evri-reshipped-failure.com Open in urlscan Pro
176.124.192.232  Malicious Activity! Public Scan

URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Submission: On September 21 via api from GB — Scanned from GB

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 176.124.192.232, located in Russian Federation and belongs to WELLSERVER-AS, RU. The main domain is evri-reshipped-failure.com.
This is the only time evri-reshipped-failure.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
21 176.124.192.232 56864 (WELLSERVE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
24 4
Apex Domain
Subdomains
Transfer
21 evri-reshipped-failure.com
evri-reshipped-failure.com
388 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
6 KB
1 jqueryvalidation.org
jqueryvalidation.org — Cisco Umbrella Rank: 154841
580 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
12 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
34 KB
24 5
Domain Requested by
21 evri-reshipped-failure.com evri-reshipped-failure.com
1 cdnjs.cloudflare.com evri-reshipped-failure.com
1 jqueryvalidation.org 1 redirects
1 cdn.jsdelivr.net evri-reshipped-failure.com
1 ajax.googleapis.com evri-reshipped-failure.com
24 5

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh

This page contains 1 frames:

Primary Page: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Frame ID: 4B41D449DDAAAFB98676600A72B36056
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

8 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

440 kB
Transfer

539 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://jqueryvalidation.org/files/dist/additional-methods.min.js HTTP 301
  • https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
evri-reshipped-failure.com/banks/bank.barclays.co.uk/
22 KB
23 KB
Document
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
da9b519996327b76e170e7f9da167dffab89c8be9f78d5b80a348d3fb466d5dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 13:05:46 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
login.css
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/
166 KB
166 KB
Stylesheet
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
de4939f8f96204dc9156fe2bf58d46616294099bf730ab194eacfb4c816d9a31

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:46 GMT
Last-Modified
Wed, 28 Oct 2015 00:17:26 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
169571
Content-Type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/
91 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 10:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 10:55:19 GMT
jquery.payment.js
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/js/
17 KB
17 KB
Script
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/js/jquery.payment.js
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
190b90b1f62ad6798fca4c93adce6d0205c13b960b609af306f2d87b54885f85

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:46 GMT
Last-Modified
Sat, 24 Oct 2015 22:19:56 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
16962
Content-Type
application/javascript
jquery.validate.js
cdn.jsdelivr.net/jquery.validation/1.14.0/
42 KB
12 KB
Script
General
Full URL
https://cdn.jsdelivr.net/jquery.validation/1.14.0/jquery.validate.js
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5da6112553bd7511aea64dd18d23cef797432148142d766424c900dd919d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 13:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4079398
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA, cache-cdg20721-CDG
timing-allow-origin
*
server
cloudflare
etag
W/"a686-lD4vCzGkRPW9lmVTvUVEazM4/T0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYmOq8PNT%2BE96rQwK16xFsY9peUfD7bZnoZk3tD02lhMwuPVApFI%2FOjqRb26qma1a3KM47CoqHHW47ho5eJw9AwGJvdKHu2EfFrQBwHItIIwGICgXlIe8wpixiR7pNgGFy63VvjZHTh47WQjT04%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
74e303a8c8430204-ZRH
access-control-expose-headers
*
additional-methods.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/
Redirect Chain
  • https://jqueryvalidation.org/files/dist/additional-methods.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js
22 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
H2
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 13:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10857302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5693
timing-allow-origin
*
last-modified
Fri, 29 May 2020 16:54:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed13e63-5884"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA5NmDzpP6MgU%2BNJdDcAG81sW3jsOE6cfB%2B5%2B1ci2Axq%2Ftb9xEnTuRDgJtoOHZXCFNThHhJMKZrGU%2FDDc8BBgwBBWAeZaq5WHcAzMNChIfQh4Ds3q8FC4Yd5s%2FEc3zpEDcacHn0emjajIlnJxagSzh6k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e303aa2b6901e3-ZRH
expires
Mon, 11 Sep 2023 13:05:46 GMT

Redirect headers

date
Wed, 21 Sep 2022 13:05:46 GMT
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Vpe6M4QK9ki8NwME598tNUf5S%2BWbmlF6DWHT2k8KpqjpHWFyHbM2g%2FrfmtczK5Ax4F%2Fgej1PGgKMob1m8mbrHDt8j63q9LXKkalWVtNaYRy7lobj%2Bj1YPgLZg3jdJlw3ZSFlMM4zKdyElbriLDg2d1opw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js
cache-control
max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
74e303a91c70bb2c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Sep 2022 14:05:46 GMT
logo.png
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
4 KB
4 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/logo.png
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:46 GMT
Last-Modified
Thu, 26 Feb 2015 04:39:12 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
3776
Content-Type
image/png
card_number_card.jpg
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
6 KB
7 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/card_number_card.jpg
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
6ee1441c9f75388b957221fbc58d686c840012e845ed6e43b9a1cf85ac003e6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 04:39:12 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
6468
Content-Type
image/jpeg
sortcode_account_number_card.jpg
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
6 KB
6 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/sortcode_account_number_card.jpg
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
d0060cbe7b7e1348fd897b9c2b80fdc0c2c549d9774d3f691a7eb443bd5c6466

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 04:39:12 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
6215
Content-Type
image/jpeg
pin_step_1.jpg
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
23 KB
23 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/pin_step_1.jpg
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
0e078c07e5e5b37614fabdfc2e1326a9af8bee6786e835ec4ed690defcdc35aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 16:52:38 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
23367
Content-Type
image/jpeg
pin_step_2.jpg
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
36 KB
37 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/pin_step_2.jpg
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
75dd403e2153b8eb869dd36d4fd801226b7fbbc579c26592978b02c33e30d4df

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 16:52:38 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
37248
Content-Type
image/jpeg
pin_step_3.jpg
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
20 KB
20 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/pin_step_3.jpg
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
4df67877ff869b00a30f041ae17efa62f9d7879196c2887ae4927d14d5332602

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 16:52:38 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
20185
Content-Type
image/jpeg
FSCS.jpg
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
10 KB
10 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/FSCS.jpg
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 04:39:14 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
10036
Content-Type
image/jpeg
premier.jpg
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
4 KB
4 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/premier.jpg
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 04:39:14 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
4357
Content-Type
image/jpeg
logo.gif
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
4 KB
4 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/logo.gif
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:46 GMT
Last-Modified
Thu, 26 Feb 2015 04:45:34 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
3831
Content-Type
image/gif
login-panel-header-active-arrow.gif
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
129 B
334 B
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/login-panel-header-active-arrow.gif
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 05:01:56 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
129
Content-Type
image/gif
expertsans-bold-webfont.woff
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/
20 KB
20 KB
Font
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/expertsans-bold-webfont.woff
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc

Request headers

Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Origin
http://evri-reshipped-failure.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:46 GMT
Last-Modified
Thu, 26 Feb 2015 05:12:14 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
20080
Content-Type
font/woff
expertsans-light-webfont.woff
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/
22 KB
22 KB
Font
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/expertsans-light-webfont.woff
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5

Request headers

Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Origin
http://evri-reshipped-failure.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 05:08:28 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
22612
Content-Type
font/woff
ftb-new-login-icons.woff
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/
1 KB
2 KB
Font
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/ftb-new-login-icons.woff
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
7a757682c4457ddfbf0e39e2298a9e07d662fcd3dcbe481fe6673742d17b7116

Request headers

Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Origin
http://evri-reshipped-failure.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 05:27:30 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1344
Content-Type
font/woff
radiosprite.gif
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
860 B
1 KB
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/radiosprite.gif
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
4710f88c657b9ce094b80cf825b3c4c981499501de33ded45929dcdcede6e6f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 04:47:20 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
860
Content-Type
image/gif
checkbox-sprite.png
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
635 B
840 B
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/checkbox-sprite.png
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
5e39fe62b15262d3c80dd21fa4444f0e85303b49b83c5d5069d8f2a6e3cecaa1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 04:52:34 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
635
Content-Type
image/png
login-panel-header-disabled-arrow.gif
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
183 B
388 B
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/login-panel-header-disabled-arrow.gif
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 05:01:16 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
183
Content-Type
image/gif
side-bar-arrow.png
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/
224 B
429 B
Image
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/img/side-bar-arrow.png
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:47 GMT
Last-Modified
Thu, 26 Feb 2015 04:43:42 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
224
Content-Type
image/png
expertsans-regular-webfont.woff
evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/
21 KB
22 KB
Font
General
Full URL
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/fonts/expertsans-regular-webfont.woff
Requested by
Host: evri-reshipped-failure.com
URL: http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Protocol
HTTP/1.1
Server
176.124.192.232 , Russian Federation, ASN56864 (WELLSERVER-AS, RU),
Reverse DNS
Software
Apache /
Resource Hash
4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f

Request headers

Referer
http://evri-reshipped-failure.com/banks/bank.barclays.co.uk/assets/css/login.css
Origin
http://evri-reshipped-failure.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 13:05:46 GMT
Last-Modified
Thu, 26 Feb 2015 05:05:32 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
21924
Content-Type
font/woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| movetoNext function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
evri-reshipped-failure.com/ Name: PHPSESSID
Value: a1af9326e225f1b0d5a4918945e9058b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
evri-reshipped-failure.com
jqueryvalidation.org
176.124.192.232
2606:4700:3030::ac43:c113
2606:4700::6810:5814
2606:4700::6811:190e
2a00:1450:4001:801::200a
0e078c07e5e5b37614fabdfc2e1326a9af8bee6786e835ec4ed690defcdc35aa
190b90b1f62ad6798fca4c93adce6d0205c13b960b609af306f2d87b54885f85
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3
4710f88c657b9ce094b80cf825b3c4c981499501de33ded45929dcdcede6e6f8
4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f
4df67877ff869b00a30f041ae17efa62f9d7879196c2887ae4927d14d5332602
56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710
5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff
5e39fe62b15262d3c80dd21fa4444f0e85303b49b83c5d5069d8f2a6e3cecaa1
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6ee1441c9f75388b957221fbc58d686c840012e845ed6e43b9a1cf85ac003e6d
71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819
75dd403e2153b8eb869dd36d4fd801226b7fbbc579c26592978b02c33e30d4df
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c
7a757682c4457ddfbf0e39e2298a9e07d662fcd3dcbe481fe6673742d17b7116
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
ad5da6112553bd7511aea64dd18d23cef797432148142d766424c900dd919d0a
adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
d0060cbe7b7e1348fd897b9c2b80fdc0c2c549d9774d3f691a7eb443bd5c6466
da9b519996327b76e170e7f9da167dffab89c8be9f78d5b80a348d3fb466d5dd
de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309
de4939f8f96204dc9156fe2bf58d46616294099bf730ab194eacfb4c816d9a31
f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5