 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iN3X.js
assets.santander.co.uk/query/1/ |
69 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
xee.js
events.santander.co.uk/96366421/ |
64 KB 29 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
splash.js
www.splash-screen.net/97123/ |
491 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
xe4.js
press.retail.santander.co.uk/96366421/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ib5.js
press.retail.santander.co.uk/96366421/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ Redirect Chain
|
116 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sprite.svg
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/Images/ |
99 KB 69 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FrutigerLTStd45Light.woff
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FrutigerBold.woff
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
events.splash-screen.net/splash_events/ |
0 103 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FrutigerLTStd45Light.ttf
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2bjzf
assets.santander.co.uk/query/1/ |
91 B 782 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FrutigerBold.ttf
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cc
www.path-logic.com/v4.0/50091/ |
0 111 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WqPjM
events.santander.co.uk/96366421/ |
92 B 783 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2bjzf
analytics.santander.co.uk/96366421/ |
81 B 772 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WqPjM
events.santander.co.uk/96366421/ |
82 B 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WqPjM
events.santander.co.uk/96366421/ |
81 B 772 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
qUm5.html
analytics.santander.co.uk/96366421/ Frame C7FF |
60 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bYjHD_TRAnGKq.html
aweuwv.advanced-web-analytics.com/96366421/ Frame 35ED |
53 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9fkc.html
events.santander.co.uk/96366421/ Frame 3B67 |
20 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2bjzf
analytics.santander.co.uk/96366421/ |
92 B 783 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WqPjM
events.santander.co.uk/96366421/ |
82 B 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- press.retail.santander.co.uk
- URL
- http://press.retail.santander.co.uk/96366421/xe4.js
- Domain
- press.retail.santander.co.uk
- URL
- http://press.retail.santander.co.uk/96366421/ib5.js
- Domain
- retail.santander.co.uk
- URL
- https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerLTStd45Light.woff
- Domain
- retail.santander.co.uk
- URL
- https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerBold.woff
- Domain
- retail.santander.co.uk
- URL
- https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerLTStd45Light.ttf
- Domain
- retail.santander.co.uk
- URL
- https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerBold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Calendar boolean| touchDevice string| MK1G string| MK2G string| MK3G string| MK4G number| timeInterval object| options object| santanderparm string| overlay number| ExpireDays function| getCookie function| setCookie function| checkCookie function| closePop function| reveSe string| SEP string| PAIR string| DEV number| ver function| activeXDetect function| extractVersions function| stripIllegalChars function| stripFullPath function| deviceprint_browser function| deviceprint_display function| deviceprint_software function| deviceprint_timezone function| deviceprint_language function| deviceprint_java function| deviceprint_cookie function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint function| post_deviceprint function| URLencode function| encode_deviceprint function| decode_deviceprint function| add_deviceprint function| Hashtable string| ua boolean| opera boolean| ie boolean| iemac number| moz string| os object| dataLayer function| getRelation function| initCounter function| refreshCounter function| openPopup function| closePopup function| changeAction function| resizePopup object| jQuery111000722206687946052 object| google_tag_manager object| _gaq function| splashScreen_97123 object| _gat object| ___sc96366421 object| ___so96366421 object| M number| CLIWHIT string| PSESSIONID string| SSESSIONID object| regex object| match string| LSESSIONID object| __tp number| __gt string| urlRgx string| tagRgx boolean| whiteList number| collectDataLength boolean| collected object| ____0.5102340768808336 string| randomKey object| ____0.9759266638008735 string| internal_IP2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| gukcentrl.ru/ | Name: ___so96366421 Value: eyJsc2giOjI1NTU2MzUxNzAsInJlZmVycmVyIjoiaHR0cDovL2d1a2NlbnRybC5ydS91cC10by1kYXRlLnNhbnRhbmRlci5jby51a19vbGItYXBwLWxvZ29uLWFjY2Vzcy1sb2dvbi1yZXF1ZXN0LnNlcnZpY2VtaXNzaW5nLWluZm8uaHRtbCIsInNtc24iOnt9LCJzZCI6bnVsbCwic2RjIjpudWxsLCJlIjp7Im4iOjMsImEiOlt7IjYiOnRydWUsIjE1Ijp0cnVlLCJzciI6IiJ9LCI2Il0sInJpZCI6MC4yOTM3NzA4MDk5MzkzMjk5fSwiY2lzaWciOjkxODg0MDU1Mn0%3D |
|
| gukcentrl.ru/ | Name: LSESSIONID Value: eyJpIjoiWFdaWjdRcXdRckxzK0VOVGZnVDVUUT09IiwiZSI6Ijh1YlQwM1djNEQ0b1wvc0tEYWo5ZUlqdUk1VG9hK01tMjY2ZUlkYmNHUVhVaHV6a1hcL3B5YXBIYnBZZkRibkFnTTB3K3I5NGRISEJiNExcL1RyZEJxSVpxMDRqa2tmeFdmeWxHQlhjSFRNMklJUmFKdjBhdHRXdGtiMjJMMmNBdzRwTjdGd001YTNQbEZxMEFna3JrRXFsZz09In0%3D.319f7cc47db05cb9.Nzc3MmMzOTBiZWRjMDhkNWVjMDUzZjkwNGViNzA5MTM3Zjc4ZTk0OGRlMzU5YTdkNzI2NDQ0Y2MzYjNiNzQwMg%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.santander.co.uk
assets.santander.co.uk
aweuwv.advanced-web-analytics.com
events.santander.co.uk
events.splash-screen.net
gukcentrl.ru
press.retail.santander.co.uk
retail.santander.co.uk
www.google-analytics.com
www.googletagmanager.com
www.path-logic.com
www.splash-screen.net
press.retail.santander.co.uk
retail.santander.co.uk
107.21.12.8
108.128.24.72
176.34.115.244
194.63.140.199
2406:da00:ff00::1717:a4da
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200e
46.51.188.79
54.195.243.212
54.217.233.224
::ffff:c17f:d281
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18afb4fc39b058359989bc32f5fc38e110419f46cd86417cb294d78435f9491d
196a2e14d3e634ba89214a1b370ca634e8ea2aa1d7ad632941747f0e20b99598
21d044e516ff6cd709067d5d438b25f34372ca598e9c03b9fdfccc926fde6bb7
3badf0fb46bb456236adfeaac33dbd962b32af48bbcd1eb401e71442f48ca8c9
3db6f0ce58904ba558fe7f159bb8427da7121375cb1d463e85d4341d05bdea54
3f128aae63fdf031ae0045855839238d0569115624670f8e739a18d13700f7a8
42a0fe0a1f4c2b92126ab98aca93c855c0ad854423e1a09bdef683c9c6885086
4995619255245d0d2ada1826f0d6ecab43b052d940f0c16424b16ca9070491d6
537bc22b68ff0377e3c5570fdb7b5f040e606fa696a3b8d91d20dab381412a25
555c7c69be583638ac6885e8245cc9a3bcc14b131636180833954d7b997b9aa4
5a9e7f44e131f01c65def713103f03484a15b14197ae65aaed19ad02585645f5
625d77842b6581e5a88a91eac2ffa7c55dfe545ae67b0d79a37b81152c3c2093
685bc08ed866da9bb0fed8a6c16ba53c7846413272d119d2c6561e03a2d4c3f2
6c92c4be1574ca465a46465b1990c9bbfccefaccb244f881c8d42cc8dd42508e
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
7960e51ce5bdc57cf17bdac27d7e18bb59f6fd74d5b2d34d87956eddc33bd9ed
7c1a5dd3eddeb97692b327e0838b1df3ec8d0cc4e5c2ef5e7519f5d5fbd93410
7e851845870ce7ffa53ffcf95dd3254080aea1fbf7c26c0a5466d9799fdf965a
8a3a0f86de552f128835d402261fe57e7fd1a37e0790c84e49e167a676ab96c0
9862623e142b287edb4e9412f283f8a476b2a2205fc9cc3d75d40140cff66880
9a5088bafc2084435b1b3ca11c927c37d92b4bdb9d0e0883127ef504c6273f50
a7422999a98eac14f7eb3e5164899f7d6a3d5537cc12a67fc9ef78290b97267d
b6c1ff2ebb0e3ab793374d76e914bdd815d2445a4c2c04cf10975b670c4e6c8e
c1e49e13381cc1860b5feb7916a4076986021d892e6c21299578f830d6ffe7b6
c2353bb81df088d4b4fd9d676e5d78f1108b0c1952d625f3cb0f404622b844d5
c53910ad73049bfa53c67e508249d1c289bd32e1374b806a4717637087470c39
c826d7e33f60f141a3dca602aed70f7d1b49f306954549d1f82ee02884cbccf6
dbd1a5b7f1ae3e6129c7cf48e5805f661584dfb787df46991310d92a14b3f841
de5deed4d2e957b8a5baad4558a8791184741b3ed4f4be3c311bc8109dcc20f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855