unigraf.bydgoszcz.pl Open in urlscan Pro
176.119.32.183 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://unigraf.bydgoszcz.pl/30billion-in-the-account/santande/??????ssage/santande
Effective URL:
https://unigraf.bydgoszcz.pl/30billion-in-the-account/santande/santande/
Submission: On May 01 via automatic, source phishtank (May 1st 2017, 3:06:07 am UTC)

Summary HTTP 29 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 29 HTTP transactions. The main IP is 176.119.32.183, located in Poland and belongs to K2-AS, PL. The main domain is unigraf.bydgoszcz.pl.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 17th 2017. Valid for: 3 months.

This is the only time unigraf.bydgoszcz.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	176.119.32.183 176.119.32.183	42503 (K2-AS) (K2-AS)
14	193.127.210.129 193.127.210.129	2134 (GSVNET-AS...) (GSVNET-AS GS Virtual Network Produban)
1	54.195.248.46 54.195.248.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.246.126.83 54.246.126.83	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.247.176.167 54.247.176.167	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:401... 2a00:1450:4013:c03::61	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	204.236.227.191 204.236.227.191	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
29	8

3 176.119.32.183 (Poland)

ASN42503 (K2-AS, PL)
PTR: cl2.netmark.pl

unigraf.bydgoszcz.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 193.127.210.129 (Milton Keynes, United Kingdom)

ASN2134 (GSVNET-AS GS Virtual Network Produban, ES)

retail.santander.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.248.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-195-248-46.eu-west-1.compute.amazonaws.com

fc1.retail.santander.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.126.83 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-126-83.eu-west-1.compute.amazonaws.com

www.splash-screen.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.247.176.167 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-176-167.eu-west-1.compute.amazonaws.com

press.retail.santander.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4013:c03::61 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.236.227.191 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-204-236-227-191.compute-1.amazonaws.com

events.splash-screen.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	santander.co.uk retail.santander.co.uk fc1.retail.santander.co.uk press.retail.santander.co.uk	165 KB
3	unigraf.bydgoszcz.pl unigraf.bydgoszcz.pl	6 KB
2	splash-screen.net www.splash-screen.net events.splash-screen.net	491 B
1	google-analytics.com ssl.google-analytics.com	16 KB
1	googletagmanager.com www.googletagmanager.com	23 KB
29	5

	Domain	Requested by
14	retail.santander.co.uk	unigraf.bydgoszcz.pl
3	press.retail.santander.co.uk	unigraf.bydgoszcz.pl press.retail.santander.co.uk
3	unigraf.bydgoszcz.pl
1	events.splash-screen.net	unigraf.bydgoszcz.pl
1	ssl.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	unigraf.bydgoszcz.pl
1	www.splash-screen.net	unigraf.bydgoszcz.pl
1	fc1.retail.santander.co.uk	retail.santander.co.uk
29	8

This site contains links to these domains. Also see Links.

Domain
www.santander.co.uk
www.aboutcookies.org
business.santander.co.uk
corporate.santander.co.uk
retail.santander.co.uk
bbsavings.santander.co.uk
www.abbeysharedealing.com
www.inscape.com
www.santander-products.co.uk

Subject Issuer	Validity	Valid
unigraf.unigraf-bydgoszcz.pl cPanel, Inc. Certification Authority	`2017-03-17` - `2017-06-15`	3 months	crt.sh
retail.santander.co.uk Entrust Certification Authority - L1M	`2017-03-10` - `2018-04-04`	a year	crt.sh
fc1.retail.santander.co.uk Entrust Certification Authority - L1K	`2016-06-30` - `2017-08-29`	a year	crt.sh
www.splash-screen.net GeoTrust SHA256 SSL CA	`2016-12-12` - `2018-02-10`	a year	crt.sh
press.retail.santander.co.uk Entrust Certification Authority - L1K	`2016-06-30` - `2017-08-29`	a year	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-04-21` - `2017-07-14`	3 months	crt.sh
events.splash-screen.net GeoTrust SHA256 SSL CA	`2017-02-02` - `2018-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://unigraf.bydgoszcz.pl/30billion-in-the-account/santande/santande/
Frame ID: 2915.1
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://unigraf.bydgoszcz.pl/30billion-in-the-account/santande/??????ssage/santande Page URL
https://unigraf.bydgoszcz.pl/30billion-in-the-account/santande/santande/ Page URL

Page Statistics

29
Requests

83 %
HTTPS

14 %
IPv6

5
Domains

8
Subdomains

8
IPs

4
Countries

210 kB
Transfer

779 kB
Size

1
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://www.santander.co.uk/
Title: Santander

Search URL Search Domain Scan URL

URL: http://www.aboutcookies.org/
Title: www.aboutcookies.org

Search URL Search Domain Scan URL

URL: https://business.santander.co.uk/LGSBBI_NS_ENS/BtoChannelDriver.ssobto?dse_operationName=LGSBBI_LOGON&dse_processorState=initial&redirect=S
Title: Business

Search URL Search Domain Scan URL

URL: https://corporate.santander.co.uk/LOGSCU_NS_ENS/BtoChannelDriver.bto?dse_operationName=OP_LOG_ON
Title: Corporate

Search URL Search Domain Scan URL

URL: https://retail.santander.co.uk/FRGTID_ENS/BtoChannelDriver.bto?dse_operationName=ForgottenId
Title: Forgotten your log on details?

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/help-support/online-banking
Title: Find out more >

Search URL Search Domain Scan URL

URL: https://bbsavings.santander.co.uk/OFIS/login.aspx
Title: Bradford & Bingley online savings

Search URL Search Domain Scan URL

URL: https://www.abbeysharedealing.com/
Title: Sharedealing

Search URL Search Domain Scan URL

URL: https://www.inscape.com/html_site/html/account/login.asp
Title: Clients of Premium Investments

Search URL Search Domain Scan URL

URL: https://retail.santander.co.uk/Estatico/ALP_LOGSUK_Logon/Html/migracionv1_FAQ_Help.html
Title: Online Banking help

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/help-support/demo-guides/
Title: View Online Banking Demos

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/csgs/Satellite?appID=abbey.internet.Abbeycom&c=Page&canal=CABBEYCOM&cid=1237877606230&empr=Abbeycom&leng=en_GB&pagename=Abbeycom%2FPage%2FWC_ACOM_TemplateA2
Title: Changes to Online Banking Terms and Conditions

Search URL Search Domain Scan URL

URL: https://retail.santander.co.uk/LOGSUK_NS_ENS/Estatico/ALP_LOGSUK_Logon/Html/migracionv1_contactUs.html
Title: Contact us

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/help-support/security-centre/keeping-yourself-secure/
Title: here

Search URL Search Domain Scan URL

URL: http://www.santander-products.co.uk/rapportsecuritysoftware/index.html
Title: Trusteer Rapport

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/online-mobile-banking-commitment/
Title: Online Banking Guarantee

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/accessibility/
Title: Site Help & Accessibility

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/help-support/security-centre/data-protection/
Title: Security & Privacy

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/help-support/online-banking-terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.santander.co.uk/uk/website-legal/
Title: Legal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://unigraf.bydgoszcz.pl/30billion-in-the-account/santande/??????ssage/santande Page URL
https://unigraf.bydgoszcz.pl/30billion-in-the-account/santande/santande/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
unigraf.bydgoszcz.pl/30billion-in-the-account/santande/ 226 B
228 B 241ms
116ms Document
text/html 176.119.32.183
K2-AS

General

unigraf.bydgoszcz.pl Open in urlscan Pro 176.119.32.183 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

29 Requests

83 %HTTPS

14 %IPv6

5 Domains

8 Subdomains

8 IPs

4 Countries

210 kBTransfer

779 kBSize

1 Cookies

20 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

unigraf.bydgoszcz.pl Open in urlscan Pro
176.119.32.183 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

83 %
HTTPS

14 %
IPv6

5
Domains

8
Subdomains

8
IPs

4
Countries

210 kB
Transfer

779 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!