urlscan.io logo urlscan.io
SecurityTrails logo

serveugandainitiative.org Open in urlscan Pro
2606:4700:30::681b:b57c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Submission: On August 26 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 31 HTTP transactions. The main IP is 2606:4700:30::681b:b57c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is serveugandainitiative.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 11th 2018. Valid for: a year.
This is the only time serveugandainitiative.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nationwide Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:30:... 13335 (CLOUDFLAR...)
17 155.131.32.25 8698 ()
1 3 34.248.30.170 16509 (AMAZON-02)
1 63.140.40.27 15224 (OMNITURE)
31 5
Domain Requested by
17 onlinebanking.nationwide.co.uk serveugandainitiative.org
onlinebanking.nationwide.co.uk
5 serveugandainitiative.org serveugandainitiative.org
3 dpm.demdex.net 1 redirects serveugandainitiative.org
onlinebanking.nationwide.co.uk
1 smetrics.nationwide.co.uk onlinebanking.nationwide.co.uk
31 4
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-10-11 -
2019-10-11		 a year crt.sh
onlinebanking.nationwide.co.uk
DigiCert SHA2 Extended Validation Server CA		 2018-07-18 -
2019-10-14		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
smetrics.nationwide.co.uk
DigiCert Global CA G2		 2019-03-15 -
2021-03-15		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Frame ID: E6022B48BD2FF7A1336E41A2E2620321
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

31
Requests

81 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

197 kB
Transfer

394 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://dpm.demdex.net/id?d_visid_ver=1.7.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1566790964378 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.7.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1566790964378

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
serveugandainitiative.org/wordpress/wp-content/upgrade/ 		42 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b57c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d4dfeaa15f884eeda3f03839d140badd1548fdf60990c8ae46c7d513ca579b

Request headers

:method
GET
:authority
serveugandainitiative.org
:scheme
https
:path
/wordpress/wp-content/upgrade/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 26 Aug 2019 03:42:42 GMT
content-type
text/html
set-cookie
__cfduid=d70b0bf2c33134df8f17a6b97f9d42fd71566790962; expires=Tue, 25-Aug-20 03:42:42 GMT; path=/; domain=.serveugandainitiative.org; HttpOnly
last-modified
Sun, 25 Aug 2019 08:18:55 GMT
vary
Accept-Encoding
x-server-cache
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50c2cc18ad98cbb0-VIE
content-encoding
br
adrum-ext.64575a4f0ccc435ef3de4778c280c647.js
serveugandainitiative.org/Scripts/adrum/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://serveugandainitiative.org/Scripts/adrum/adrum-ext.64575a4f0ccc435ef3de4778c280c647.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b57c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 03:42:44 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
50c2cc1d3a7fcbb0-VIE
link
<https://serveugandainitiative.org/wp-json/>; rel="https://api.w.org/"
x-ua-compatible
IE=edge
adrum.js
serveugandainitiative.org/Scripts/adrum/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://serveugandainitiative.org/Scripts/adrum/adrum.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b57c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 03:42:44 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
50c2cc1d4a85cbb0-VIE
link
<https://serveugandainitiative.org/wp-json/>; rel="https://api.w.org/"
x-ua-compatible
IE=edge
internet-bank.ashx
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/ 		86 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/internet-bank.ashx?timestamp=20171011170622
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
b32634b414f7ec3171ce9d176f2c989d7a91748d6f5c8c1da16b392ef433718e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Oct 2017 15:06:22 GMT
ETag
e322e740bedc499d87b26cbd805622c7
Content-Type
text/css
Cache-Control
public, no-cache="Set-Cookie", max-age=7776000
r
8.1.2.0
Connection
Keep-Alive
Content-Length
14429
Expires
Sun, 24 Nov 2019 04:42:44 GMT
external.ashx
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/external.ashx?timestamp=20180618121521
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
2102b0eaa9cf9c8f0ebb190346ebf3d191c99f36173cef5fdec30523fccda19f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Jun 2018 10:15:21 GMT
ETag
de5d6e5a62094fbfa319f68801bddda5
Content-Type
text/css
Cache-Control
public, no-cache="Set-Cookie", max-age=7776000
r
8.1.2.0
Connection
Keep-Alive
Content-Length
823
Expires
Sun, 24 Nov 2019 04:42:44 GMT
app.master.head.js
onlinebanking.nationwide.co.uk/Scripts/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/Scripts/app.master.head.js?v=S8Mn63VWm68eNyT9k8qymq_92Evo55TP7watStV-mAQ1
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
9b08f580df0077bea43c55c19312b9a8ffb33b767944159cde379115216ffb35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
Date
Mon, 26 Aug 2019 03:42:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
X-Content-Type-Options
nosniff
r
56.0.56003.0
Connection
Keep-Alive
Vary
User-Agent
Content-Length
51389
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Aug 2020 03:42:44 GMT
CardReader.ashx
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/CardReader.ashx?timestamp=20160322130557
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
65a99b820d3f50fc3159c1cd6acde26c7a87bf1e1a22c617ed39ec11289044d6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Last-Modified
Tue, 22 Mar 2016 12:05:57 GMT
ETag
48a9c5bec56048f789e89243c328e5fb
Content-Type
image/png
Cache-Control
public, no-cache="Set-Cookie", max-age=7776000
r
8.1.2.0
Content-Length
51127
Expires
Sun, 24 Nov 2019 04:42:44 GMT
cardReaderIdentify.ashx
onlinebanking.nationwide.co.uk/cms/~/media/Files/default/img/ 		680 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/default/img/cardReaderIdentify.ashx?timestamp=20110608183450
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
f65524fbd00ec3ab3a6c666fb5ae933625b05fd5cf2065ca52ca7227e1fa2281

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Last-Modified
Wed, 08 Jun 2011 16:34:50 GMT
ETag
efd835dab7f44719838e9fbf7d90c6ee
Content-Type
image/png
Cache-Control
public, no-cache="Set-Cookie", max-age=7776000
r
8.1.2.0
Content-Length
680
Expires
Sun, 24 Nov 2019 04:42:44 GMT
cardReaderOK.ashx
onlinebanking.nationwide.co.uk/cms/~/media/Files/default/img/ 		819 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/default/img/cardReaderOK.ashx?timestamp=20110608183450
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
1ae4fa654fe6f05b911a1490eb7e3fa7cafd913bb9501f245b4b5e1af6e7052e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Last-Modified
Wed, 08 Jun 2011 16:34:50 GMT
ETag
51f73d7da1084be1a3ef16d7f0a298dd
Content-Type
image/png
Cache-Control
public, no-cache="Set-Cookie", max-age=7776000
r
8.1.2.0
Content-Length
819
Expires
Sun, 24 Nov 2019 04:42:44 GMT
cardReaderClear.ashx
onlinebanking.nationwide.co.uk/cms/~/media/Files/default/img/ 		643 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/default/img/cardReaderClear.ashx?timestamp=20110608183449
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
3e76108f4a25c59ca111562c826a1a4011d6f25c33cacbca1c72b13b9b33d221

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Last-Modified
Wed, 08 Jun 2011 16:34:49 GMT
ETag
109674f1fb5b4e65868b3eefc2559df2
Content-Type
image/png
Cache-Control
public, no-cache="Set-Cookie", max-age=7776000
r
8.1.2.0
Content-Length
643
Expires
Sun, 24 Nov 2019 04:42:44 GMT
cardReaderCancel.ashx
serveugandainitiative.org/cms/~/media/Files/default/img/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serveugandainitiative.org/cms/~/media/Files/default/img/cardReaderCancel.ashx?timestamp=20110608183448
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b57c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f421d382398e4d447622b2e02e490ded348fd358ce4da8a74ba43e602c7a6753

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 03:42:45 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
50c2cc277f02cbb0-VIE
link
<https://serveugandainitiative.org/wp-json/>; rel="https://api.w.org/"
x-ua-compatible
IE=edge
app.master.body.js
serveugandainitiative.org/Scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://serveugandainitiative.org/Scripts/app.master.body.js?v=-G29Zq8SnJeJ9DoDxLUidbdVRb4gcNEZJombxRcfA1w1
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b57c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 03:42:45 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
50c2cc267deecbb0-VIE
link
<https://serveugandainitiative.org/wp-json/>; rel="https://api.w.org/"
x-ua-compatible
IE=edge
jquery.cookie.js
onlinebanking.nationwide.co.uk/Scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/Scripts/jquery.cookie.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
4a488bdf1fa9ce48e8bfdb0691b271d45bd3caa83ccdec0257ab4b29f74a9de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
ETag
"F246620C279BC29F243DD85091D3E248"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public, max-age=300
Date
Mon, 26 Aug 2019 03:42:43 GMT
X-Content-Type-Options
nosniff
r
56.0.56003.0
Connection
Keep-Alive
Content-Length
601
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Aug 2019 03:47:44 GMT
help.js
onlinebanking.nationwide.co.uk/Scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/Scripts/help.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
4a8933b4bd5e6872cfbbd0d27a09aec83e912edda66b3702bc650eb6174d93b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
ETag
"CB97DEC1504AA4468B0ADFD15581E8F8"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public, max-age=300
Date
Mon, 26 Aug 2019 03:42:43 GMT
X-Content-Type-Options
nosniff
r
56.0.56003.0
Connection
Keep-Alive
Content-Length
752
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Aug 2019 03:47:44 GMT
Login.js
onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/Login.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
42f7e970c86a15440f7e44e8f6df143abcfb9aece0811505ea53970f7dfd2dd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
ETag
"E4206A6645405091854F152B8515B40D"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public, max-age=300
Date
Mon, 26 Aug 2019 03:42:43 GMT
X-Content-Type-Options
nosniff
r
56.0.56003.0
Connection
Keep-Alive
Content-Length
1602
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Aug 2019 03:47:44 GMT
EUCookieDirective.js
onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/ 		209 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/EUCookieDirective.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
f1756453897bd3df8ea62f6436131f2d4ed6b7c7881bc4d3f29ae51758074abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
ETag
"97099C7CA88FEDFEC322C71590132BBB"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public, max-age=300
Date
Mon, 26 Aug 2019 03:42:43 GMT
X-Content-Type-Options
nosniff
r
56.0.56003.0
Content-Length
209
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Aug 2019 03:47:44 GMT
ServiceAvailabilityServiceMessage.js
onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/ServiceAvailabilityServiceMessage.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
c6164642f386cfa0495b5644c28d71d47c0c8ee2a45a873924d264814f783c88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
ETag
"B743A3AE80FCD36809DB466A6A5A20BD"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public, max-age=300
Date
Mon, 26 Aug 2019 03:42:43 GMT
X-Content-Type-Options
nosniff
r
56.0.56003.0
Connection
Keep-Alive
Content-Length
445
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Aug 2019 03:47:44 GMT
CustomSmartBanner.js
onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/CustomSmartBanner.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
f12fbfa4f4c72ca8aac74a20c4783512b2325d6f6c44c7af24354df60645de96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
ETag
"BA4C7590D9EE3CE6FF49B56C26D2AB44"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public, max-age=300
Date
Mon, 26 Aug 2019 03:42:44 GMT
X-Content-Type-Options
nosniff
r
56.0.56003.0
Connection
Keep-Alive
Content-Length
860
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Aug 2019 03:47:44 GMT
SplashPageAnalytics.js
onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.nationwide.co.uk/AccessManagement/AccessManagement/Scripts/SplashPageAnalytics.js
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
e7ecb597c300359a945e12057da111d4ef161179f2d2df2579b145bd1350d2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 26 Aug 2019 03:42:44 GMT
ETag
"6C08F415C82C1D97554D093BC85A8DCD"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public, max-age=300
Date
Mon, 26 Aug 2019 03:42:43 GMT
X-Content-Type-Options
nosniff
r
56.0.56003.0
Connection
Keep-Alive
Content-Length
444
X-XSS-Protection
1; mode=block
Expires
Mon, 26 Aug 2019 03:47:44 GMT
nbs-medium-webfont-woff.woff
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/ 		0
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=1.7.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1566790964378
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.7.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1566790964378
219 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=1.7.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1566790964378
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.30.170 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-30-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b2efe4ae155982f5685e47017d0d8937f669b45357063e41d458134de358bb3e

Request headers

Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v041-097ecc556.edge-irl1.demdex.com 5.58.1.20190812093348 3ms (+0ms)
Pragma
no-cache
X-TID
exZg7YbLRhk=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://serveugandainitiative.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
219
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://serveugandainitiative.org
X-TID
UA8UlMoGRFg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=1.7.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1566790964378
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
NW_160x45.png
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/NW_160x45.png
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
892ef25d857dbb17c3310310338578e0e19772646435a540fdc717b47979b13b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/internet-bank.ashx?timestamp=20171011170622
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Last-Modified
Thu, 15 Dec 2016 11:13:50 GMT
ETag
8e4c95423f11471381ca9c08c8176e50
Content-Type
image/png
Cache-Control
public
r
8.1.2.0
Content-Length
2226
Expires
Mon, 26 Aug 2019 03:44:44 GMT
loading-graphic-white.png
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/loading-graphic-white.png
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
f06722cdec025dcab10f4fab41dfd79ffe6a8888d7c7a9ce5efeb86a1170a38b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/internet-bank.ashx?timestamp=20171011170622
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Last-Modified
Thu, 15 Dec 2016 11:13:47 GMT
ETag
1a94f459148d41a190a03eddf666aeab
Content-Type
image/png
Cache-Control
public
r
8.1.2.0
Content-Length
1247
Expires
Mon, 26 Aug 2019 03:44:44 GMT
loading-graphic.png
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/img/loading-graphic.png
Requested by
Host: serveugandainitiative.org
URL: https://serveugandainitiative.org/wordpress/wp-content/upgrade/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
155.131.32.25 , United Kingdom, ASN8698 (, GB),
Reverse DNS
Software
/
Resource Hash
ac07fbf105019336ea0feec19e3ea9ec28557b2748de0a790be3213884bff45c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/internet-bank.ashx?timestamp=20171011170622
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 03:42:44 GMT
Last-Modified
Thu, 28 Apr 2016 09:38:39 GMT
ETag
0461eb19771046ec8d434c0fc6db589e
Content-Type
image/png
Cache-Control
public
r
8.1.2.0
Content-Length
1936
Expires
Mon, 26 Aug 2019 03:44:44 GMT
nbs-bold-webfont-woff.woff
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/ 		0
0
NBS-Icons-woff.woff
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/ 		0
0
nbs-medium-webfont-ttf.ttf
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/ 		0
0
nbs-bold-webfont-ttf.ttf
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/ 		0
0
id
smetrics.nationwide.co.uk/ 		90 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.nationwide.co.uk/id?d_visid_ver=1.7.0&d_fieldgroup=A&mcorgid=1D4334B852784A2D0A490D44%40AdobeOrg&mid=48410499977015921040161039857406787271&ts=1566790965610
Requested by
Host: onlinebanking.nationwide.co.uk
URL: https://onlinebanking.nationwide.co.uk/Scripts/app.master.head.js?v=S8Mn63VWm68eNyT9k8qymq_92Evo55TP7watStV-mAQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.140.40.27 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
nationwide.co.uk.ssl.d2.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
5a0a56e35a274891043924340bcd10768ee49f05290b9e069c18e2d51e346234

Request headers

Sec-Fetch-Mode
cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 26 Aug 2019 03:42:45 GMT
Server
Omniture DC
xserver
www7160
Vary
Origin
X-C
ms-6.9.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://serveugandainitiative.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
90
NBS-Icons-ttf.ttf
onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/ 		0
0
id
dpm.demdex.net/ 		219 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=1.7.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&d_mid=48410499977015921040161039857406787271&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012EB1AA9A853135B6-6000019400004C67&ts=1566790965755
Requested by
Host: onlinebanking.nationwide.co.uk
URL: https://onlinebanking.nationwide.co.uk/Scripts/app.master.head.js?v=S8Mn63VWm68eNyT9k8qymq_92Evo55TP7watStV-mAQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.30.170 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-30-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9d6c64c15564f006a8fd39691acfb87ec2d14b9e784e07899d56854d95b608fb

Request headers

Sec-Fetch-Mode
cors
Referer
https://serveugandainitiative.org/wordpress/wp-content/upgrade/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v041-072e63fce.edge-irl1.demdex.com 5.58.1.20190812093348 5ms (+0ms)
Pragma
no-cache
X-TID
qDOiZ1XFR+M=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://serveugandainitiative.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
219
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onlinebanking.nationwide.co.uk
URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/nbs-medium-webfont-woff.woff
Domain
onlinebanking.nationwide.co.uk
URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/nbs-bold-webfont-woff.woff
Domain
onlinebanking.nationwide.co.uk
URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/NBS-Icons-woff.woff
Domain
onlinebanking.nationwide.co.uk
URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/nbs-medium-webfont-ttf.ttf
Domain
onlinebanking.nationwide.co.uk
URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/nbs-bold-webfont-ttf.ttf
Domain
onlinebanking.nationwide.co.uk
URL
https://onlinebanking.nationwide.co.uk/cms/~/media/Files/InternetBanking/fonts/NBS-Icons-ttf.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nationwide Bank (Banking)

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| adrum-start-time object| adrum-config function| Visitor function| AppMeasurement function| s_gi function| s_pgicq function| qe function| ue function| we function| Pe object| visitor string| s_account undefined| env string| sHost object| nwa string| mboxCopyright object| TNT object| respond object| html5 object| Modernizr object| s_c_il number| s_c_in object| s object| wa_action_whitelist object| publicInterface object| wa_component function| wa_view function| wa_action function| wa_enable_logging function| wa_disable_logging function| ddl_backup function| ddl_restore number| s_objectID number| s_giq function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxList function| mboxSignaler function| mboxLocatorDefault function| mboxLocatorNode function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mbox function| mboxFactory object| mboxFactories object| mboxFactoryDefault number| mboxVersion function| mboxCreate function| mboxDefine function| mboxUpdate function| mboxVizTargetUrl function| mboxSetCookie function| mboxGetCookie string| getPassnumberDigitsUrl string| cookieRedirectUrl function| showExternalPageHelp function| loadHelpSearch function| loadPageHelp function| showPageHelp function| hidePageHelp function| loadNewWindow

5 Cookies

Domain/Path Name / Value
serveugandainitiative.org/ Name: PHPSESSID
Value: 897f2b258bef85fffe18f3c0fde32d51
serveugandainitiative.org/ Name: AMCVS_1D4334B852784A2D0A490D44%40AdobeOrg
Value: 1
serveugandainitiative.org/ Name: AMCV_1D4334B852784A2D0A490D44%40AdobeOrg
Value: -179204249%7CMCIDTS%7C18135%7CMCMID%7C48410499977015921040161039857406787271%7CMCAAMLH-1567395765%7C6%7CMCAAMB-1567395765%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1566798165s%7CNONE%7CMCAID%7C2EB1AA9A853135B6-6000019400004C67
.serveugandainitiative.org/ Name: mbox
Value: check#true#1566791025|session#94cafdd98f2c45e79bbd5bedd9f4a5fa#1566792825
.serveugandainitiative.org/ Name: __cfduid
Value: d70b0bf2c33134df8f17a6b97f9d42fd71566790962

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
onlinebanking.nationwide.co.uk
serveugandainitiative.org
smetrics.nationwide.co.uk
onlinebanking.nationwide.co.uk
155.131.32.25
2606:4700:30::681b:b57c
34.248.30.170
63.140.40.27
1ae4fa654fe6f05b911a1490eb7e3fa7cafd913bb9501f245b4b5e1af6e7052e
2102b0eaa9cf9c8f0ebb190346ebf3d191c99f36173cef5fdec30523fccda19f
3e76108f4a25c59ca111562c826a1a4011d6f25c33cacbca1c72b13b9b33d221
42f7e970c86a15440f7e44e8f6df143abcfb9aece0811505ea53970f7dfd2dd0
4a488bdf1fa9ce48e8bfdb0691b271d45bd3caa83ccdec0257ab4b29f74a9de5
4a8933b4bd5e6872cfbbd0d27a09aec83e912edda66b3702bc650eb6174d93b9
5a0a56e35a274891043924340bcd10768ee49f05290b9e069c18e2d51e346234
65a99b820d3f50fc3159c1cd6acde26c7a87bf1e1a22c617ed39ec11289044d6
892ef25d857dbb17c3310310338578e0e19772646435a540fdc717b47979b13b
9b08f580df0077bea43c55c19312b9a8ffb33b767944159cde379115216ffb35
9d6c64c15564f006a8fd39691acfb87ec2d14b9e784e07899d56854d95b608fb
ac07fbf105019336ea0feec19e3ea9ec28557b2748de0a790be3213884bff45c
b2efe4ae155982f5685e47017d0d8937f669b45357063e41d458134de358bb3e
b32634b414f7ec3171ce9d176f2c989d7a91748d6f5c8c1da16b392ef433718e
c6164642f386cfa0495b5644c28d71d47c0c8ee2a45a873924d264814f783c88
e7ecb597c300359a945e12057da111d4ef161179f2d2df2579b145bd1350d2c7
f06722cdec025dcab10f4fab41dfd79ffe6a8888d7c7a9ce5efeb86a1170a38b
f12fbfa4f4c72ca8aac74a20c4783512b2325d6f6c44c7af24354df60645de96
f1756453897bd3df8ea62f6436131f2d4ed6b7c7881bc4d3f29ae51758074abc
f421d382398e4d447622b2e02e490ded348fd358ce4da8a74ba43e602c7a6753
f65524fbd00ec3ab3a6c666fb5ae933625b05fd5cf2065ca52ca7227e1fa2281
f7d4dfeaa15f884eeda3f03839d140badd1548fdf60990c8ae46c7d513ca579b