konark-ariapark.com
Open in
urlscan Pro
116.206.104.66
Malicious Activity!
Public Scan
Submission: On August 20 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.
This is the only time konark-ariapark.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lloyds (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 116.206.104.66 116.206.104.66 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
2 | 104.90.183.92 104.90.183.92 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
16 | 2 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-90-183-92.deploy.static.akamaitechnologies.com
online.lloydsbank.co.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
konark-ariapark.com
konark-ariapark.com |
328 KB |
2 |
lloydsbank.co.uk
online.lloydsbank.co.uk |
|
16 | 2 |
Domain | Requested by | |
---|---|---|
14 | konark-ariapark.com |
konark-ariapark.com
|
2 | online.lloydsbank.co.uk |
konark-ariapark.com
|
16 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
online.lloydsbank.co.uk |
www.lloydsbank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.konark-ariapark.com R3 |
2021-08-05 - 2021-11-03 |
3 months | crt.sh |
GLZ-IB-LBG-DESKTOP-PROD-101.lloydsbanking.com QuoVadis Europe EV SSL CA G1 |
2020-09-09 - 2021-09-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://konark-ariapark.com/lloydsOTPsecure/ll-bnk/MemorableRetry.php
Frame ID: CAA938F2861BCD7D0D0747F43C6C9B59
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Welcome to Ιnternet ΒankingDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: log on
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
MemorableRetry.php
konark-ariapark.com/lloydsOTPsecure/ll-bnk/ |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
001.css
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/styles/ |
89 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
001.jspf
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/js/ |
53 KB 53 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
001.js
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/js/ |
487 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
002.js
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/js/ |
314 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
003.js
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
has_js.css
online.lloydsbank.co.uk/personal/unauth/assets/LloydsRetail/style/ |
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img00002a_new-1560876843.png
konark-ariapark.com/wps/wcm/connect/content_lloyds_personal_banking/assets/media/images/lloydstsb2009/miscellaneous/ |
583 B 583 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
003.png
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
004.png
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
007.png
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/images/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
has_js.css
online.lloydsbank.co.uk/personal/unauth/assets/LloydsRetail/style/ |
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
002.png
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
padlock.png
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/images/ |
418 B 471 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error.png
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/img/icons/ |
583 B 583 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Chevron-down-primary.svg
konark-ariapark.com/lloydsOTPsecure/ll-bnk/assets/img/icons/ |
583 B 583 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lloyds (Banking)34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| campaignScripts object| Messages object| DI object| swfobject object| LBG function| $ function| jQuery function| DP_jQuery undefined| countryData function| AspectCollection function| Repeatable function| LoanRepeatable function| RepeatableWrapper function| UniqueSelection function| bankInputFocusHandler function| bankInputBlurHandler function| setBankBrowseLinks function| displayResults function| getJsonResults object| Autobinder function| Class boolean| hasDuplicate object| $initElements0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
konark-ariapark.com
online.lloydsbank.co.uk
104.90.183.92
116.206.104.66
0118433e1cd803672786782d282b86c71a526ddc2fe210ad42bcf2b2734c9c41
50e0767f2731da7ddb56d719dc85a7f830c4a860d8f09d0f25401d3dc7097d7d
527da8a07a6aec3416355930ba414a656b7666f289a00f4a2dbf16b58c62ad09
5448b450f8899e49bd565d7956fee04f3da6aed91811be047f4866303607b472
6bbc310cd0ca8c1e106b4cf027102e01d136562e3e31ac21611d8ebd25481663
7df95de27c75757818881b30567384b1034940c712d89e7dd45ea9493ca83413
93a6aeaf189f3402fda0e326463aac0533f927d8c8d8e18974028d2b34757176
a74f28e9f877c4f90179c4ad11b9202252d648163530fab265bc83f60e39f35a
b9eb424ce17e76965d53fc5743bb24ba8ca6b018ebb7f01e8c454bd7b66306ff
d000cf04fdc3f7ef3b3adfce8ab75165617cc6af1d8aa06e3b7f0ae48cc82930
da8fcc5b55925658e4c52d5f9f927ee3dba6cbcd2a2bff7d932c04b806d966cf
ea139ec6372a2bf97dd2f878bdf211181eddd381cba9308bc36525f974946535