unlockuknow.com
Open in
urlscan Pro
104.248.172.243
Malicious Activity!
Public Scan
Submission: On September 29 via automatic, source phishtank
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 28th 2019. Valid for: 3 months.
This is the only time unlockuknow.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: HSBC (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 104.248.172.243 104.248.172.243 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
2 | 91.214.6.226 91.214.6.226 | 20705 (HSBC-UK) (HSBC-UK) | |
9 | 2 |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
unlockuknow.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
unlockuknow.com
unlockuknow.com |
72 KB |
2 |
hsbc.co.uk
www.security.hsbc.co.uk |
5 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
7 | unlockuknow.com |
unlockuknow.com
|
2 | www.security.hsbc.co.uk |
unlockuknow.com
|
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
unlockuknow.com Let's Encrypt Authority X3 |
2019-09-28 - 2019-12-27 |
3 months | crt.sh |
www.security.hsbc.co.uk DigiCert SHA2 Extended Validation Server CA |
2019-02-06 - 2020-02-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://unlockuknow.com/
Frame ID: 1E3BEBA97ABE54CC846FB4069FDC056B
Requests: 9 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
CentOS (Operating Systems) Expand
Detected patterns
- headers server /CentOS/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
unlockuknow.com/ |
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.css
unlockuknow.com/assets/css/ |
35 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googlejquery_mobile_css.css
unlockuknow.com/assets/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsbc-uk.svg
unlockuknow.com/assets/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
padlock.png
unlockuknow.com/assets/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
protecting-your-money.jpg
unlockuknow.com/assets/img/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-heading-gradient.png
unlockuknow.com/assets/img/ |
141 B 486 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-left.gif
www.security.hsbc.co.uk/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/button/backgrounds/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.gif
www.security.hsbc.co.uk/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/button/backgrounds/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: HSBC (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| ajaxFunction0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
unlockuknow.com
www.security.hsbc.co.uk
104.248.172.243
91.214.6.226
3b3e523f5352588ed0ef5b3433f0ccbd1ab91181b1ee88113e74e975e67756a0
42136cbd91f2a29bb206b47286b6a83a4e5b74cd1a7e25cb943b8b23944f2e08
46f3a02094ddf04b1600fa9a64ffccb8676ef2a0c42ee7c426303fa14a52980a
8a4a5bc7c1c81d7dfe382d0f1157298e7e439e13228d23d2a448f1c811015c8f
99110e9329f83fac57d7a057d114c67e0536db42b95606be5114c49e628b827f
9ac69403926b6634eeab002f619f73c8e8fdb629358f90cffc9d4a9d61a09e31
9f6a9bb8a898931b3aa22c498b2a49f48d0b8c109b733fad5fc8cabce2cc2889
eb3f6ab3f22a2966abb429997f3312472221bfe5e0aadf36e48f7b1cdfe2ff3e
f2d04f19fe518e0201f68d3a0b0e6979c06848a95d84f3f07c32b000fc621367