urlscan.io logo urlscan.io
SecurityTrails logo

g3w.cc Open in urlscan Pro
2606:4700:3035::6815:bb6  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://g3w.cc/verify/login/confirme.php
Submission: On October 11 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3035::6815:bb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is g3w.cc.
TLS certificate: Issued by E1 on September 22nd 2022. Valid for: 3 months.
This is the only time g3w.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
3 72.246.168.251 16625 (AKAMAI-AS)
10 23.67.137.185 16625 (AKAMAI-AS)
28 4
Apex Domain
Subdomains		 Transfer
12 g3w.cc
g3w.cc
48 KB
10 barclays.co.uk
bank.barclays.co.uk — Cisco Umbrella Rank: 174273
393 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1132
14 KB
28 3
Domain Requested by
12 g3w.cc g3w.cc
10 bank.barclays.co.uk g3w.cc
bank.barclays.co.uk
3 tags.tiqcdn.com g3w.cc
28 3

This site contains links to these domains. Also see Links.

Domain
www.barclays.co.uk
status.uk.barclays
www.bsigroup.com
www.iso.org
www.fscs.org.uk
Subject Issuer Validity Valid
*.g3w.cc
E1		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
bank.barclays.co.uk
DigiCert SHA2 Extended Validation Server CA		 2022-08-09 -
2023-08-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://g3w.cc/verify/login/confirme.php
Frame ID: 97998CDEB9EA8DC9D24285CED1368BAF
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Step 2 - Confirm your ID - Barclays Online BankingIcon

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

28
Requests

89 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

455 kB
Transfer

934 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request confirme.php
g3w.cc/verify/login/ 		156 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023975c7de828d8aeac38f481446941a5d81a9910d16b43939766e1b706c46f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
758afb176e43f407-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 22:20:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAT6b%2BOr2QyeH9yjdwositSppn3IECEV4m2AP5VVfxvryoIayZJcPpnjRkewycx7GlXMKeXb7li7Fb425qNl%2BupxLnZWduUasnJNI8yo2SIHtMc8AR2FERd8RNmL2GPXwW1TvEI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
BYPASS
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
utag.40.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.40.js?utv=ut4.46.202207191031
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.246.168.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-251.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
74e887257dcae8b8e8fb655bb4f6a08e427f69739260dc0330ced314ed44d23c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:03 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 10:31:57 GMT
server
AkamaiNetStorage
etag
"8485eb0b9edca7616526bb702b852b9a:1658226717.947908"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6323
expires
Wed, 26 Oct 2022 22:20:03 GMT
utag.34.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.34.js?utv=ut4.46.202207191031
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.246.168.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-251.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cb39877f6704a5d478e5e15635f08db07e4268050a2a0deaa4d4f7ec8a537a4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:03 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 10:32:01 GMT
server
AkamaiNetStorage
etag
"7c5d3e5d5a2e95a0939297dd7c09c4cf:1658226721.624489"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6487
expires
Wed, 26 Oct 2022 22:20:03 GMT
utag.35.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.35.js?utv=ut4.46.202110270851
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.246.168.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-251.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c10ba07b680382fa1597a34d12f1a7c510fd84c84ad1e7a560c9cd9cf57f626

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:03 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 10:32:00 GMT
server
AkamaiNetStorage
etag
"9a0633da8b216da1f6202952c0d93547:1658226720.555992"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1139
expires
Wed, 26 Oct 2022 22:20:03 GMT
rolb-theme-2-0.css
bank.barclays.co.uk//authlogin/css/ 		333 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk//authlogin/css/rolb-theme-2-0.css?v=1652782834434
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:03 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"11083-632c06e7"
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
69763
x-ua-compatible
chrome=IE6
authlogin-bdl.css
bank.barclays.co.uk//authlogin/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79d70600073cbe885ea0f39e0bf0864acea02b4e9e5780e9cf32a83744c70a48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:03 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"2f67-632c06e7"
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
12135
x-ua-compatible
chrome=IE6
PINsentry_mobile_login.png
bank.barclays.co.uk//authlogin/img/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk//authlogin/img/PINsentry_mobile_login.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
257ea4ad35b6a33181eac37b97b2769d7f022c190f8806687dd8ffed4262c124
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"d16a-632c06e7"
vary
accept-encoding
content-type
image/png
accept-ranges
bytes
content-length
53610
x-ua-compatible
chrome=IE6
PINsentry_mobile_identify.png
bank.barclays.co.uk//authlogin/img/ 		41 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk//authlogin/img/PINsentry_mobile_identify.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77730bc37f34df1565de6395e6c5f2dd701e75d6cf94584b8db79c29befbc34f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"9e1b-632c06e7"
vary
accept-encoding
content-type
image/png
accept-ranges
bytes
content-length
40475
x-ua-compatible
chrome=IE6
PINsentry_mobile_code_identify.png
bank.barclays.co.uk//authlogin/img/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk//authlogin/img/PINsentry_mobile_code_identify.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ff1d37131e3aabd7fa74254d026ce89659845a205117fe6a4b24975afe7694b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"9f30-632c06e7"
vary
accept-encoding
content-type
image/png
accept-ranges
bytes
content-length
40752
x-ua-compatible
chrome=IE6
PINsentry_cardreader_card_number.png
bank.barclays.co.uk//authlogin/img/ 		74 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk//authlogin/img/PINsentry_cardreader_card_number.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdfb75e4dc3418c474d86141c51fbaaeebcfe6b4d561980efa5b9ae821df7faf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"112ea-632c06e7"
vary
accept-encoding
content-type
image/png
accept-ranges
bytes
content-length
70378
x-ua-compatible
chrome=IE6
PINsentry_cardreader_identify.png
bank.barclays.co.uk/authlogin/img/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/authlogin/img/PINsentry_cardreader_identify.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ee57462911a4b21366c045caf399aa23893b878cc8ef04e1e27c772aad10980
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"a205-632c06e7"
vary
accept-encoding
content-type
image/png
accept-ranges
bytes
content-length
41477
x-ua-compatible
chrome=IE6
PINsentry_cardreader_enter.png
bank.barclays.co.uk/authlogin/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/authlogin/img/PINsentry_cardreader_enter.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
043a8acb15dd46453d623c2a5c95833553df96670362b943e03d2d8fd23af5ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"9784-632c06e7"
vary
accept-encoding
content-type
image/png
accept-ranges
bytes
content-length
38788
x-ua-compatible
chrome=IE6
PINsentry_cardreader_code.png
bank.barclays.co.uk/authlogin/img/ 		31 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/authlogin/img/PINsentry_cardreader_code.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
665287d35c411645a169b23134787d077fb9e2c8a2f88289b1ded5e0312b18cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"7549-632c06e7"
vary
accept-encoding
content-type
image/png
accept-ranges
bytes
content-length
30025
x-ua-compatible
chrome=IE6
1321077850040-pin_step_1.jpg
g3w.cc/verify/login/files/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321077850040-pin_step_1.jpg
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijMJzX%2BfAtYFgPdmI9GmDI7ebUcodw0AKSPrMTQXC1%2BPP5rsyJ9NpG%2Bu9kTi3Y9AdNYB9sSjHzVAnq1n7u0E%2FKF5MwV4AWog5VHt0W2xE%2B52fIaPO5yeI9zAr6idju2AqC0IjQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1c0a1df407-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
1321077850061-pin_step_2.jpg
g3w.cc/verify/login/files/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321077850061-pin_step_2.jpg
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R2hNh%2BJ4EqSy%2FfSF86BAMYL0KOKUMUx1977rIQtw4rvfA9vSnJKvIyT17eWaJyYEsEvScdc%2FEU2WnSK4NJmBLr0%2FUuO9MCHP3nhdw%2BzbsOjuLId%2FA8GS438%2FjMINbT%2FIDzWpyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1c0a1ff407-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
1321077850082-pin_step_3.jpg
g3w.cc/verify/login/files/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321077850082-pin_step_3.jpg
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rst8SKF3lNPyBNVXER2y1Nc8md4HgRaIUDTWDJQLY%2FiJxYAi21f4eCZnOurlREHWlVZop%2Fv7hwcF%2B44di75lshu4Zl4vY76yfR9FeCbq63KyKD5w6LP%2BkXSuF8pq6eYbtlA8ACI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1c0a21f407-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
1321077861212-mobile_step_1.jpg
g3w.cc/verify/login/files/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321077861212-mobile_step_1.jpg
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWOX5Z2pj65U44%2FFz2z7U3w%2BxwerUhb1hUz65CgOSdT%2FKpnV2YTXOqZwnw0q5eEv1nnsgk79XFMu4na08BtllXSAK2mr%2BzgGr6xpwd94divLvOoefZ%2Bxav07niV7shC2JkLKfa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1d7e3471a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
1321077856766-mobile_step_2.jpg
g3w.cc/verify/login/files/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321077856766-mobile_step_2.jpg
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulqdG8CmnX%2FC1BWDJA%2FTJueuRzTmp9JmRgCHU1TOCJAsa5PURKedCx6pIAl8QVAehJLjpO858Cqmk3KoCp3N9AD39ECDrltiesoz3L4WguY7Bk6mCQchXYUgRu%2B6yjUKptwG%2BI8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1d8e3771a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
1321077861233-mobile_step_4.jpg
g3w.cc/verify/login/files/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321077861233-mobile_step_4.jpg
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qq51evgmGxb5DKV2%2B0VUWkdVtB6eejyjX1VeK%2B%2FnTNekUeQhGRzC0L%2BboisE2%2BVRLqyA%2BO%2F7ZEtLZ4Srt3AISHj6sOrpa%2Fgdy7isPJzHzjh28AKg4i8Y00F6Nl38%2FDMaFfEDnxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1d8e3871a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
1321217916907-bsikitemarklogo.png
g3w.cc/verify/login/files/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321217916907-bsikitemarklogo.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13516
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Tue, 26 Jul 2022 13:39:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6qjk9Ly4BIneeuS1FZJ8VaOE0%2F8I9lyQd%2BVtLxw0PZ9EjpdQGWiV0qn4Ti412q0J%2BSlVQ1dox5QdHlRm8kTERuYc83OJ%2BuFhRHg9AboVdxsSSsnqkIk3jjuIZq6MisTFVkjB%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
758afb1d8e3a71a5-LHR
expires
Sat, 10 Dec 2022 21:52:20 GMT
1321217916492-iso27001footer.JPG
g3w.cc/verify/login/files/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321217916492-iso27001footer.JPG
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI%2BWo3dJyP8dHPvMdAGzrhiBtLL7PTpSf0mP7uok4qZ4meYy842bSrVw7Gkmld8vBCGRxCFT4%2BL%2FZ0d9Zeep6YCgxn%2F9y0%2FCvxe3x54ujU%2BDJpsZNqX3EilB7bcl8Fb%2FVAjNk2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1d8e3b71a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
1321217918424-cyberfooter.jpg
g3w.cc/verify/login/files/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/1321217918424-cyberfooter.jpg
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9222
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
last-modified
Tue, 26 Jul 2022 13:39:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQxwfVqf0R9invflUOMYIQxrSHaZgGOD5eAo0re3dXLfj5SdrkYLG1BMR3PtV6G2j8ramwDSVq4Hy%2FTqCemhMJQ6zSUDv8Tj1DYBlHmdEyrvLl6ylOixvaTsYlMVniKqa2VGf5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
758afb1d8e3d71a5-LHR
expires
Sat, 10 Dec 2022 21:52:20 GMT
login-fscs.png
g3w.cc/verify/login/files/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3w.cc/verify/login/files/images/login-fscs.png
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5419
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
last-modified
Tue, 26 Jul 2022 13:40:04 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWkaqj36n2UzlIwj6XKzNOsCBqtmgnJ5HQbslys3e7dv7Rsox0h57XUNJXx5fUjjCmgBsLTzdikfUVcx9eHYlbC8NT0RCJBOQV3PLDE0hOf1S%2Ff0Joar8%2FUbwP%2Fo1sieDDUo02Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
758afb1d8e4371a5-LHR
expires
Sat, 10 Dec 2022 21:52:20 GMT
bdlLogin.bootstrap.min.js
g3w.cc/authlogin/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g3w.cc/authlogin/bdlLogin.bootstrap.min.js?v=1652782834434
Requested by
Host: g3w.cc
URL: https://g3w.cc/verify/login/confirme.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:bb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g3w.cc/verify/login/confirme.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y571IDHHPOnFjI8XShcG6Znv1%2BYOI%2BbH91%2BozxveWDVZf7PerB%2FIUJrwY9V2hUFgNsF%2Bv9SVJGPlLs4nrpn7NgcF0%2B4IoqVI%2BKAsHgKDZ6%2F9KAAGa1Bf0ZnqJfdW9Z3Q4nMAhHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
758afb1d8e4571a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
Padlock_icon.svg
bank.barclays.co.uk//authlogin/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk//authlogin/img/Padlock_icon.svg
Requested by
Host: bank.barclays.co.uk
URL: https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 22:20:04 GMT
last-modified
Thu, 22 Sep 2022 06:55:35 GMT
etag
"2f3-632c06e7"
vary
accept-encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
755
x-ua-compatible
chrome=IE6
expert-sans-regular.woff
bank.barclays.co.uk//authlogin/css/fonts/ 		0
0
expert-sans-light.woff
bank.barclays.co.uk//authlogin/css/fonts/ 		0
0
expert-sans-bold.woff
bank.barclays.co.uk//authlogin/css/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bank.barclays.co.uk
URL
https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff
Domain
bank.barclays.co.uk
URL
https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff
Domain
bank.barclays.co.uk
URL
https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-bold.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| s_account string| pathref boolean| ie8 object| bdlLogin boolean| asyncChatSwitch boolean| webChatSwitch boolean| wealthValue boolean| wealthSwitch boolean| privateBankValue boolean| privateBankSwitch boolean| contactUsSwitch boolean| cp1620Day2Switch boolean| barclaysDirectInvesting boolean| multiaddress boolean| multipreviousname boolean| addressLookUpSwitch string| serverDate string| dLink string| adobeDtmSwitch string| wealthType boolean| bcEnabled string| bcSlothInc boolean| bioCatch2 string| bcSlothVer string| bcSlothcdAPI string| bcSlothEngineI boolean| clarisiteSwitch boolean| digitalDataSwitch boolean| flatDigitalDataEnable boolean| tntSwitch boolean| isSolusSwitch boolean| siCredentialResetSwitch boolean| mortgageMasterSwitch boolean| mortgageFLDSwitch boolean| mortgageLockedOutSwitchValue boolean| mortgagePasscodeSwitch boolean| serviceStatusSwitch boolean| registrationRedirectSwitch boolean| speedyRegistrationRedirectSwitch boolean| checkMarxHighVulnerabilitySwitch boolean| lowVulnerabilitySwitch boolean| cookieBannerSwitch boolean| cookieConsentSwitch boolean| merchantSolusLiteSwitch boolean| threatMetrixExpansionSwitch boolean| otpServiceApiMigrationSwitch function| triggerRainID function| loadKrux function| myFunction function| myFunction1 function| myFunction2 function| validate object| dataLayer

1 Cookies

Domain/Path Name / Value
g3w.cc/ Name: PHPSESSID
Value: 311686168c36fff8885b9f8c573a2cbc

15 Console Messages

Source Level URL
Text
network error URL: https://g3w.cc/verify/login/files/images/1321077861212-mobile_step_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://g3w.cc/verify/login/files/images/1321077856766-mobile_step_2.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://g3w.cc/verify/login/files/images/1321217916492-iso27001footer.JPG
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://g3w.cc/verify/login/files/images/1321077861233-mobile_step_4.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://g3w.cc/authlogin/bdlLogin.bootstrap.min.js?v=1652782834434
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://g3w.cc/verify/login/confirme.php
Message:
Refused to execute script from 'https://g3w.cc/authlogin/bdlLogin.bootstrap.min.js?v=1652782834434' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
javascript error URL: https://g3w.cc/verify/login/confirme.php
Message:
Access to font at 'https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff' from origin 'https://g3w.cc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://g3w.cc/verify/login/confirme.php
Message:
Access to font at 'https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-bold.woff' from origin 'https://g3w.cc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://g3w.cc/verify/login/confirme.php
Message:
Access to font at 'https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff' from origin 'https://g3w.cc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://g3w.cc/verify/login/files/images/1321077850082-pin_step_3.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://g3w.cc/verify/login/files/images/1321077850040-pin_step_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://g3w.cc/verify/login/files/images/1321077850061-pin_step_2.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
g3w.cc
tags.tiqcdn.com
bank.barclays.co.uk
23.67.137.185
2606:4700:3035::6815:bb6
72.246.168.251
0023975c7de828d8aeac38f481446941a5d81a9910d16b43939766e1b706c46f
043a8acb15dd46453d623c2a5c95833553df96670362b943e03d2d8fd23af5ea
0c10ba07b680382fa1597a34d12f1a7c510fd84c84ad1e7a560c9cd9cf57f626
257ea4ad35b6a33181eac37b97b2769d7f022c190f8806687dd8ffed4262c124
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249
3ee57462911a4b21366c045caf399aa23893b878cc8ef04e1e27c772aad10980
3ff1d37131e3aabd7fa74254d026ce89659845a205117fe6a4b24975afe7694b
665287d35c411645a169b23134787d077fb9e2c8a2f88289b1ded5e0312b18cd
74e887257dcae8b8e8fb655bb4f6a08e427f69739260dc0330ced314ed44d23c
77730bc37f34df1565de6395e6c5f2dd701e75d6cf94584b8db79c29befbc34f
79d70600073cbe885ea0f39e0bf0864acea02b4e9e5780e9cf32a83744c70a48
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91
b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366
cb39877f6704a5d478e5e15635f08db07e4268050a2a0deaa4d4f7ec8a537a4c
cdfb75e4dc3418c474d86141c51fbaaeebcfe6b4d561980efa5b9ae821df7faf
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd