urlscan.io logo urlscan.io
SecurityTrails logo

alnatcolombia.com Open in urlscan Pro
162.241.61.139  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Submission: On November 05 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 162.241.61.139, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is alnatcolombia.com.
This is the only time alnatcolombia.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
12 162.241.61.139 19871 (NETWORK-S...)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.75.88.194 16625 (AKAMAI-AS)
3 23.67.137.185 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
22 6
12    162.241.61.139 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-61-139.unifiedlayer.com
alnatcolombia.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
3    23.67.137.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-185.deploy.static.akamaitechnologies.com
bank.barclays.co.uk
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
12 alnatcolombia.com
alnatcolombia.com
317 KB
3 barclays.co.uk
bank.barclays.co.uk — Cisco Umbrella Rank: 210685
82 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1058
15 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
3 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 447
31 KB
22 5
Domain Requested by
12 alnatcolombia.com alnatcolombia.com
3 bank.barclays.co.uk alnatcolombia.com
bank.barclays.co.uk
3 tags.tiqcdn.com alnatcolombia.com
1 cdnjs.cloudflare.com alnatcolombia.com
1 ajax.googleapis.com alnatcolombia.com
22 5

This site contains links to these domains. Also see Links.

Domain
status.uk.barclays
www.barclays.co.uk
www.bsigroup.com
www.iso.org
www.fscs.org.uk
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
bank.barclays.co.uk
DigiCert SHA2 Extended Validation Server CA		 2022-08-09 -
2023-08-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: http://alnatcolombia.com/wp-content/barclays/login/login.php
Frame ID: E0A1D8DE599E9979AEB1EE20F4E32C61
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Step 1 - Who are you? - Barclays Online Banking

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

23 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

448 kB
Transfer

953 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
alnatcolombia.com/wp-content/barclays/login/ 		141 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
e5706167c5b1bc09b0e7f62b5b448d674891bc50e62896d6b9062e3c95f2e6e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
none
Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 05 Nov 2022 12:00:04 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=75
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
Vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 08:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 08:30:01 GMT
utag.40.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.40.js?utv=ut4.46.202207191031
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
74e887257dcae8b8e8fb655bb4f6a08e427f69739260dc0330ced314ed44d23c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jul 2022 10:31:57 GMT
Server
AkamaiNetStorage
ETag
"8485eb0b9edca7616526bb702b852b9a:1658226717.947908"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6323
Expires
Sun, 20 Nov 2022 12:00:04 GMT
utag.34.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.34.js?utv=ut4.46.202207191031
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cb39877f6704a5d478e5e15635f08db07e4268050a2a0deaa4d4f7ec8a537a4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jul 2022 10:32:01 GMT
Server
AkamaiNetStorage
ETag
"7c5d3e5d5a2e95a0939297dd7c09c4cf:1658226721.624489"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6487
Expires
Sun, 20 Nov 2022 12:00:05 GMT
utag.35.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/PROD-G/utag.35.js?utv=ut4.46.202110270851
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c10ba07b680382fa1597a34d12f1a7c510fd84c84ad1e7a560c9cd9cf57f626

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jul 2022 10:32:00 GMT
Server
AkamaiNetStorage
ETag
"9a0633da8b216da1f6202952c0d93547:1658226720.555992"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1139
Expires
Sun, 20 Nov 2022 12:00:05 GMT
rolb-theme-2-0.css
bank.barclays.co.uk//authlogin/css/ 		333 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk//authlogin/css/rolb-theme-2-0.css?v=1652782834434
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 05 Nov 2022 12:00:05 GMT
last-modified
Thu, 13 Oct 2022 12:00:54 GMT
etag
"11083-6347fdf6"
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
69763
x-ua-compatible
chrome=IE6
authlogin-bdl.css
bank.barclays.co.uk//authlogin/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79d70600073cbe885ea0f39e0bf0864acea02b4e9e5780e9cf32a83744c70a48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 05 Nov 2022 12:00:05 GMT
last-modified
Thu, 13 Oct 2022 12:00:54 GMT
etag
"2f67-6347fdf6"
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
12135
x-ua-compatible
chrome=IE6
jquery.payment.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 12:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7582202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2420
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-210b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn1hsIstNZZcocn6%2BMCodc0%2B%2BUYg0sxvn5gkYPGLP8VI03AjlznkHQUWc1eqjRDvNBR0uObrO5l%2BLQbgiw6vSBODhBT9NeGuOyRCqcJj8fvsChTtfhJQMtDaHEKmQmackAWrJWLJzlSh%2BwBK3T%2F7LA7n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76556d4edea888b0-LHR
expires
Thu, 26 Oct 2023 12:00:04 GMT
1321077850040-pin_step_1.jpg
alnatcolombia.com/wp-content/barclays/login/files/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077850040-pin_step_1.jpg
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
8ec95cf81102c2d6f339a520f00f075730eb4fe6ca0d076bd0854e188c3ee3f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=75
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1321077850061-pin_step_2.jpg
alnatcolombia.com/wp-content/barclays/login/files/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077850061-pin_step_2.jpg
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
61ceb744e1218316b65948b3b78d69f7566c3eef94669108cfcc6d5f9ebb49e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=75
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1321077850082-pin_step_3.jpg
alnatcolombia.com/wp-content/barclays/login/files/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077850082-pin_step_3.jpg
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
8ec95cf81102c2d6f339a520f00f075730eb4fe6ca0d076bd0854e188c3ee3f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=75
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1321077861212-mobile_step_1.jpg
alnatcolombia.com/wp-content/barclays/login/files/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077861212-mobile_step_1.jpg
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
8ec95cf81102c2d6f339a520f00f075730eb4fe6ca0d076bd0854e188c3ee3f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=75
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1321077856766-mobile_step_2.jpg
alnatcolombia.com/wp-content/barclays/login/files/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077856766-mobile_step_2.jpg
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
8ec95cf81102c2d6f339a520f00f075730eb4fe6ca0d076bd0854e188c3ee3f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=75
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1321077861233-mobile_step_4.jpg
alnatcolombia.com/wp-content/barclays/login/files/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077861233-mobile_step_4.jpg
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
18bd36a66f8ea37afc02748eaf9d243c3a38b74d1f2ed9a0bcf293c6c337f5bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:07 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=73
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1321217916907-bsikitemarklogo.png
alnatcolombia.com/wp-content/barclays/login/files/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321217916907-bsikitemarklogo.png
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:08 GMT
Last-Modified
Tue, 26 Jul 2022 15:39:22 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
image/png
Cache-Control
max-age=10368000, public
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
13516
Expires
Sun, 05 Mar 2023 12:00:08 GMT
1321217916492-iso27001footer.JPG
alnatcolombia.com/wp-content/barclays/login/files/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321217916492-iso27001footer.JPG
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
5f91e3aec3b8e0df64085ce9c5623729c2c9c9ba59a6caa71b9dfb9e7a24b534

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=75
Expires
Wed, 11 Jan 1984 05:00:00 GMT
1321217918424-cyberfooter.jpg
alnatcolombia.com/wp-content/barclays/login/files/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/1321217918424-cyberfooter.jpg
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:08 GMT
Last-Modified
Tue, 26 Jul 2022 15:39:50 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
9222
Expires
Sun, 05 Mar 2023 12:00:08 GMT
login-fscs.png
alnatcolombia.com/wp-content/barclays/login/files/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://alnatcolombia.com/wp-content/barclays/login/files/images/login-fscs.png
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:08 GMT
Last-Modified
Tue, 26 Jul 2022 15:40:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
5419
Expires
Sun, 05 Mar 2023 12:00:08 GMT
bdlLogin.bootstrap.min.js
alnatcolombia.com/authlogin/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://alnatcolombia.com/authlogin/bdlLogin.bootstrap.min.js?v=1652782834434
Requested by
Host: alnatcolombia.com
URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Protocol
HTTP/1.1
Server
162.241.61.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-61-139.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://alnatcolombia.com/wp-content/barclays/login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 05 Nov 2022 12:00:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://alnatcolombia.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=74
Expires
Wed, 11 Jan 1984 05:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
Padlock_icon.svg
bank.barclays.co.uk//authlogin/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk//authlogin/img/Padlock_icon.svg
Requested by
Host: bank.barclays.co.uk
URL: https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bank.barclays.co.uk//authlogin/css/authlogin-bdl.css?v=1652782834434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 05 Nov 2022 12:00:05 GMT
last-modified
Thu, 13 Oct 2022 12:00:54 GMT
etag
"2f3-6347fdf6"
vary
accept-encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
755
x-ua-compatible
chrome=IE6
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03af6526f05c31ff2464c437502213ef4afee275fdc13aa2bfdea24e73ec33a9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
expert-sans-regular.woff
bank.barclays.co.uk//authlogin/css/fonts/ 		0
0
expert-sans-light.woff
bank.barclays.co.uk//authlogin/css/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bank.barclays.co.uk
URL
https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff
Domain
bank.barclays.co.uk
URL
https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery string| s_account string| pathref boolean| ie8 object| bdlLogin boolean| asyncChatSwitch boolean| webChatSwitch boolean| wealthValue boolean| wealthSwitch boolean| privateBankValue boolean| privateBankSwitch boolean| contactUsSwitch boolean| cp1620Day2Switch boolean| barclaysDirectInvesting boolean| multiaddress boolean| multipreviousname boolean| addressLookUpSwitch string| serverDate string| dLink string| adobeDtmSwitch string| wealthType boolean| bcEnabled string| bcSlothInc boolean| bioCatch2 string| bcSlothVer string| bcSlothcdAPI string| bcSlothEngineI boolean| clarisiteSwitch boolean| digitalDataSwitch boolean| flatDigitalDataEnable boolean| tntSwitch boolean| isSolusSwitch boolean| siCredentialResetSwitch boolean| mortgageMasterSwitch boolean| mortgageFLDSwitch boolean| mortgageLockedOutSwitchValue boolean| mortgagePasscodeSwitch boolean| serviceStatusSwitch boolean| registrationRedirectSwitch boolean| speedyRegistrationRedirectSwitch boolean| checkMarxHighVulnerabilitySwitch boolean| lowVulnerabilitySwitch boolean| cookieBannerSwitch boolean| cookieConsentSwitch boolean| merchantSolusLiteSwitch boolean| threatMetrixExpansionSwitch boolean| otpServiceApiMigrationSwitch function| myFunction function| myFunction1 function| myFunction2 function| triggerRainID function| loadKrux object| dataLayer

1 Cookies

Domain/Path Name / Value
alnatcolombia.com/ Name: PHPSESSID
Value: ac7ba46f4cffcf018fca7064258b8569

12 Console Messages

Source Level URL
Text
javascript error URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Message:
Access to font at 'https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff' from origin 'http://alnatcolombia.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://alnatcolombia.com/wp-content/barclays/login/login.php
Message:
Access to font at 'https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff' from origin 'http://alnatcolombia.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bank.barclays.co.uk//authlogin/css/fonts/expert-sans-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: http://alnatcolombia.com/authlogin/bdlLogin.bootstrap.min.js?v=1652782834434
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077856766-mobile_step_2.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077850082-pin_step_3.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077850061-pin_step_2.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077850040-pin_step_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077861212-mobile_step_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://alnatcolombia.com/wp-content/barclays/login/files/images/1321077861233-mobile_step_4.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://alnatcolombia.com/wp-content/barclays/login/files/images/1321217916492-iso27001footer.JPG
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alnatcolombia.com
bank.barclays.co.uk
cdnjs.cloudflare.com
tags.tiqcdn.com
bank.barclays.co.uk
104.75.88.194
162.241.61.139
23.67.137.185
2606:4700::6811:180e
2a00:1450:4001:810::200a
03af6526f05c31ff2464c437502213ef4afee275fdc13aa2bfdea24e73ec33a9
0c10ba07b680382fa1597a34d12f1a7c510fd84c84ad1e7a560c9cd9cf57f626
18bd36a66f8ea37afc02748eaf9d243c3a38b74d1f2ed9a0bcf293c6c337f5bf
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249
5f91e3aec3b8e0df64085ce9c5623729c2c9c9ba59a6caa71b9dfb9e7a24b534
61ceb744e1218316b65948b3b78d69f7566c3eef94669108cfcc6d5f9ebb49e3
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
74e887257dcae8b8e8fb655bb4f6a08e427f69739260dc0330ced314ed44d23c
79d70600073cbe885ea0f39e0bf0864acea02b4e9e5780e9cf32a83744c70a48
8ec95cf81102c2d6f339a520f00f075730eb4fe6ca0d076bd0854e188c3ee3f3
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91
b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366
cb39877f6704a5d478e5e15635f08db07e4268050a2a0deaa4d4f7ec8a537a4c
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6
e5706167c5b1bc09b0e7f62b5b448d674891bc50e62896d6b9062e3c95f2e6e6
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e