nguoiyeuphim.com Open in urlscan Pro
31.22.4.116 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nguoiyeuphim.com/Metro/Authentication.php
Submission: On February 03 via automatic, source openphish (February 3rd 2019, 2:53:31 am UTC)

Summary HTTP 36 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 36 HTTP transactions. The main IP is 31.22.4.116, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is nguoiyeuphim.com.

This is the only time nguoiyeuphim.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address	AS Autonomous System
5	31.22.4.116 31.22.4.116	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
31	104.111.249.181 104.111.249.181	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
36	2

5 31.22.4.116 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv34.byethost34.org

nguoiyeuphim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.111.249.181 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-249-181.deploy.static.akamaitechnologies.com

bank.barclays.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	barclays.co.uk bank.barclays.co.uk	286 KB
5	nguoiyeuphim.com nguoiyeuphim.com	8 KB
36	2

	Domain	Requested by
31	bank.barclays.co.uk	nguoiyeuphim.com
5	nguoiyeuphim.com	nguoiyeuphim.com
36	2

This site contains links to these domains. Also see Links.

Domain
bank.barclays.co.uk
www.newsroom.barclays.co.uk
www.personal.barclays.co.uk
www.secure.barclays.co.uk
www.barclays.co.uk
www.barclays.com
www.lendingstandardsboard.org.uk
www.premierleague.com

Subject Issuer	Validity	Valid
bank.barclays.co.uk Entrust Certification Authority - L1M	`2019-01-09` - `2019-04-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://nguoiyeuphim.com/Metro/Authentication.php
Frame ID: 97B2821E5835A709AD20CC1AB0762E83
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

36
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

294 kB
Transfer

970 kB
Size

1
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://bank.barclays.co.uk/olb/auth/MobiLoginLink.action?screferrer=DIRECT
Title: Mobile site

Search URL Search Domain Scan URL

URL: http://www.newsroom.barclays.co.uk/?screferrer=DIRECT
Title: About Barclays

Search URL Search Domain Scan URL

URL: https://bank.barclays.co.uk/olb/auth/FeedbackFormView.action?screferrer=DIRECT
Title: Contact us

Search URL Search Domain Scan URL

URL: http://www.personal.barclays.co.uk/goto/genolb_onlinesecurity?screferrer=DIRECT
Title: Security

Search URL Search Domain Scan URL

URL: https://www.secure.barclays.co.uk/cs/Satellite?c=Info_C&pagename=BarclaysOnline/BOPopUp&cid=1242601682948&screferrer=DIRECT
Title: Legal

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/accessibility/?screferrer=DIRECT
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://www.barclays.com/
Title: Home

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/?screferrer=DIRECT
Title:

Search URL Search Domain Scan URL

URL: https://www.secure.barclays.co.uk/P1242593345752?screferrer=DIRECT
Title:

Search URL Search Domain Scan URL

URL: https://www.secure.barclays.co.uk/P1242601402863?screferrer=DIRECT
Title: What if I don't have the right type of card?

Search URL Search Domain Scan URL

URL: https://www.secure.barclays.co.uk/P1242595189656?screferrer=DIRECT
Title: I need help using PINsentry?

Search URL Search Domain Scan URL

URL: https://www.secure.barclays.co.uk/P1242595189752?screferrer=DIRECT
Title: What if I don't have a PINsentry device?

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/Helpsupport/TourPINsentry/P1242559977752?screferrer=DIRECT
Title: Watch a PINsentry tour

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/pinsentry?screferrer=DIRECT
Title: Try the interactive demo

Search URL Search Domain Scan URL

URL: https://www.secure.barclays.co.uk/Helpsupport/Contactusaboutfraud/P1242560037908?screferrer=DIRECT
Title: contact us

Search URL Search Domain Scan URL

URL: http://www.lendingstandardsboard.org.uk/
Title: www.lendingstandardsboard.org.uk

Search URL Search Domain Scan URL

URL: http://www.premierleague.com/
Title: Proud sponsors of the Barclays Premier League

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Authentication.php Show response
nguoiyeuphim.com/Metro/ 20 KB
6 KB 53ms
52ms Document
text/html 31.22.4.116
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nguoiyeuphim.com/Metro/Authentication.php
Protocol: HTTP/1.1
Server: 31.22.4.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv34.byethost34.org
Software: nginx /
Resource Hash: 5a68af53e4a38eeb1cff12aca78da32f2802bc704a19438013abbbb8f722b1d0

Request headers

Host: nguoiyeuphim.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Sun, 03 Feb 2019 02:53:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=0
Expires: Sun, 03 Feb 2019 02:53:15 GMT
Content-Encoding: gzip

GET
H2 200 barclays.css
bank.barclays.co.uk/css/ 285 KB
50 KB 82ms
80ms Stylesheet
text/css 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/css/barclays.css

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

562p-01 /

Resource Hash

e9df3e6267d63ac741531d69c3d8e08435a049b21a9f58b89f21e5beb23b76ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 11 Sep 2018 12:55:20 GMT
server: 562p-01
etag: "c4cc-5b97bb38"
vary: accept-encoding
content-type: text/css
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 50380
x-ua-compatible: chrome=IE6

GET
H2 200 features-store.css
bank.barclays.co.uk/css/ 86 KB
15 KB 87ms
86ms Stylesheet
text/css 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/css/features-store.css

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

9c5614f18582d4f3dcb7a503cda6b03b01c4a751ef4fd2b165a422937857f37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:38 GMT
server: 560p-01
etag: "3a76-5c12008a"
vary: accept-encoding
content-type: text/css
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 14966
x-ua-compatible: chrome=IE6

GET
H2 200 jq.js Show response
bank.barclays.co.uk/js/jq/ 274 KB
83 KB 86ms
85ms Script
application/x-javascript 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/jq/jq.js

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

559p-01 /

Resource Hash

bbd75191ee52f8422abbeccbd77a625b5bbffd02eacc9764a68f1a093698545d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:51 GMT
server: 559p-01
etag: "1484a-5c120097"
vary: accept-encoding
content-type: application/x-javascript
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 84042
x-ua-compatible: chrome=IE6

GET
H2 200 iBarclays.js Show response
bank.barclays.co.uk/js/ib/ 3 KB
2 KB 99ms
98ms Script
application/x-javascript 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/iBarclays.js

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

9fdc07f66f9bc8571ec24bb4cde8969ef6b832f940d8764f552c9bdb00afe84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:51 GMT
server: 560p-01
etag: "517-5c120097"
vary: accept-encoding
content-type: application/x-javascript
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 1303
x-ua-compatible: chrome=IE6

GET
H2 200 ib-pre.js Show response
bank.barclays.co.uk/js/ib/ 176 KB
38 KB 100ms
100ms Script
application/x-javascript 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/ib-pre.js

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

561p-01 /

Resource Hash

3eb081e0c28a146e903d91a48aee3ffe1770ec035d23dcf8a84b002fa86bafea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 11 Sep 2018 12:52:51 GMT
server: 561p-01
etag: "9769-5b97baa3"
vary: accept-encoding
content-type: application/x-javascript
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 38761
x-ua-compatible: chrome=IE6

GET
H2 200 iBarclays.Unlock.js Show response
bank.barclays.co.uk/js/ib/ 57 B
411 B 99ms
98ms Script
application/x-javascript 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/iBarclays.Unlock.js

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:51 GMT
server: 560p-01
etag: "4b-5c120097"
vary: accept-encoding
content-type: application/x-javascript
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 75
x-ua-compatible: chrome=IE6

GET
H2 200 mbox.js Show response
bank.barclays.co.uk/touchclarity/ 29 KB
8 KB 123ms
122ms Script
application/x-javascript 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/touchclarity/mbox.js

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

562p-01 /

Resource Hash

43e8d28010d5185e1ed218db5b7c537251f019713b02464fd3b6be08b65751e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:56 GMT
server: 562p-01
etag: "205e-5c12009c"
vary: accept-encoding
content-type: application/x-javascript
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 8286
x-ua-compatible: chrome=IE6

GET
H2 200 barclays-logo.png
bank.barclays.co.uk/img/logos/ 4 KB
4 KB 78ms
78ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/logos/barclays-logo.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:12 GMT
server: 560p-01
etag: "ec0-5c11ff08"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 3776
x-ua-compatible: chrome=IE6

GET
H2 200 16-digit.png
bank.barclays.co.uk/img/cards/ 6 KB
6 KB 80ms
80ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/cards/16-digit.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

eac2aa545c70a126d1b6bf519a3cc343d7b36f696cf62bc9e4c1af83ee7e09c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:26 GMT
server: 560p-01
etag: "163d-5c11ff16"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 5693
x-ua-compatible: chrome=IE6

GET
H2 200 pinsentry.png
bank.barclays.co.uk/img/login/ 7 KB
7 KB 96ms
96ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/login/pinsentry.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

7aa3ab78eed25cee24f26145f52000639ddd83859d80fd6e59c9f68f1fc6a570

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:27 GMT
server: 560p-01
etag: "1a03-5c11ff17"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 6659
x-ua-compatible: chrome=IE6

GET
H2 200 ps-identify.png
bank.barclays.co.uk/img/icons/ 1 KB
1 KB 90ms
89ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/icons/ps-identify.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

1a9aae2406adf2999e725539d5bd78fea39e63b75cc510abf58d90291e5707c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:11 GMT
server: 560p-01
etag: "479-5c11ff07"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 1145
x-ua-compatible: chrome=IE6

GET
H2 200 Authenticate.js Show response
bank.barclays.co.uk/js/pages/ 10 KB
3 KB 81ms
81ms Script
application/x-javascript 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/pages/Authenticate.js

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

2b3d2d575527b2319f98766feaecc44139e7ab0137176f24d18f3fd262be118c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:53 GMT
server: 560p-01
etag: "92c-5c120099"
vary: accept-encoding
content-type: application/x-javascript
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 2348
x-ua-compatible: chrome=IE6

GET
H2 200 premier_league_masthead.jpg
bank.barclays.co.uk/img/logos/ 4 KB
5 KB 101ms
100ms Image
image/jpeg 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/logos/premier_league_masthead.jpg

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:22 GMT
server: 560p-01
etag: "1105-5c11ff12"
content-type: image/jpeg
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 4357
x-ua-compatible: chrome=IE6

GET
H2 200 s_codenocookies.js Show response
bank.barclays.co.uk/js/sitecatalyst/ 1 KB
976 B 81ms
80ms Script
application/x-javascript 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/sitecatalyst/s_codenocookies.js

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

e8e124a7b3691a6d17744892f1ac589aee332f1fe73c1ca4807f35ae78025768

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:54 GMT
server: 560p-01
etag: "2bc-5c12009a"
vary: accept-encoding
content-type: application/x-javascript
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 700
x-ua-compatible: chrome=IE6

GET
H2 200 print-browser.css
bank.barclays.co.uk/css/ 5 KB
2 KB 101ms
100ms Stylesheet
text/css 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/css/print-browser.css

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

663057d96ebf667a2ee952d41838e2309d614043260caffb37409fc6149b387a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 06:47:38 GMT
server: 560p-01
etag: "6ae-5c12008a"
vary: accept-encoding
content-type: text/css
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 1710
x-ua-compatible: chrome=IE6

GET
H/1.1 404
Not Found closed.gif
nguoiyeuphim.com/img/table/ 337 B
337 B 47ms
46ms Image
text/html 31.22.4.116
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nguoiyeuphim.com/img/table/closed.gif
Requested by: Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php
Protocol: HTTP/1.1
Server: 31.22.4.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv34.byethost34.org
Software: nginx /
Resource Hash: 7f0637210a8eac85740fe43cba896c8236c18b80e6285165226e150952ffc62c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nguoiyeuphim.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
Cookie: mbox=check#true#1549162456|session#1549162395357-244995#1549164256|disable#ccp#1549165996
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 03 Feb 2019 02:53:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found open.gif
nguoiyeuphim.com/img/table/ 335 B
335 B 81ms
43ms Image
text/html 31.22.4.116
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nguoiyeuphim.com/img/table/open.gif
Requested by: Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php
Protocol: HTTP/1.1
Server: 31.22.4.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv34.byethost34.org
Software: nginx /
Resource Hash: f58292da60e2bb0f4a6677dae5d87e19bae3f9fb75865e3067c666a905fb7796

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nguoiyeuphim.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
Cookie: mbox=check#true#1549162456|session#1549162395357-244995#1549164256|disable#ccp#1549165996
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 03 Feb 2019 02:53:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found closed-white.gif
nguoiyeuphim.com/img/table/ 343 B
343 B 88ms
48ms Image
text/html 31.22.4.116
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nguoiyeuphim.com/img/table/closed-white.gif
Requested by: Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php
Protocol: HTTP/1.1
Server: 31.22.4.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv34.byethost34.org
Software: nginx /
Resource Hash: e3ac2c4c22fc3335cd542852fbfa8e132ad5d3702884a2c4a18442972978bf30

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nguoiyeuphim.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
Cookie: mbox=check#true#1549162456|session#1549162395357-244995#1549164256|disable#ccp#1549165996
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 03 Feb 2019 02:53:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found open-white.gif
nguoiyeuphim.com/img/table/ 341 B
341 B 90ms
49ms Image
text/html 31.22.4.116
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nguoiyeuphim.com/img/table/open-white.gif
Requested by: Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php
Protocol: HTTP/1.1
Server: 31.22.4.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv34.byethost34.org
Software: nginx /
Resource Hash: b145414c47742c111827253a974217d096a152417eaf0debbb9e4ce060898ef3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nguoiyeuphim.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
Cookie: mbox=check#true#1549162456|session#1549162395357-244995#1549164256|disable#ccp#1549165996
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nguoiyeuphim.com/Metro/Authentication.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 03 Feb 2019 02:53:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 eagle.jpg
bank.barclays.co.uk/img/backgrounds/ 13 KB
14 KB 87ms
86ms Image
image/jpeg 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/eagle.jpg

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

2cf9a13b0c760bc23d003af1a8dd924d5d90b4c350a97b0bbe59c32a24684955

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:10 GMT
server: 560p-01
etag: "3523-5c11ff06"
content-type: image/jpeg
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 13603
x-ua-compatible: chrome=IE6

GET
H2 200 body-background-top.png
bank.barclays.co.uk/img/backgrounds/ 166 B
413 B 85ms
85ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/body-background-top.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

840de33c29f831458689bd2f1f14496529edd7670521eb0115de29469e50857a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:19 GMT
server: 560p-01
etag: "a6-5c11ff0f"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 166
x-ua-compatible: chrome=IE6

GET
H2 200 menu-bar-bg.png
bank.barclays.co.uk/img/backgrounds/ 267 B
514 B 111ms
110ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/menu-bar-bg.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

bcd3f5688ac19f672f74ee03db1a5cb7303b62dfba5b9c54e87d6d0370964db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:19 GMT
server: 560p-01
etag: "10b-5c11ff0f"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 267
x-ua-compatible: chrome=IE6

GET
H2 200 login-icon.gif
bank.barclays.co.uk/img/login/ 831 B
1 KB 111ms
110ms Image
image/gif 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/login/login-icon.gif

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

1329a745be28ac372a6ae7646ccabd81f63491b8cc8087c8cf264f079fd4d4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:27 GMT
server: 560p-01
etag: "33f-5c11ff17"
content-type: image/gif
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 831
x-ua-compatible: chrome=IE6

GET
H2 200 progress-bar.png
bank.barclays.co.uk/img/backgrounds/ 1 KB
2 KB 105ms
104ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/progress-bar.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

3611591f7a8d8193e8e3d1f1b1d0dd949fc60166dc79a7e2d41ed2252ac489c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/features-store.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:26 GMT
server: 560p-01
etag: "537-5c11ff16"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 1335
x-ua-compatible: chrome=IE6

GET
H2 200 info-icons.png
bank.barclays.co.uk/img/icons/ 7 KB
8 KB 87ms
86ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/icons/info-icons.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

226670f7527e456e3961247c89a48b5d51bf64c96c0cc117e62d7a9ea62a2c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:15 GMT
server: 560p-01
etag: "1dc3-5c11ff0b"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 7619
x-ua-compatible: chrome=IE6

GET
H2 200 text-input-bg.png
bank.barclays.co.uk/img/form/ 3 KB
3 KB 94ms
93ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/form/text-input-bg.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

66a4541bdd7d7614ce0eb006826168ac07172bba2afb3d21c2d00b90418ce3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:25 GMT
server: 560p-01
etag: "bcf-5c11ff15"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 3023
x-ua-compatible: chrome=IE6

GET
H2 200 inline-help.png
bank.barclays.co.uk/img/backgrounds/ 622 B
868 B 77ms
77ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/inline-help.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

5032ce717cb7e8109db86c863d49fe82bb87399ee08cc4050d7f92e1aa41be72

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:21 GMT
server: 560p-01
etag: "26e-5c11ff11"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 622
x-ua-compatible: chrome=IE6

GET
H2 200 buttons.png
bank.barclays.co.uk/img/buttons/ 11 KB
12 KB 111ms
110ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/buttons/buttons.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

fabaeb836936029320ea8d1ef0cfb033a67f81623a4577ba1fe42a6b7c278642

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:20 GMT
server: 560p-01
etag: "2dc1-5c11ff10"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 11713
x-ua-compatible: chrome=IE6

GET
H2 200 buttons-mid.png
bank.barclays.co.uk/img/buttons/ 476 B
723 B 111ms
111ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/buttons/buttons-mid.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

9378b8d6488dbcdf668e5caa8a617be6671659666c63aec1ef9c655c1d09b89f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:11 GMT
server: 560p-01
etag: "1dc-5c11ff07"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 476
x-ua-compatible: chrome=IE6

GET
H2 200 background.jpg
bank.barclays.co.uk/img/login/ 11 KB
12 KB 107ms
107ms Image
image/jpeg 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/login/background.jpg

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

eaa5f0c0d57aaccedc783e3eda5d708776cbf2506c9a7937b4ced53d965c2c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:19 GMT
server: 560p-01
etag: "2d19-5c11ff0f"
content-type: image/jpeg
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 11545
x-ua-compatible: chrome=IE6

GET
H2 200 header-standard.png
bank.barclays.co.uk/img/backgrounds/ 607 B
854 B 106ms
106ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/header-standard.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

737ce425b0b3c3c9593224f62a3d3e555e06f57c5f4fb99b3834b89312676ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:17 GMT
server: 560p-01
etag: "25f-5c11ff0d"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 607
x-ua-compatible: chrome=IE6

GET
H2 200 module-footer-bg.png
bank.barclays.co.uk/img/backgrounds/ 384 B
631 B 113ms
112ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/module-footer-bg.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

a02a0402b171a6d8bc2e2caac6ba34c9ca73156247866f90806c6584f4038797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:14 GMT
server: 560p-01
etag: "180-5c11ff0a"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 384
x-ua-compatible: chrome=IE6

GET
H2 200 pinsentry-help.png
bank.barclays.co.uk/img/icons/ 6 KB
6 KB 101ms
100ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/icons/pinsentry-help.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

b11155cbe776b0ab77a0a6146ef1989d7a1500a9fd84da4a901629693c2632ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:12 GMT
server: 560p-01
etag: "16d0-5c11ff08"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 5840
x-ua-compatible: chrome=IE6

GET
H2 200 body-background-bottom.png
bank.barclays.co.uk/img/backgrounds/ 162 B
407 B 79ms
79ms Image
image/png 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/body-background-bottom.png

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

26a876aa5880f9067f76a4b59a0d8e488238b2fad03517c6cb690f9a8d044399

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:30 GMT
server: 560p-01
etag: "a2-5c11ff1a"
content-type: image/png
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 162
x-ua-compatible: chrome=IE6

GET
H2 200 body-background-outline.gif
bank.barclays.co.uk/img/backgrounds/ 2 KB
2 KB 89ms
88ms Image
image/gif 104.111.249.181
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/body-background-outline.gif

Requested by

Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/Authentication.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-249-181.deploy.static.akamaitechnologies.com

Software

560p-01 /

Resource Hash

675b6641ffb8bc59d657e78fa1d2b2639d73f93da333442dab37490fe4dd1d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

Referer: https://bank.barclays.co.uk/css/barclays.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains; preload
last-modified: Thu, 13 Dec 2018 06:41:18 GMT
server: 560p-01
etag: "60c-5c11ff0e"
content-type: image/gif
status: 200
date: Sun, 03 Feb 2019 02:53:15 GMT
accept-ranges: bytes
content-length: 1548
x-ua-compatible: chrome=IE6

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nguoiyeuphim.com/	1970-01-18 22:19:25	Name: mbox Value: check#true#1549162456\|session#1549162395357-244995#1549164256\|disable#ccp#1549165996

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
nguoiyeuphim.com
104.111.249.181
31.22.4.116
1329a745be28ac372a6ae7646ccabd81f63491b8cc8087c8cf264f079fd4d4f2
1a9aae2406adf2999e725539d5bd78fea39e63b75cc510abf58d90291e5707c3
226670f7527e456e3961247c89a48b5d51bf64c96c0cc117e62d7a9ea62a2c52
26a876aa5880f9067f76a4b59a0d8e488238b2fad03517c6cb690f9a8d044399
2b3d2d575527b2319f98766feaecc44139e7ab0137176f24d18f3fd262be118c
2cf9a13b0c760bc23d003af1a8dd924d5d90b4c350a97b0bbe59c32a24684955
3611591f7a8d8193e8e3d1f1b1d0dd949fc60166dc79a7e2d41ed2252ac489c2
3eb081e0c28a146e903d91a48aee3ffe1770ec035d23dcf8a84b002fa86bafea
43e8d28010d5185e1ed218db5b7c537251f019713b02464fd3b6be08b65751e1
5032ce717cb7e8109db86c863d49fe82bb87399ee08cc4050d7f92e1aa41be72
5a68af53e4a38eeb1cff12aca78da32f2802bc704a19438013abbbb8f722b1d0
663057d96ebf667a2ee952d41838e2309d614043260caffb37409fc6149b387a
66a4541bdd7d7614ce0eb006826168ac07172bba2afb3d21c2d00b90418ce3a8
675b6641ffb8bc59d657e78fa1d2b2639d73f93da333442dab37490fe4dd1d09
737ce425b0b3c3c9593224f62a3d3e555e06f57c5f4fb99b3834b89312676ff3
7aa3ab78eed25cee24f26145f52000639ddd83859d80fd6e59c9f68f1fc6a570
7f0637210a8eac85740fe43cba896c8236c18b80e6285165226e150952ffc62c
840de33c29f831458689bd2f1f14496529edd7670521eb0115de29469e50857a
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c
9378b8d6488dbcdf668e5caa8a617be6671659666c63aec1ef9c655c1d09b89f
9c5614f18582d4f3dcb7a503cda6b03b01c4a751ef4fd2b165a422937857f37b
9fdc07f66f9bc8571ec24bb4cde8969ef6b832f940d8764f552c9bdb00afe84d
a02a0402b171a6d8bc2e2caac6ba34c9ca73156247866f90806c6584f4038797
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
b11155cbe776b0ab77a0a6146ef1989d7a1500a9fd84da4a901629693c2632ae
b145414c47742c111827253a974217d096a152417eaf0debbb9e4ce060898ef3
bbd75191ee52f8422abbeccbd77a625b5bbffd02eacc9764a68f1a093698545d
bcd3f5688ac19f672f74ee03db1a5cb7303b62dfba5b9c54e87d6d0370964db3
e3ac2c4c22fc3335cd542852fbfa8e132ad5d3702884a2c4a18442972978bf30
e8e124a7b3691a6d17744892f1ac589aee332f1fe73c1ca4807f35ae78025768
e9df3e6267d63ac741531d69c3d8e08435a049b21a9f58b89f21e5beb23b76ad
eaa5f0c0d57aaccedc783e3eda5d708776cbf2506c9a7937b4ced53d965c2c94
eac2aa545c70a126d1b6bf519a3cc343d7b36f696cf62bc9e4c1af83ee7e09c9
f58292da60e2bb0f4a6677dae5d87e19bae3f9fb75865e3067c666a905fb7796
fabaeb836936029320ea8d1ef0cfb033a67f81623a4577ba1fe42a6b7c278642

nguoiyeuphim.com Open in urlscan Pro 31.22.4.116 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

36 Requests

86 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

294 kBTransfer

970 kBSize

1 Cookies

17 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nguoiyeuphim.com Open in urlscan Pro
31.22.4.116 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

294 kB
Transfer

970 kB
Size

1
Cookies

36 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!