barclaysonline.webredirect.org Open in urlscan Pro
20.39.54.105 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://barclaysonline.webredirect.org/
Effective URL:
https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAED...
Submission Tags: @phishunt_io
Submission: On October 21 via api (October 21st 2020, 4:00:08 am UTC) from ES

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 20.39.54.105, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is barclaysonline.webredirect.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 20th 2020. Valid for: 3 months.

This is the only time barclaysonline.webredirect.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address		AS Autonomous System
23	20.39.54.105 20.39.54.105		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	1

23 20.39.54.105 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

barclaysonline.webredirect.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	webredirect.org barclaysonline.webredirect.org	374 KB
23	1

	Domain	Requested by
23	barclaysonline.webredirect.org	barclaysonline.webredirect.org
23	1

This site contains no links.

Subject Issuer	Validity	Valid
barclaysonline.webredirect.org cPanel, Inc. Certification Authority	`2020-10-20` - `2021-01-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD
Frame ID: 3F40B553A227444EC69FCFB7D80DC01B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://barclaysonline.webredirect.org/ Page URL
https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQ... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

374 kB
Transfer

369 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://barclaysonline.webredirect.org/ Page URL
https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response barclaysonline.webredirect.org/	226 B 607 B	474ms 116ms	Document text/html	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `66fdeb5edf256a496d4353b2277f0b17df0a5785b8115f7252dac6d3c65b7d64` Request headers Host barclaysonline.webredirect.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=c8b62fd7534081d7b8d94631ce09e859; path=/ Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request loginAppcontaner.php Show response barclaysonline.webredirect.org/	78 KB 79 KB	100ms 100ms	Document text/html	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `4cd6706e77ca2adf4886b8a1ceabba6f1ee89b6f451364e2afe81ef626c55bbb` Request headers Host barclaysonline.webredirect.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://barclaysonline.webredirect.org/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie PHPSESSID=c8b62fd7534081d7b8d94631ce09e859 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://barclaysonline.webredirect.org/ Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	session.css barclaysonline.webredirect.org/details/	52 KB 52 KB	271ms 98ms	Stylesheet text/css	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `ca6adaf6a661eece865025908c3eb4c98c426111a414fab6385927cd45ff4fc2` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:57:10 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 53123
GET H/1.1	200 OK	align.css barclaysonline.webredirect.org/details/	40 KB 40 KB	294ms 98ms	Stylesheet text/css	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/align.css Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `5979b1ba1c7fc526ff0279f8a3ecd43eafb75541574ab1077c8887730376f8a0` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 40859
GET H/1.1	200 OK	tabular1.css barclaysonline.webredirect.org/details/	4 KB 5 KB	295ms 98ms	Stylesheet text/css	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/tabular1.css Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `c992e6f27c9dac185aaca366d03ef9eb7cac409a71ed28bfe27370e1f54a6db2` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:56:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4502
GET H/1.1	200 OK	table.css barclaysonline.webredirect.org/details/	18 KB 18 KB	298ms 98ms	Stylesheet text/css	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/table.css?EZRSqpSaMgaGbdEURQKNpRiPlAQPhIUAhv Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `4b3daa4261da73daf9dd818e42480e662c4b074ffea7653e5d668e481bf6f755` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:57:22 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 18141
GET H/1.1	200 OK	fonts.css barclaysonline.webredirect.org/details/	448 B 689 B	302ms 98ms	Stylesheet text/css	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/fonts.css Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `7a18e1208bc37062e903d7ff94cd3d69a8c642590e42d55a2b5504417093deee` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 448
GET H/1.1	404 Not Found	barclays-logo.txt barclaysonline.webredirect.org/details/	315 B 315 B	302ms 98ms	Image text/html	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/barclays-logo.txt Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	1321077818816-card_number_card.jpg barclaysonline.webredirect.org/details/	9 KB 9 KB	98ms 98ms	Image image/jpeg	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1321077818816-card_number_card.jpg Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `f7095bce686f681097b7736f3fdda5bef94dda62adf60cb05cc357cdf57d8042` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:44 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 9447
GET H/1.1	200 OK	1321077850566-sortcode_account_number_card.jpg barclaysonline.webredirect.org/details/	9 KB 9 KB	101ms 101ms	Image image/jpeg	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1321077850566-sortcode_account_number_card.jpg Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `dd9dd31a3cb384634c4bd97215bdb096d3be53ff80b5ddd361ee5879a761cd28` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:44 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9208
GET H/1.1	200 OK	1438591882481-fscs_228.jpg barclaysonline.webredirect.org/details/	16 KB 16 KB	99ms 98ms	Image image/jpeg	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1438591882481-fscs_228.jpg Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `d6d325486e2e9e48d5b5b3401827b76f3d02113249d436e8efb9b878219cb3d0` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:46 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 16346
GET H/1.1	200 OK	1321077896363-AppleStore.jpg barclaysonline.webredirect.org/details/	8 KB 8 KB	98ms 98ms	Image image/jpeg	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1321077896363-AppleStore.jpg Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `2355be5ecf46790b451d5fa78bf5f7ffee99d07783236e5882c7379ccafd1164` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:46 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8214
GET H/1.1	200 OK	1321077920163-GooglePlay.jpg barclaysonline.webredirect.org/details/	8 KB 8 KB	99ms 98ms	Image image/jpeg	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1321077920163-GooglePlay.jpg Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `4fc2add0faa827df0206c77041030aa53f2419f2ceb5178757f3bcfc157eeb2c` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:44 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 8214
GET H/1.1	200 OK	1321217916907-bsikitemarklogo.png barclaysonline.webredirect.org/details/	13 KB 13 KB	98ms 98ms	Image image/png	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1321217916907-bsikitemarklogo.png Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:44 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13516
GET H/1.1	200 OK	1321217916492-iso27001footer.JPG barclaysonline.webredirect.org/details/	24 KB 24 KB	98ms 98ms	Image image/jpeg	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1321217916492-iso27001footer.JPG Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `03c2526a71f8b178491bca3226f69d72a28aa606133527c00b28adab490f940d` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:46 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 24068
GET H/1.1	200 OK	1321217918424-cyberfooter.jpg barclaysonline.webredirect.org/details/	9 KB 9 KB	98ms 98ms	Image image/jpeg	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/1321217918424-cyberfooter.jpg Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd` Request headers Referer https://barclaysonline.webredirect.org/loginAppcontaner.php?/identification/DWPQ32JFVZX&sess=qOlVbbgBBNNOczPKfYRnAQqswiXloniRHhdEmoNAEDcWwvJpBD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:53:44 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 9222
GET H/1.1	200 OK	barclays-logo.gif barclaysonline.webredirect.org/details/	4 KB 4 KB	98ms 98ms	Image image/gif	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/barclays-logo.gif Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3` Request headers Referer https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:54:28 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3831
GET H/1.1	200 OK	radio.png barclaysonline.webredirect.org/details/	7 KB 7 KB	127ms 98ms	Image image/png	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/radio.png Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `1623b90c49364beea0bb2070ea49ecf535e458f0638df3179592424149ec4e8e` Request headers Referer https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:54:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 7286
GET H/1.1	200 OK	checkbox.png barclaysonline.webredirect.org/details/	4 KB 4 KB	138ms 98ms	Image image/png	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://barclaysonline.webredirect.org/details/checkbox.png Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `f64396f7ed14747c7ba07bb0a52f3bb69b6dba4b3c5f7abb15cf594142d708cd` Request headers Referer https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:54:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 3747
GET H/1.1	200 OK	expertsans-bold-webfont.woff barclaysonline.webredirect.org/details/	20 KB 20 KB	102ms 98ms	Font font/woff	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/expertsans-bold-webfont.woff Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc` Request headers Origin https://barclaysonline.webredirect.org Referer https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:54:28 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 20080
GET H/1.1	200 OK	expertsans-regular-webfont.woff barclaysonline.webredirect.org/details/	21 KB 22 KB	110ms 98ms	Font font/woff	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/expertsans-regular-webfont.woff Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f` Request headers Origin https://barclaysonline.webredirect.org Referer https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:54:28 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 21924
GET H/1.1	200 OK	ftb-new-login-icons.woff barclaysonline.webredirect.org/details/	2 KB 2 KB	112ms 97ms	Font font/woff	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/ftb-new-login-icons.woff Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `b8e1ee5c329e767aa64923d017914e3499037896708919ade5304b46982d6ce6` Request headers Origin https://barclaysonline.webredirect.org Referer https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:54:28 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1940
GET H/1.1	200 OK	expertsans-light-webfont.woff barclaysonline.webredirect.org/details/	22 KB 22 KB	126ms 98ms	Font font/woff	20.39.54.105 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://barclaysonline.webredirect.org/details/expertsans-light-webfont.woff Requested by Host: barclaysonline.webredirect.org URL: https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.39.54.105 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5` Request headers Origin https://barclaysonline.webredirect.org Referer https://barclaysonline.webredirect.org/details/session.css?kleCfhUcUrAohNseudsICRJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 21 Oct 2020 03:59:52 GMT Last-Modified Thu, 30 Apr 2020 02:54:28 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 22612

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			barclaysonline.webredirect.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: c8b62fd7534081d7b8d94631ce09e859

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

barclaysonline.webredirect.org
20.39.54.105
03c2526a71f8b178491bca3226f69d72a28aa606133527c00b28adab490f940d
1623b90c49364beea0bb2070ea49ecf535e458f0638df3179592424149ec4e8e
2355be5ecf46790b451d5fa78bf5f7ffee99d07783236e5882c7379ccafd1164
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3
4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f
4b3daa4261da73daf9dd818e42480e662c4b074ffea7653e5d668e481bf6f755
4cd6706e77ca2adf4886b8a1ceabba6f1ee89b6f451364e2afe81ef626c55bbb
4fc2add0faa827df0206c77041030aa53f2419f2ceb5178757f3bcfc157eeb2c
5979b1ba1c7fc526ff0279f8a3ecd43eafb75541574ab1077c8887730376f8a0
66fdeb5edf256a496d4353b2277f0b17df0a5785b8115f7252dac6d3c65b7d64
7a18e1208bc37062e903d7ff94cd3d69a8c642590e42d55a2b5504417093deee
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc
b8e1ee5c329e767aa64923d017914e3499037896708919ade5304b46982d6ce6
c992e6f27c9dac185aaca366d03ef9eb7cac409a71ed28bfe27370e1f54a6db2
ca6adaf6a661eece865025908c3eb4c98c426111a414fab6385927cd45ff4fc2
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6d325486e2e9e48d5b5b3401827b76f3d02113249d436e8efb9b878219cb3d0
dd9dd31a3cb384634c4bd97215bdb096d3be53ff80b5ddd361ee5879a761cd28
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd
f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5
f64396f7ed14747c7ba07bb0a52f3bb69b6dba4b3c5f7abb15cf594142d708cd
f7095bce686f681097b7736f3fdda5bef94dda62adf60cb05cc357cdf57d8042

barclaysonline.webredirect.org Open in urlscan Pro 20.39.54.105 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

374 kBTransfer

369 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

1 Cookies

Indicators

barclaysonline.webredirect.org Open in urlscan Pro
20.39.54.105 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

374 kB
Transfer

369 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!