urlscan.io logo urlscan.io
SecurityTrails logo

nemah-law.com Open in urlscan Pro
192.185.74.25  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://nemah-law.com/verif/
Submission: On December 20 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 192.185.74.25, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is nemah-law.com.
TLS certificate: Issued by R3 on December 5th 2023. Valid for: 3 months.
This is the only time nemah-law.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
10 192.185.74.25 19871 (NETWORK-S...)
1 2 23.45.101.150 16625 (AKAMAI-AS)
11 3
Apex Domain
Subdomains		 Transfer
10 nemah-law.com
nemah-law.com
432 KB
2 barclays.co.uk
smetrics.barclays.co.uk — Cisco Umbrella Rank: 119018
1 KB
11 2
Domain Requested by
10 nemah-law.com nemah-law.com
2 smetrics.barclays.co.uk 1 redirects nemah-law.com
11 2

This site contains links to these domains. Also see Links.

Domain
www.barclays.co.uk
bank.barclays.co.uk
status.uk.barclays
www.bsigroup.com
www.iso.org
www.fscs.org.uk
Subject Issuer Validity Valid
nemah-law.com
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nemah-law.com/verif/
Frame ID: 3756FCB723BE36E3B586550145F2AE2D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Step 1 - Login details - Barclays Online BankingTick

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

432 kB
Transfer

771 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1--NS/0?&server=www.barclays.co.uk&ch=UKRBB&c54=JS_disabled HTTP 302
  • https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1--NS/0?AQB=1&pccr=true&server=www.barclays.co.uk&ch=UKRBB&c54=JS_disabled&AQE=1

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nemah-law.com/verif/ 		109 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nemah-law.com/verif/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
6401235e63300b85782caa0aec06d28f1a4e34971fdbd421aab5404597f0bebf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html
date
Wed, 20 Dec 2023 04:20:35 GMT
last-modified
Mon, 11 Dec 2023 04:52:14 GMT
server
Apache
vary
Accept-Encoding
rolb-theme-2-0.css
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/ 		333 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/rolb-theme-2-0.css
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/verif/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:35 GMT
content-encoding
gzip
last-modified
Mon, 11 Dec 2023 03:43:56 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
authlogin-bdl.css
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/ 		50 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/authlogin-bdl.css
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
79d70600073cbe885ea0f39e0bf0864acea02b4e9e5780e9cf32a83744c70a48

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/verif/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:35 GMT
content-encoding
gzip
last-modified
Mon, 11 Dec 2023 03:43:56 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
15563
mark-of-trust-kitemark-logo.png
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/mark-of-trust-kitemark-logo.png
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
cfb4f173773e27492a29df5d845616dc8e277f27a3f7c844f1ae456f95393c49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/verif/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:35 GMT
last-modified
Mon, 11 Dec 2023 03:43:56 GMT
server
Apache
accept-ranges
bytes
content-length
44674
content-type
image/png
mark-of-trust-certified-logo.png
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/mark-of-trust-certified-logo.png
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
890910ea7ff6e5484f37a80f492f03b7c6a49ce73089d732de137ec4f968bacc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/verif/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:35 GMT
last-modified
Mon, 11 Dec 2023 03:43:56 GMT
server
Apache
accept-ranges
bytes
content-length
47348
content-type
image/png
Cyber-Essentials-Plus-logo.png
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/Cyber-Essentials-Plus-logo.png
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
53658b0d2d395aad315abf3906b9e9a95f9601727b9df0630b9cd87e6c90a0f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/verif/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:35 GMT
last-modified
Mon, 11 Dec 2023 03:43:56 GMT
server
Apache
accept-ranges
bytes
content-length
169688
content-type
image/png
login-fscs.png
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/login-fscs.png
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/verif/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:35 GMT
last-modified
Mon, 11 Dec 2023 03:43:56 GMT
server
Apache
accept-ranges
bytes
content-length
5419
content-type
image/png
0
smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1--NS/
Redirect Chain
  • https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1--NS/0?&server=www.barclays.co.uk&ch=UKRBB&c54=JS_disabled
  • https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1--NS/0?AQB=1&pccr=true&server=www.barclays.co.uk&ch=UKRBB&c54=JS_disabled&AQE=1
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1--NS/0?AQB=1&pccr=true&server=www.barclays.co.uk&ch=UKRBB&c54=JS_disabled&AQE=1
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/
Protocol
H2
Server
23.45.101.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-150.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 04:20:36 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Thu, 21 Dec 2023 04:20:36 GMT
etag
3657263514810220544-4617500423824254740
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1;mode=block
expires
Tue, 19 Dec 2023 04:20:36 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 04:20:36 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Thu, 21 Dec 2023 04:20:36 GMT
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
location
https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1--NS/0?AQB=1&pccr=true&server=www.barclays.co.uk&ch=UKRBB&c54=JS_disabled&AQE=1
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
0
x-xss-protection
1;mode=block
expires
Tue, 19 Dec 2023 04:20:36 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
Padlock_icon.svg
nemah-law.com/verif/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nemah-law.com/verif/img/Padlock_icon.svg
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/authlogin-bdl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/authlogin-bdl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:36 GMT
content-encoding
gzip
last-modified
Sun, 02 Oct 2022 13:11:21 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
4677
expert-sans-regular.woff
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/fonts/expert-sans-regular.woff
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/rolb-theme-2-0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Referer
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/rolb-theme-2-0.css
Origin
https://nemah-law.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:36 GMT
content-encoding
gzip
last-modified
Sun, 02 Oct 2022 13:11:21 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
4677
expert-sans-light.woff
nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/fonts/expert-sans-light.woff
Requested by
Host: nemah-law.com
URL: https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/rolb-theme-2-0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.74.25 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-74-25.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Referer
https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/rolb-theme-2-0.css
Origin
https://nemah-law.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:36 GMT
content-encoding
gzip
last-modified
Sun, 02 Oct 2022 13:11:21 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
4677
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03af6526f05c31ff2464c437502213ef4afee275fdc13aa2bfdea24e73ec33a9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| saveLoginInfo

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://nemah-law.com/verif/img/Padlock_icon.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/fonts/expert-sans-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nemah-law.com/verif/Step%201%20-%20Login%20details%20-%20Barclays%20Online%20Banking_files/fonts/expert-sans-light.woff
Message:
Failed to load resource: the server responded with a status of 404 ()