cbonline.bankofscotland.co.uk
Open in
urlscan Pro
23.38.50.104
Malicious Activity!
Public Scan
Effective URL: https://cbonline.bankofscotland.co.uk/PrimaryAuth/
Submission: On June 24 via manual from GB
Summary
TLS certificate: Issued by QuoVadis EV SSL ICA G1 on April 26th 2018. Valid for: a year.
This is the only time cbonline.bankofscotland.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lloyds (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 141.92.90.136 141.92.90.136 | 8435 (LBG_INTER...) (LBG_INTERNET_EDGE Lloyds Banking Group Internet Edge) | |
1 19 | 23.38.50.104 23.38.50.104 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
7 | 54.217.205.167 54.217.205.167 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 95.172.71.45 95.172.71.45 | 48910 (INAP-FRA) (INAP-FRA) | |
1 3 | 31.186.231.25 31.186.231.25 | 15570 (Internap ...) (Internap European Autonomous System) | |
1 | 31.186.231.44 31.186.231.44 | 15570 (Internap ...) (Internap European Autonomous System) | |
1 9 | 91.235.133.202 91.235.133.202 | 30286 (THM) (THM - ThreatMetrix Inc.) | |
5 | 46.51.175.137 46.51.175.137 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 192.225.158.3 192.225.158.3 | 30286 (THM) (THM - ThreatMetrix Inc.) | |
1 | 34.251.253.182 34.251.253.182 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
45 | 10 |
ASN8435 (LBG_INTERNET_EDGE Lloyds Banking Group Internet Edge, GB)
141.92.90.136 |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-50-104.deploy.static.akamaitechnologies.com
cbonline.bankofscotland.co.uk |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-205-167.eu-west-1.compute.amazonaws.com
cbstats.bankofscotland.co.uk |
ASN48910 (INAP-FRA, GB)
PTR: cdce.fra004.internap.com
s.webtrends.com |
ASN15570 (Internap European Autonomous System, GB)
PTR: statse.webtrendslive.com
statse.webtrendslive.com |
ASN15570 (Internap European Autonomous System, GB)
PTR: scs.webtrends.com
scs.webtrends.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-175-137.eu-west-1.compute.amazonaws.com
cbstats.bankofscotland.co.uk |
ASN30286 (THM - ThreatMetrix Inc., US)
14is5ijt-778f2ae94b53f244529ecf675c38501183f0e17c-am1.d.aa.online-metrix.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-253-182.eu-west-1.compute.amazonaws.com
cem.lloydsbank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
bankofscotland.co.uk
2 redirects
cbonline.bankofscotland.co.uk cbstats.bankofscotland.co.uk cbcdn.bankofscotland.co.uk |
658 KB |
3 |
webtrendslive.com
1 redirects
statse.webtrendslive.com |
3 KB |
2 |
webtrends.com
s.webtrends.com scs.webtrends.com |
5 KB |
1 |
lloydsbank.com
cem.lloydsbank.com |
311 B |
1 |
online-metrix.net
14is5ijt-778f2ae94b53f244529ecf675c38501183f0e17c-am1.d.aa.online-metrix.net |
393 B |
0 |
tiqcdn.com
Failed
tags.tiqcdn.com Failed |
|
45 | 6 |
Domain | Requested by | |
---|---|---|
19 | cbonline.bankofscotland.co.uk |
1 redirects
cbonline.bankofscotland.co.uk
cbstats.bankofscotland.co.uk |
12 | cbstats.bankofscotland.co.uk |
cbonline.bankofscotland.co.uk
cbstats.bankofscotland.co.uk |
9 | cbcdn.bankofscotland.co.uk |
1 redirects
cbonline.bankofscotland.co.uk
cbcdn.bankofscotland.co.uk |
3 | statse.webtrendslive.com |
1 redirects
cbonline.bankofscotland.co.uk
|
1 | cem.lloydsbank.com |
cbonline.bankofscotland.co.uk
|
1 | 14is5ijt-778f2ae94b53f244529ecf675c38501183f0e17c-am1.d.aa.online-metrix.net | |
1 | scs.webtrends.com |
cbonline.bankofscotland.co.uk
|
1 | s.webtrends.com |
cbonline.bankofscotland.co.uk
|
0 | tags.tiqcdn.com Failed |
cbonline.bankofscotland.co.uk
|
45 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
resources.bankofscotland.co.uk |
business.bankofscotland.co.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cbonline.bankofscotland.co.uk QuoVadis EV SSL ICA G1 |
2018-04-26 - 2019-04-26 |
a year | crt.sh |
cbstats.bankofscotland.co.uk QuoVadis Global SSL ICA G3 |
2018-05-03 - 2019-05-03 |
a year | crt.sh |
cbcdn.bankofscotland.co.uk Symantec Class 3 Secure Server CA - G4 |
2017-06-12 - 2018-08-29 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://cbonline.bankofscotland.co.uk/PrimaryAuth/
Frame ID: 2D6F57F1DD43B2F6282ED1F66EDC3F72
Requests: 40 HTTP requests in this frame
Frame:
https://cbonline.bankofscotland.co.uk/wps/themeModules/themes/html/dynamicSpots/icons/blank.gif
Frame ID: 6E956660FF0A04E53BB4CFD139F57DE7
Requests: 3 HTTP requests in this frame
Frame:
https://cbcdn.bankofscotland.co.uk/fp/ls_fp.html;CIS3SID=7A1E85FC9E8F7E40728696EE35DC0983?org_id=14is5ijt&session_id=0xfct4spr7gu9lhk8pr89u1fh6s8&nonce=5fda83e934fa9d13&pageid=1
Frame ID: 29C7484021578CFA305AA21D79F6AA7C
Requests: 1 HTTP requests in this frame
Frame:
https://cbcdn.bankofscotland.co.uk/fp/top_fp.html;CIS3SID=7A1E85FC9E8F7E40728696EE35DC0983?org_id=14is5ijt&session_id=0xfct4spr7gu9lhk8pr89u1fh6s8&nonce=5fda83e934fa9d13&pageid=1
Frame ID: 82736464493BAD4FF7194E4190A6E771
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://141.92.90.136/
HTTP 302
https://cbonline.bankofscotland.co.uk/ HTTP 302
https://cbonline.bankofscotland.co.uk/PrimaryAuth/ Page URL
Detected technologies
Tealium (Advertising Networks) ExpandDetected patterns
- script /^\/\/tags\.tiqcdn\.com\//i
Webtrends (Analytics) Expand
Detected patterns
- env /^(?:WTOptimize|WebTrends)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Click here
Search URL Search Domain Scan URL
Title: See more help
Search URL Search Domain Scan URL
Title: Find out more >
Search URL Search Domain Scan URL
Title: Cookie policy
Search URL Search Domain Scan URL
Title: Commercial Banking
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://141.92.90.136/
HTTP 302
https://cbonline.bankofscotland.co.uk/ HTTP 302
https://cbonline.bankofscotland.co.uk/PrimaryAuth/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://statse.webtrendslive.com/dcs8mqeke00000g0f4jq4w1nu_2y3n/dcs.gif?&dcsdat=1529838197028&dcssip=cbonline.bankofscotland.co.uk&dcsuri=/PrimaryAuth/&WT.tz=0&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=BOS%20Commercial%20Banking%20|%20Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=10.4.16&WT.sp=SOC,%20Login%20Logoff&WT.dl=0&WT.ssl=1&WT.es=cbonline.bankofscotland.co.uk/PrimaryAuth/&WT.ets=1529838196543&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1529838197027&WT.vtid=14dc69e8-45c0-4048-9db6-354b25c6dac6&WT.co_f=14dc69e8-45c0-4048-9db6-354b25c6dac6&WT.si_x=2&WT.si_n=Log%20On&WT.pn_fa=Homepage&WT.cg_n=Homepage&WT.cg_s=Login&WT.pn_gr=Login&WT.si_p=Enter%20Validation%20Code&hastealium=1&pagevisibility=visible&brand=BOS&division=Commercial&pageviewid=1529838196543&presentation=Desktop&system=Galaxy&fpcdom=bankofscotland.co.uk&tealium=lloyds/commerical/prod/ut4.44.201710241432&tags=1282%2B;&platform=unauth&event_id=AD9C800FEF69FD64317657C9&perf.start=458&perf.load=832&perf.complete=-1&authstate=Unauth&channel=Online HTTP 303
- https://statse.webtrendslive.com/dcs8mqeke00000g0f4jq4w1nu_2y3n/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1529838197028&dcssip=cbonline.bankofscotland.co.uk&dcsuri=/PrimaryAuth/&WT.tz=0&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=BOS%20Commercial%20Banking%20|%20Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=10.4.16&WT.sp=SOC,%20Login%20Logoff&WT.dl=0&WT.ssl=1&WT.es=cbonline.bankofscotland.co.uk/PrimaryAuth/&WT.ets=1529838196543&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1529838197027&WT.vtid=14dc69e8-45c0-4048-9db6-354b25c6dac6&WT.co_f=14dc69e8-45c0-4048-9db6-354b25c6dac6&WT.si_x=2&WT.si_n=Log%20On&WT.pn_fa=Homepage&WT.cg_n=Homepage&WT.cg_s=Login&WT.pn_gr=Login&WT.si_p=Enter%20Validation%20Code&hastealium=1&pagevisibility=visible&brand=BOS&division=Commercial&pageviewid=1529838196543&presentation=Desktop&system=Galaxy&fpcdom=bankofscotland.co.uk&tealium=lloyds/commerical/prod/ut4.44.201710241432&tags=1282%2B;&platform=unauth&event_id=AD9C800FEF69FD64317657C9&perf.start=458&perf.load=832&perf.complete=-1&authstate=Unauth&channel=Online
- https://cbcdn.bankofscotland.co.uk/fp/clear.png?org_id=14is5ijt&session_id=0xfct4spr7gu9lhk8pr89u1fh6S8&m=1 HTTP 302
- https://cbcdn.bankofscotland.co.uk/fp/clear.png?org_id=14is5ijt&session_id=0xfct4spr7gu9lhk8pr89u1fh6s8&k=1
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
cbonline.bankofscotland.co.uk/PrimaryAuth/ Redirect Chain
|
20 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
tbt_PrimaryAuth_bos_Login-min180509.css
cbonline.bankofscotland.co.uk/PrimaryAuth/BOS/css/ |
413 KB 70 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
tbt_adrum-min180509.js
cbonline.bankofscotland.co.uk/PrimaryAuth/resources/js/ |
35 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
utag.js
cbonline.bankofscotland.co.uk/PrimaryAuth/resources/js/ |
327 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
tbt_PrimaryAuth_Login-min180509.js
cbonline.bankofscotland.co.uk/PrimaryAuth/resources/js/ |
656 KB 130 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Financial_Services_Scheme.PNG
cbonline.bankofscotland.co.uk/PrimaryAuth/images/ |
26 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
blank.gif
cbonline.bankofscotland.co.uk/PrimaryAuth/wps/themeModules/themes/html/dynamicSpots/icons/ |
43 B 746 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y5Gf.js
cbstats.bankofscotland.co.uk/bosimages2/ |
35 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
CommercialBanking180509.png
cbonline.bankofscotland.co.uk/PrimaryAuth/BOS/images/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
logo180509.png
cbonline.bankofscotland.co.uk/PrimaryAuth/BOS/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
lloyds_bank_jack-regularWEB180509.woff
cbonline.bankofscotland.co.uk/PrimaryAuth/BOS/font/lloyds_bank_jack/regular/ |
63 KB 50 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
lloyds_bank_jack-mediumWEB180509.woff
cbonline.bankofscotland.co.uk/PrimaryAuth/BOS/font/lloyds_bank_jack/medium/ |
63 KB 50 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
lloyds_bank_jack-lightWEB180509.woff
cbonline.bankofscotland.co.uk/PrimaryAuth/BOS/font/lloyds_bank_jack/light/ |
69 KB 57 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
lloyds_icon_font180509.woff
cbonline.bankofscotland.co.uk/PrimaryAuth/BOS/font/ |
62 KB 26 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtrends.replicate.js
s.webtrends.com/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wtid.js
statse.webtrendslive.com/dcs8mqeke00000g0f4jq4w1nu_2y3n/ |
201 B 443 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mDncY
cbstats.bankofscotland.co.uk/bosimages2/ |
161 B 859 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcs.gif
statse.webtrendslive.com/dcs8mqeke00000g0f4jq4w1nu_2y3n/ Redirect Chain
|
67 B 551 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcs.gif
scs.webtrends.com/dcs8mqeke00000g0f4jq4w1nu_2y3n/ |
43 B 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.js
cbcdn.bankofscotland.co.uk/fp/ |
120 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
cbcdn.bankofscotland.co.uk/fp/ Redirect Chain
|
81 B 429 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
cbcdn.bankofscotland.co.uk/fp/ |
81 B 430 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ExpireCookiesServlet
cbonline.bankofscotland.co.uk/PrimaryAuth/ |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rrx3B.js
cbstats.bankofscotland.co.uk/750663/ |
82 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
tbt_adrum-ext-min180509.js
cbonline.bankofscotland.co.uk/PrimaryAuth/resources/js/ |
44 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Jy30.html
cbstats.bankofscotland.co.uk/bosimages2/ Frame 6E95 |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
cbcdn.bankofscotland.co.uk/fp/ |
0 361 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls_fp.html;CIS3SID=7A1E85FC9E8F7E40728696EE35DC0983
cbcdn.bankofscotland.co.uk/fp/ Frame 29C7 |
28 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
cbcdn.bankofscotland.co.uk/fp/ |
0 361 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_fp.html;CIS3SID=7A1E85FC9E8F7E40728696EE35DC0983
cbcdn.bankofscotland.co.uk/fp/ Frame 8273 |
30 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
14is5ijt-778f2ae94b53f244529ecf675c38501183f0e17c-am1.d.aa.online-metrix.net/fp/ |
81 B 393 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
cbcdn.bankofscotland.co.uk/fp/ |
81 B 431 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
mDncY
cbstats.bankofscotland.co.uk/bosimages2/ Frame 6E95 |
230 B 921 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lao
cbstats.bankofscotland.co.uk/bosimages2/ |
356 B 1 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jr0Gn
cbstats.bankofscotland.co.uk/750663/ |
161 B 859 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jr0Gn
cbstats.bankofscotland.co.uk/750663/ |
162 B 860 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lao
cbstats.bankofscotland.co.uk/bosimages2/ |
362 B 1 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
blank.gif
cbonline.bankofscotland.co.uk/wps/themeModules/themes/html/dynamicSpots/icons/ Frame 6E95 |
43 B 734 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lao
cbstats.bankofscotland.co.uk/bosimages2/ |
371 B 1 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Marketing
cbonline.bankofscotland.co.uk/PrimaryAuth/ |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
adrum
cem.lloydsbank.com/eumcollector/beacons/browser/v1/EU-AAB-HCH-DNC/ |
0 311 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jr0Gn
cbstats.bankofscotland.co.uk/750663/ |
162 B 860 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jr0Gn
cbstats.bankofscotland.co.uk/750663/ |
162 B 860 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Marketing
cbonline.bankofscotland.co.uk/PrimaryAuth/ |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tags.tiqcdn.com
- URL
- https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lloyds/commerical/201710241432&cb=1529838196685
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lloyds (Banking)246 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| dfp function| tid function| marketingAnalysis string| beaconUrlHttp string| beaconUrlHttps string| adrum-app-key string| adrumExtUrl string| adrumXdUrl string| tealiumUrl number| adrum-start-time object| ADRUM boolean| utag_condload object| c2 number| idomain object| result object| dlArray number| iDL object| brandLookup object| divisionLookup string| safedom undefined| domainparts undefined| brand object| utag_cfg_ovrd undefined| tokens undefined| valid undefined| linkts object| meta string| ping object| visibilityChecker function| deferToView function| executeDeferredTags object| utag undefined| n function| trackIEWT function| storageAvailable object| clova2 function| $ function| jQuery object| clovaAcquire function| setAnalyticsVariables function| triggerAnalyticsPageEvent function| loaderCallback object| TealiumExtensions function| runAppDynamics function| webtrendsAsyncInit function| dcsMultiTrack object| Webtrends object| WebTrends object| utag_data function| AnalyticsElement function| webtrendsRunInit object| _wtPlugins object| LTSB function| bindOnLoadConfiguration function| bindWebTrendsForMarketingMessages function| getViewId function| getArrayKey function| TBTwebtrendsInit object| TBT number| addItemKeyupLoopCount object| stickerAddedValue number| numberOfStickerAdded boolean| duplicateAdded number| editColumnCheckboxCount number| errorCount number| searcherrorCount number| searcherrorCount1 number| searcherrorCount2 number| searcherrorCount4 number| searcherrorCount5 number| searcherrorCount6 number| securityCardPinCount number| buttonClickCount number| errorSubmit number| totalformmanager boolean| enterSubmitFlag boolean| srchUser boolean| accterror boolean| enterSubmitFlag1 boolean| alphaerror number| tooltipCounter number| zoomFactor boolean| zoomIconClicked undefined| DateRangeInstance boolean| hidePicker undefined| ChartingInstance undefined| chartingPositiveGuideValue undefined| chartingNegativeGuideValue undefined| chartOffsetTop undefined| zoomingGuideSize undefined| zoomScaleOne undefined| zoomScaleTwo undefined| zoomScaleThree undefined| zoomScaleFour boolean| rightScrollerClicked number| addCounter undefined| tooltipInstance function| __extends function| TBTFrameworkInit function| TBTFrameworkUpdate function| dateDiff object| TBTData function| doLogin function| doValidateUsername object| analyticsElementArray object| pageAnalyticsElementArray function| PageAnalyticsElement function| extendAction_collect object| jQuery112405083970866972645 function| extendMultitrack function| invalidateWebtrendsState function| backupWebtrendsState function| restoreWebtrendsState function| utilCopy object| _SV string| up function| getCustPrefsHash function| getXmlHttpRequestObject function| setCustPrefsHash function| legacyMultiTrack object| this_childvalid string| k object| ___so750663 string| PSESSIONID string| SSESSIONID object| regex object| match string| LSESSIONID object| __tp number| __gt string| jsonpCallback function| dszddyorxwezm_et function| replicate_loader function| WebtrendsReplicate function| requestReplicator object| replicatedServer boolean| win boolean| ie object| td_1w function| td_2q function| td_eg function| td_0F function| td_0n function| td_2S function| td_tF function| td_Ut function| td_Ou function| td_0X function| td_3R object| td_3H function| td_n function| td_T function| td_m function| td_p function| td_2s function| td_3V function| td_q function| td_f function| td_j function| td_0G function| td_v function| td_3A function| td_NO function| td_Am function| td_zH function| td_0T function| td_2f function| td_1Z function| td_0o function| td_3k function| td_bU function| td_GA function| td_iB function| td_Eu function| td_AZ function| td_mr function| td_M5 function| td_sz function| td_hX function| td_ss function| td_Sl function| td_SF function| td_bX function| td_UL function| td_Ji function| td_Hw function| td_xa function| td_qh object| td_0i object| td_1X function| td_1p string| td_1a string| td_2I undefined| td_3j undefined| td_2i string| td_0t string| td_3Z string| td_2x string| td_3n string| td_2c object| td_tH object| td_0g object| td_3T object| td_1l object| td_0Q object| td_3B object| td_0p object| td_3P undefined| td_2C undefined| td_0R undefined| td_2a string| td_1q string| td_3C object| td_3Q function| td_2W function| td_Y function| td_s function| td_a object| td_1A function| td_2P function| td_2p function| td_w9 function| td_xW number| td_mw function| td_qK function| td_1C number| td_3a function| td_2m object| td_0Z object| td_2g function| td_3Y string| td_1y string| td_1m string| td_3c string| td_0k function| xyssuxgp_ihensav object| M function| kvnnbqp_xvnknx_w object| ____0.6140711635297453 object| ____0.922386824505522 function| zugb_uyppgadafix function| tdevgavpmdktrhix string| initPref function| mubcddccgdlzfbuf function| gplyfwvxztxkfbin function| bfccguowezo_pdmr11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bankofscotland.co.uk/ | Name: ___so750663 Value: eyJsc2giOjQwOTc5NTQ2NzIsInNkIjpudWxsLCJzZGMiOm51bGx9 |
|
.bankofscotland.co.uk/ | Name: LSESSIONID Value: jLd1o64f64kjdCeAKBko2zYLpv%2BSpH3aUUi2EXavFtPX08UvMcZw5cKkf26U040LRUmcFa4ghhQdK1qUfQ%3D%3D |
|
.bankofscotland.co.uk/ | Name: WT_FPC Value: id=14dc69e8-45c0-4048-9db6-354b25c6dac6:lv=1529838197027:ss=1529838197027 |
|
cbonline.bankofscotland.co.uk/ | Name: ADRUM_BTa Value: R:97|g:18053c40-90c1-492c-a1a0-d4958f8db21c|n:lbg_6f250910-011f-47f2-bb01-5199191c398e |
|
.bankofscotland.co.uk/ | Name: utag_main Value: v_id:0164317657410063dc149fea91d800078003207000b08$_sn:1$_ss:1$_st:1529839996546$ses_id:1529838196546%3Bexp-session$_pn:1%3Bexp-session$EPLI:%7B%22JourneyName%22%3A%22Log%20On%22%2C%22JourneyStep%22%3A2%7D%3Bexp-1529841796675 |
|
.bankofscotland.co.uk/ | Name: ___tk750663 Value: 0.6455338862507072 |
|
cbonline.bankofscotland.co.uk/ | Name: ADRUM_BT1 Value: R:0|i:1832|e:12 |
|
.bankofscotland.co.uk/ | Name: CBSECURE Value: ef6cb435e846b210f0f7b1a1a53d94dc6c0e329a75e152a9a919071835d74c25f3ff816144b72c2ef1d03e5d97a19534imhWBQGLvY+Pb5+zlUDh7Wt/XLvGVCUCTo7jTen0PeLXQQAGgZp378JjIjbwF2yBdtsMR4UNMqvhg4Rd2wL+5rvCST2VYc/d3mYyhy2pMqH0rA0oIBWjhXuyUjdU8BuTxpvtAPicGN0thcRI3ni0y2C30Uzvx7+ZaCSyAfrqo+7NiNIapf6bXk2ewAwUc3dxaL8AUML2TzGq6qjjQRWja9l86kPr8eCwVhF28p7RHhyvjjI+NaxCF3AovJqeZkHoL2u2HC3kfJN6EwqYdlGu8XCMiMmrG3OfgJVj6cukDBQdRkGbxgDWrHqpHcu8lVsB8FlsoTmvPB7U3hR7NVZEJVQ8gk54vT4ASNuryV2uoCc= |
|
cbonline.bankofscotland.co.uk/ | Name: f5avrbbbbbbbbbbbbbbbb Value: EJGOGIFIJKIODJNMHHBDDHNJKGOCNOOAIHKHJCJPOLOOJNMKCPFFKCELEILHABPGEFLDNIDGJKLOEKNHKCHADEIOCHDNPHLCIMEBONAMIPKBMGHIPONKABGFKBNLDNPG |
|
cbonline.bankofscotland.co.uk/PrimaryAuth | Name: f5_cspm Value: 1234 |
|
cbonline.bankofscotland.co.uk/PrimaryAuth | Name: f5avrbbbbbbbbbbbbbbbb Value: LEPBICMDJDHHHAJHFGFHNFINOAGPCPEKJGBFGLKJIKFHCKHOJDCMLEGHOGBOFGEDNHMDFBDOJKKAKFNIAKIAOBMMCHOGLHMOEEIKPCEHNJOPEGDLEAHPEOHDEIBJPGOM |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' *.creativevirtual.com/ *.lloydsbank.com/ *.bankofscotland.co.uk/ *.online-metrix.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.webtrends.com/ *.webtrendslive.com/ *.creativevirtual.com/ *.lloydsbank.com/ *.bankofscotland.co.uk/; style-src 'self' 'unsafe-inline' *.creativevirtual.com/; img-src 'self' *.webtrends.com/ *.webtrendslive.com/ *.creativevirtual.com/ *.lloydsbank.com/ *.bankofscotland.co.uk/ *.online-metrix.net/ |
Strict-Transport-Security | max-age=3153600; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
14is5ijt-778f2ae94b53f244529ecf675c38501183f0e17c-am1.d.aa.online-metrix.net
cbcdn.bankofscotland.co.uk
cbonline.bankofscotland.co.uk
cbstats.bankofscotland.co.uk
cem.lloydsbank.com
s.webtrends.com
scs.webtrends.com
statse.webtrendslive.com
tags.tiqcdn.com
tags.tiqcdn.com
141.92.90.136
192.225.158.3
23.38.50.104
31.186.231.25
31.186.231.44
34.251.253.182
46.51.175.137
54.217.205.167
91.235.133.202
95.172.71.45
079f72d259a5e023718cb3beab59dce80a53866501d850c80f560825d35b9196
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0d8a6898897fc00bcd8b5c829f5b74e7dcddeb4dbe1c5e2c36241a27fddae1c9
1c19ee6566ff87c744882fea7cb7d5432a7540f24bd5bddd34797512c66129c2
1faa3d617d67cd01f543b1b025312b8379e6d8b53e5c47d0b1e1472e250e85b1
20e8606ae1bc2fd1d2e0fe0ee348939969750069f30442920165b40067771bc6
385feaf5f95e8e8e7471c57077bd1fc19533321599b75fb5e16f8ac8c03f9f86
397ed1db918adb7c646d3540f708004ba74fe8fe22f52d700ccfdfb696fe0659
4014530b0264304c4ba6b9af4085f476a2b4175716956d759bfa83c86b91447d
4f3889ba37b51350b27eb4eec46c0ccca3c4d1de14b7ce616ed84dba14e3a86c
5a608b8faeb40b307d70db88dce1719206c625e100a60e7e5fa498d698c82660
5e29f80b92f98e732b2fd5712ea8e2f5bc7cd4db6641336fc616e60bc84c2dcc
673d314ba6d8f7eff63553be96185975c38703e502f1e90eda001a68d430bbde
6f9e23f57849e13484f0358b19d8c5fe20e588fb23e688fe2d9f91f1a2642e39
85c7d21e7af4ceb63f04a8cd4fb9301131200897294846568d631645ed893710
885117ee036085c492d26c1c8ec902a0e5d93e4b8bf8ec62d92be5619a4d7542
937d9a35482876d28b8b091765a1f848c4adf7766dc6f1e577c81fb2db27baf1
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
991a121de8faf40ccce7ee09da5d5058a6a9fc0f116da0ae6661937d564718fe
9e6eda2bbb5bdf12576c5735f1a26df1654c5701f3c5df3c15ca1e42f579864b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4b54d0685262ca78b67509e524ac63a6bb840ca4c43f42d49fa188154d9934a
a882fe5def421e4708abccadeb7207797d4fb6d6cf82bba5a501a8505eaf44ac
a93d1b24cc55f8c98b9822f7ec65b0d936dfb569dfc5177ea738a060d6ca1b09
af112f19c158cd32a35ad89c9529ffa509304e28e2f1f159d353fb5ab4207717
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c1b7a646bb41093bd804662aa66f1a4f960eff0e5877c1c47394a5fecc781013
cf0c6085b3c46c62d1d39921d3a0c6ea4b71d4fe28c1584a7f561374ec6d8673
d40b3951b50176dcf7883f514d0a21870f59801441ee74cfdb1f5cb806d52fd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e718c7025c9861f8280a6cddb0ef54192c4ebd9bb1957f4f30964d1363aeb307
ecb4dfc5b65f72ec5d8330703ff70bf328c902db96c0674a861ad4f4bb4f3289
f7245c3a8f237143a576ea0975517a69d0555773b0b6c5abc014d63de934021b
f91ebef8ff3c6c4fa5c06780d4194bb95580f96eea84ee714aa621085cf9c494
f96f08be77cf70e01530371799cd8d5bebcd1c03c8d8b458d9553bd41ae49e67