dwppp.info Open in urlscan Pro
109.206.241.213  Malicious Activity! Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://dwppp.info/update/login/ses/sendCode.php Page URL
2. https://dwppp.info/update/login/info.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	sendCode.php dwppp.info/update/login/ses/	49 B 430 B	153ms 59ms	Document text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://dwppp.info/update/login/ses/sendCode.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Sat, 15 Oct 2022 11:41:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	Primary Request info.php Show response dwppp.info/update/login/	103 KB 103 KB	38ms 37ms	Document text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://dwppp.info/update/login/info.php Requested by Host: dwppp.info URL: https://dwppp.info/update/login/ses/sendCode.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash 7df0313a70b9241bed8e64b187bd8bcb48b1203f1280c6dde51571a96b2583e4 Request headers Referer https://dwppp.info/update/login/ses/sendCode.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Sat, 15 Oct 2022 11:41:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H2	200	utag.40.js Show response tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/	18 KB 6 KB	165ms 56ms	Script application/x-javascript	104.75.88.194 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.40.js?utv=ut4.46.202207191031 Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-194.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 74e887257dcae8b8e8fb655bb4f6a08e427f69739260dc0330ced314ed44d23c Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Sat, 15 Oct 2022 11:41:04 GMT content-encoding gzip last-modified Tue, 19 Jul 2022 10:31:57 GMT server AkamaiNetStorage etag "8485eb0b9edca7616526bb702b852b9a:1658226717.947908" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1296000 accept-ranges bytes content-length 6323 expires Sun, 30 Oct 2022 11:41:04 GMT
GET H2	200	utag.34.js Show response tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/	22 KB 7 KB	170ms 61ms	Script application/x-javascript	104.75.88.194 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.34.js?utv=ut4.46.202207191031 Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-194.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cb39877f6704a5d478e5e15635f08db07e4268050a2a0deaa4d4f7ec8a537a4c Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Sat, 15 Oct 2022 11:41:04 GMT content-encoding gzip last-modified Tue, 19 Jul 2022 10:32:01 GMT server AkamaiNetStorage etag "7c5d3e5d5a2e95a0939297dd7c09c4cf:1658226721.624489" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1296000 accept-ranges bytes content-length 6487 expires Sun, 30 Oct 2022 11:41:04 GMT
GET H2	200	utag.35.js Show response tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/	2 KB 1 KB	154ms 59ms	Script application/x-javascript	104.75.88.194 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.35.js?utv=ut4.46.202110270851 Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-194.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 0c10ba07b680382fa1597a34d12f1a7c510fd84c84ad1e7a560c9cd9cf57f626 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Sat, 15 Oct 2022 11:41:04 GMT content-encoding gzip last-modified Tue, 19 Jul 2022 10:32:00 GMT server AkamaiNetStorage etag "9a0633da8b216da1f6202952c0d93547:1658226720.555992" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1296000 accept-ranges bytes content-length 1139 expires Sun, 30 Oct 2022 11:41:04 GMT
GET H2	200	rolb-theme-2-0.css bank.barclays.co.uk//authlogin/css/	333 KB 69 KB	237ms 98ms	Stylesheet text/css	23.67.137.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://bank.barclays.co.uk//authlogin/css/rolb-theme-2-0.css?v=1652782834434 Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-67-137-185.deploy.static.akamaitechnologies.com Software / Resource Hash 32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 15 Oct 2022 11:41:04 GMT last-modified Thu, 22 Sep 2022 06:55:35 GMT etag "11083-632c06e7" vary accept-encoding content-type text/css accept-ranges bytes content-length 69763 x-ua-compatible chrome=IE6
GET H2	200	authlogin-bdl.css bank.barclays.co.uk//authlogin/css/	50 KB 12 KB	236ms 96ms	Stylesheet text/css	23.67.137.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434 Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-67-137-185.deploy.static.akamaitechnologies.com Software / Resource Hash 79d70600073cbe885ea0f39e0bf0864acea02b4e9e5780e9cf32a83744c70a48 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 15 Oct 2022 11:41:04 GMT last-modified Thu, 22 Sep 2022 06:55:35 GMT etag "2f67-632c06e7" vary accept-encoding content-type text/css accept-ranges bytes content-length 12135 x-ua-compatible chrome=IE6
GET H/1.1	404 Not Found	1321077850040-pin_step_1.jpg dwppp.info/update/login/files/images/	315 B 315 B	69ms 35ms	Image text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321077850040-pin_step_1.jpg Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	1321077850061-pin_step_2.jpg dwppp.info/update/login/files/images/	315 B 315 B	109ms 38ms	Image text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321077850061-pin_step_2.jpg Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	1321077850082-pin_step_3.jpg dwppp.info/update/login/files/images/	315 B 315 B	105ms 35ms	Image text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321077850082-pin_step_3.jpg Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	1321077861212-mobile_step_1.jpg dwppp.info/update/login/files/images/	315 B 315 B	107ms 37ms	Image text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321077861212-mobile_step_1.jpg Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	1321077856766-mobile_step_2.jpg dwppp.info/update/login/files/images/	315 B 315 B	111ms 39ms	Image text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321077856766-mobile_step_2.jpg Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	1321077861233-mobile_step_4.jpg dwppp.info/update/login/files/images/	315 B 315 B	112ms 40ms	Image text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321077861233-mobile_step_4.jpg Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	1321217916907-bsikitemarklogo.png dwppp.info/update/login/files/images/	13 KB 13 KB	37ms 35ms	Image image/png	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321217916907-bsikitemarklogo.png Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash 90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Last-Modified Tue, 26 Jul 2022 19:39:22 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13516
GET H/1.1	404 Not Found	1321217916492-iso27001footer.JPG dwppp.info/update/login/files/images/	315 B 315 B	37ms 36ms	Image text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321217916492-iso27001footer.JPG Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	1321217918424-cyberfooter.jpg dwppp.info/update/login/files/images/	9 KB 9 KB	38ms 36ms	Image image/jpeg	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/1321217918424-cyberfooter.jpg Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Last-Modified Tue, 26 Jul 2022 19:39:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9222
GET H/1.1	200 OK	login-fscs.png dwppp.info/update/login/files/images/	5 KB 6 KB	37ms 36ms	Image image/png	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://dwppp.info/update/login/files/images/login-fscs.png Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash 2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Last-Modified Tue, 26 Jul 2022 19:40:04 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5419
GET H/1.1	404 Not Found	bdlLogin.bootstrap.min.js dwppp.info/authlogin/	0 0	40ms 39ms	Script text/html	109.206.241.213 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://dwppp.info/authlogin/bdlLogin.bootstrap.min.js?v=1652782834434 Requested by Host: dwppp.info URL: https://dwppp.info/update/login/info.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.206.241.213 Ashburn, United States, ASN211252 (AS_DELIS, US), Reverse DNS Software Apache / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer https://dwppp.info/update/login/info.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Sat, 15 Oct 2022 11:41:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/svg+xml;charset=US-ASCII
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/svg+xml;charset=US-ASCII
GET H2	200	Padlock_icon.svg bank.barclays.co.uk//authlogin/img/	2 KB 1 KB	67ms 66ms	Image image/svg+xml	23.67.137.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bank.barclays.co.uk//authlogin/img/Padlock_icon.svg Requested by Host: bank.barclays.co.uk URL: https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-67-137-185.deploy.static.akamaitechnologies.com Software / Resource Hash b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 15 Oct 2022 11:41:04 GMT last-modified Thu, 22 Sep 2022 06:55:35 GMT etag "2f3-632c06e7" vary accept-encoding content-type image/svg+xml accept-ranges bytes content-length 755 x-ua-compatible chrome=IE6
GET		expert-sans-regular.woff bank.barclays.co.uk//authlogin/css/fonts/	0 0
GET		expert-sans-light.woff bank.barclays.co.uk//authlogin/css/fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bank.barclays.co.uk

URL

https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff

Domain

bank.barclays.co.uk

URL

https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| s_account string| pathref boolean| ie8 object| bdlLogin boolean| asyncChatSwitch boolean| webChatSwitch boolean| wealthValue boolean| wealthSwitch boolean| privateBankValue boolean| privateBankSwitch boolean| contactUsSwitch boolean| cp1620Day2Switch boolean| barclaysDirectInvesting boolean| multiaddress boolean| multipreviousname boolean| addressLookUpSwitch string| serverDate string| dLink string| adobeDtmSwitch string| wealthType boolean| bcEnabled string| bcSlothInc boolean| bioCatch2 string| bcSlothVer string| bcSlothcdAPI string| bcSlothEngineI boolean| clarisiteSwitch boolean| digitalDataSwitch boolean| flatDigitalDataEnable boolean| tntSwitch boolean| isSolusSwitch boolean| siCredentialResetSwitch boolean| mortgageMasterSwitch boolean| mortgageFLDSwitch boolean| mortgageLockedOutSwitchValue boolean| mortgagePasscodeSwitch boolean| serviceStatusSwitch boolean| registrationRedirectSwitch boolean| speedyRegistrationRedirectSwitch boolean| checkMarxHighVulnerabilitySwitch boolean| lowVulnerabilitySwitch boolean| cookieBannerSwitch boolean| cookieConsentSwitch boolean| merchantSolusLiteSwitch boolean| threatMetrixExpansionSwitch boolean| otpServiceApiMigrationSwitch function| triggerRainID function| loadKrux object| dataLayer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dwppp.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 97299c27abba7972df297f466a579768

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dwppp.info/update/login/files/images/1321077850040-pin_step_1.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dwppp.info/update/login/files/images/1321077850082-pin_step_3.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dwppp.info/update/login/files/images/1321077861212-mobile_step_1.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dwppp.info/update/login/files/images/1321077850061-pin_step_2.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dwppp.info/authlogin/bdlLogin.bootstrap.min.js?v=1652782834434 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dwppp.info/update/login/files/images/1321077856766-mobile_step_2.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dwppp.info/update/login/files/images/1321077861233-mobile_step_4.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dwppp.info/update/login/files/images/1321217916492-iso27001footer.JPG Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://dwppp.info/update/login/info.php Message: Access to font at 'https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff' from origin 'https://dwppp.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dwppp.info/update/login/info.php Message: Access to font at 'https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff' from origin 'https://dwppp.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
dwppp.info
tags.tiqcdn.com
bank.barclays.co.uk
104.75.88.194
109.206.241.213
23.67.137.185
0c10ba07b680382fa1597a34d12f1a7c510fd84c84ad1e7a560c9cd9cf57f626
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249
74e887257dcae8b8e8fb655bb4f6a08e427f69739260dc0330ced314ed44d23c
79d70600073cbe885ea0f39e0bf0864acea02b4e9e5780e9cf32a83744c70a48
7df0313a70b9241bed8e64b187bd8bcb48b1203f1280c6dde51571a96b2583e4
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91
b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366
cb39877f6704a5d478e5e15635f08db07e4268050a2a0deaa4d4f7ec8a537a4c
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd