lloydsbankapp.com Open in urlscan Pro
37.46.150.38 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lloydsbankapp.com/
Effective URL:
https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Submission: On December 07 via api (December 7th 2020, 4:11:02 pm UTC) from GB

Summary HTTP 9 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 37.46.150.38, located in Moldova and belongs to SERVERION-AS Serverion B.V., NL. The main domain is lloydsbankapp.com.
TLS certificate: Issued by R3 on December 4th 2020. Valid for: 3 months.

This is the only time lloydsbankapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lloyds (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 9	37.46.150.38 37.46.150.38	213035 (SERVERION...) (SERVERION-AS Serverion B.V.)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
9	3

9 37.46.150.38 (Moldova) 2 redirects

ASN213035 (SERVERION-AS Serverion B.V., NL)

lloydsbankapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	lloydsbankapp.com 2 redirects lloydsbankapp.com	122 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com	660 B
9	3

	Domain	Requested by
9	lloydsbankapp.com	2 redirects lloydsbankapp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lloydsbankapp.com
9	3

This site contains links to these domains. Also see Links.

Domain
online.lloydsbank.co.uk
www.online.lloydsbank.co.uk
www.lloydsbank.com

Subject Issuer	Validity	Valid
lloydsbankapp.com R3	`2020-12-04` - `2021-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Frame ID: BC0E8DF29BE9321CB70D8C59D611BD35
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://lloydsbankapp.com/ HTTP 301
https://lloydsbankapp.com/ HTTP 302
https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843 Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

137 kB
Transfer

425 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://online.lloydsbank.co.uk/personal/a/mobile/mobile_help/login/COOKIE_POLICY
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.online.lloydsbank.co.uk/
Title: Having problems signing in?

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/a/mobile/mobile_help/login/REMEMBER_ME
Title: Remember my User ID

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/ib-access/cwa/forgotten-details/index.html
Title: Forgotten your logon details?

Search URL Search Domain Scan URL

URL: https://www.lloydsbank.com/loans.html?WT.ac=lon/public/navigation/ban/r1pr/loan/s/rl/LLnsNGBonB
Title:

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/a/useradmin/mobile/registration/selectaccounttyperegistration.jsp?mobile=true
Title: Register for Internet Banking

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/logon/login.jsp?mobile=false
Title: Go to desktop site

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/a/mobile/mobile_help/login/HELP
Title: Help

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/a/mobile/mobile_help/login/SECURITY
Title: Security

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/a/mobile/mobile_help/login/CONTACT_US
Title: Contact us

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/a/mobile/mobile_help/login/MOBILE_BANKING
Title: Mobile Banking

Search URL Search Domain Scan URL

URL: https://online.lloydsbank.co.uk/personal/a/mobile/mobile_help/login/LEGAL
Title: Legal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lloydsbankapp.com/ HTTP 301
https://lloydsbankapp.com/ HTTP 302
https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login Show response
lloydsbankapp.com/
Redirect Chain

http://lloydsbankapp.com/
https://lloydsbankapp.com/
https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843

14 KB
4 KB

20ms
19ms

Document
text/html

37.46.150.38
SERVERION-AS Serv...

General

Check archive.org

Show headers Download Go to

Full URL: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.46.150.38 , Moldova, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bb5ed49827fd7afb97ecda2e084464a84429e2402a1729fdd66a91e4b948f1e2

Request headers

Host: lloydsbankapp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=ror9ellqkjs4h2pqnr8ikhechp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3799
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: PHPSESSID=ror9ellqkjs4h2pqnr8ikhechp; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK base-auto-min200526.css
lloydsbankapp.com/files/css/ 107 KB
18 KB 23ms
22ms Stylesheet
text/css 37.46.150.38
SERVERION-AS Serv...

General

Check archive.org

Show headers Download Go to

Full URL: https://lloydsbankapp.com/files/css/base-auto-min200526.css
Requested by: Host: lloydsbankapp.com
URL: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.46.150.38 , Moldova, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bf180852272b140fe22e3074d69f646e14a0e38a2a14e176c2eefc1f34b987c0

Request headers

Referer: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Dec 2020 15:03:22 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1abb5-5b590a9308280-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 17761

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
660 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans&display=swap

Requested by

Host: lloydsbankapp.com
URL: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8e9a3202b0ed16c5fe4ebd141ea40ccc2be1495aef3a079fa3707c52a7ac710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 15:46:11 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 16:10:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 16:10:46 GMT

GET
H/1.1 200
OK jquery.js Show response
lloydsbankapp.com/files/js/ 266 KB
77 KB 119ms
90ms Script
application/javascript 37.46.150.38
SERVERION-AS Serv...

General

Check archive.org

Show headers Download Go to

Full URL: https://lloydsbankapp.com/files/js/jquery.js
Requested by: Host: lloydsbankapp.com
URL: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.46.150.38 , Moldova, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff

Request headers

Referer: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2019 07:25:18 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "42719-590d7d31fd380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK logo-.gif
lloydsbankapp.com/files/img/ 2 KB
2 KB 15ms
15ms Image
image/gif 37.46.150.38
SERVERION-AS Serv...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lloydsbankapp.com/files/img/logo-.gif
Requested by: Host: lloydsbankapp.com
URL: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.46.150.38 , Moldova, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 45ae8dbb34f1f79a4c94c5b8534179413ed42ec63ba1ab95ad9f09d3a30d0a82

Request headers

Referer: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Last-Modified: Wed, 07 Oct 2020 18:45:52 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "80d-5b1191ff4f800"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2061

GET
H/1.1 200
OK padlock-1429554491.png
lloydsbankapp.com/files/img/ 1 KB
1 KB 15ms
15ms Image
image/png 37.46.150.38
SERVERION-AS Serv...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lloydsbankapp.com/files/img/padlock-1429554491.png
Requested by: Host: lloydsbankapp.com
URL: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.46.150.38 , Moldova, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bc157ca646eb82318578cd7834dc2ac6c0ccb58020b98e9fede214b3d62ac646

Request headers

Referer: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Last-Modified: Wed, 07 Oct 2020 18:45:54 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4a6-5b11920137c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1190

GET
H/1.1 200
OK personalloan2020-.png
lloydsbankapp.com/files/img/ 16 KB
16 KB 16ms
16ms Image
image/png 37.46.150.38
SERVERION-AS Serv...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lloydsbankapp.com/files/img/personalloan2020-.png
Requested by: Host: lloydsbankapp.com
URL: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.46.150.38 , Moldova, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 77d5d1ce38956c7451558ce3d909445996eb6e3d532ad24b71a386d827d25947

Request headers

Referer: https://lloydsbankapp.com/Login?session=s2839j4sdf34544dftyry75463435dqr&secure=true&time=24872749843
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Last-Modified: Wed, 07 Oct 2020 18:45:54 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "404b-5b11920137c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 16459

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lloydsbankapp.com
Referer: https://fonts.googleapis.com/css2?family=Fira+Sans&display=swap
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 05 Dec 2020 09:05:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:53 GMT
server: sffe
age: 198317
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15212
x-xss-protection: 0
expires: Sun, 05 Dec 2021 09:05:29 GMT

GET
H/1.1 200
OK greenright.png
lloydsbankapp.com/files/img/ 2 KB
2 KB 16ms
15ms Image
image/png 37.46.150.38
SERVERION-AS Serv...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lloydsbankapp.com/files/img/greenright.png
Requested by: Host: lloydsbankapp.com
URL: https://lloydsbankapp.com/files/css/base-auto-min200526.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.46.150.38 , Moldova, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1170fa4eb15d2cfc194eb6a0aa588eef91b2450774213ec571706334ec96f217

Request headers

Referer: https://lloydsbankapp.com/files/css/base-auto-min200526.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 16:10:46 GMT
Last-Modified: Thu, 03 Dec 2020 15:03:08 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "758-5b590a85ae300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1880

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lloyds (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lloydsbankapp.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ror9ellqkjs4h2pqnr8ikhechp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
lloydsbankapp.com
2a00:1450:4001:819::2003
2a00:1450:4001:820::200a
37.46.150.38
1170fa4eb15d2cfc194eb6a0aa588eef91b2450774213ec571706334ec96f217
45ae8dbb34f1f79a4c94c5b8534179413ed42ec63ba1ab95ad9f09d3a30d0a82
77d5d1ce38956c7451558ce3d909445996eb6e3d532ad24b71a386d827d25947
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
a8e9a3202b0ed16c5fe4ebd141ea40ccc2be1495aef3a079fa3707c52a7ac710
bb5ed49827fd7afb97ecda2e084464a84429e2402a1729fdd66a91e4b948f1e2
bc157ca646eb82318578cd7834dc2ac6c0ccb58020b98e9fede214b3d62ac646
bf180852272b140fe22e3074d69f646e14a0e38a2a14e176c2eefc1f34b987c0
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489

lloydsbankapp.com Open in urlscan Pro 37.46.150.38 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

137 kBTransfer

425 kBSize

1 Cookies

12 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

Indicators

lloydsbankapp.com Open in urlscan Pro
37.46.150.38 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

137 kB
Transfer

425 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!