urlscan.io logo urlscan.io
SecurityTrails logo

forms.clydesdalebankintermediaries.co.uk Open in urlscan Pro
62.172.139.72  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Submission: On May 11 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 62.172.139.72, located in Glasgow, United Kingdom and belongs to BT-UK-AS BTnet UK Regional network, GB. The main domain is forms.clydesdalebankintermediaries.co.uk.
TLS certificate: Issued by Entrust Certification Authority - L1M on December 7th 2020. Valid for: a year.
This is the only time forms.clydesdalebankintermediaries.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Clydesdale Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
13 62.172.139.72 2856 (BT-UK-AS ...)
13 1
Domain Requested by
13 forms.clydesdalebankintermediaries.co.uk forms.clydesdalebankintermediaries.co.uk
13 1

This site contains links to these domains. Also see Links.

Domain
www.clydesdalebankintermediaries.co.uk
Subject Issuer Validity Valid
forms.clydesdalebankintermediaries.co.uk
Entrust Certification Authority - L1M		 2020-12-07 -
2021-12-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Frame ID: B338DA080B33BF18067A635D5DE27FDE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

325 kB
Transfer

319 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login.ctl
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
2d43408241b64aa400ea5d6e470f7ab12ce5e8b9b807547852ca9dfedfacfdfe
Security Headers
Name Value
Strict-Transport-Security
X-Frame-Options DENY

Request headers

Host
forms.clydesdalebankintermediaries.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-language
en-GB
content-type
text/html; charset=ISO-8859-1
date
Tue, 11 May 2021 12:17:08 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-frame-options
DENY
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, private
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
pragma
no-cache
Set-Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; Path=/brk-lm/; Secure; HttpOnly TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; path=/brk-lm/
Transfer-Encoding
chunked
Cookie set base.css
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/ 		68 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/base.css
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
70d4661c3a25cb80d744a74d6a7f8f3934dc2c2a41df8c5c660a849f796df7b4
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
text/css
content-length
69977
Cookie set custom.css
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/custom.css
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
d15d9eccfff23be5749cddc0a9c95795155d819bda7850dfa474ae26827b018f
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
text/css
content-length
18840
Cookie set main.js
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/scripts/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/scripts/main.js
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
c3493c275469847dad186e5daaac7dc9ba8f3a2d51263be29ac8869291f9c6c3
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:34 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
application/javascript
content-length
13964
Cookie set general.js
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/scripts/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/scripts/general.js
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
616b8e96b99f735fb05d918ee948d6142462edc640b150c5b5bb014c1e4a1149
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:34 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
application/javascript
content-length
4294
Cookie set text-size.js
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/scripts/text-size.js
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
8e3749f450d025dd307b8595c426d6afd1910518a030c90ce288f6e86cfff8db
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:34 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
application/javascript
content-length
7081
Cookie set modernizr.foundation.js
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/javascripts/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/javascripts/modernizr.foundation.js
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
d44d1484dd41b8250f08d7ce863c8048d82a9317753c2a94c14c96706ee1352f
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
application/javascript
content-length
6632
Cookie set jquery.min.js
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/javascripts/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/javascripts/jquery.min.js
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
application/javascript
content-length
88145
Cookie set foundation.js
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/javascripts/ 		0
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/javascripts/foundation.js
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
application/javascript
content-length
0
Cookie set Site-logo-cb.gif
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/images/Site-logo-cb.gif
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
e850bb024827cb00f4c7e973c1d9c4448b6fa4e145815327965f214599df96e6
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
image/gif
content-length
5608
Cookie set print.css
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/ 		137 B
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/print.css
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
3e2fc14e80cab70a5fe8ebc1b63c924560a8fa5b2c9fe070c4aee6f7ee1b47f7
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/login.ctl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
text/css
content-length
137
Cookie set NAGfont.woff
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/fonts/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/fonts/NAGfont.woff
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
fd8e8a91e0da9e174b635b945cb4e3c87c5c55b8631cfb1d2475b5d67e474aaa
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://forms.clydesdalebankintermediaries.co.uk
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/base.css
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Origin
https://forms.clydesdalebankintermediaries.co.uk
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
text/plain
content-length
105456
Cookie set cb-icon-contact.png
forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/images/cb-icon-contact.png
Requested by
Host: forms.clydesdalebankintermediaries.co.uk
URL: https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.172.139.72 Glasgow, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
65766d77b0d7174035e4431a69934ee7f04075dfc708200721e5a4c785a12488
Security Headers
Name Value
Strict-Transport-Security

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
forms.clydesdalebankintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/custom.css
Cookie
JSESSIONID=0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13; TS01a9ad5e=0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416; TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
Connection
keep-alive
Referer
https://forms.clydesdalebankintermediaries.co.uk/brk-lm/3plm-web/stylesheets/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 12:17:09 GMT
last-modified
Thu, 09 Apr 2020 13:42:32 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
content-language
en-GB
Set-Cookie
TS01e071f5=0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7; Path=/; Domain=.forms.clydesdalebankintermediaries.co.uk
content-type
image/png
content-length
1231

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Clydesdale Bank (Banking)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| setActiveStyleSheet function| getActiveStyleSheet function| getPreferredStyleSheet function| createCookie function| readCookie number| min number| max function| increaseFontSize function| decreaseFontSize function| standardFontSize function| disable_stylesheets function| enable_stylesheets function| changeActive function| validateRegistrationForm function| validateLoginForm function| validateForgottenPasswordForm function| validateBlankPassword function| validateResetPasswordForm function| validateRegFormEmail function| validateBlankEmail function| validateRegFormPassword function| validateRegFormConfirmPassword function| validateRegFormSecurityQuestion function| validateRegFormSecurityAnswer function| validateRegFormConfirmSecurityAnswer function| validateResetPasswordFormPassword function| validateResetPasswordFormConfirmPassword undefined| onKDHandler function| initKey function| init function| disstatus function| getCookieVal function| getCookie function| sendMenuRequest function| checkAll function| unCheckAll function| popupWindow boolean| canClose function| logout number| submitCounter function| doubleSubmitGuard function| toUpperCase boolean| isSafari undefined| NS4 undefined| IE4 undefined| ver4 undefined| IE5 boolean| isMac function| Cookie function| applyFontCookieSetting function| saveFontCookie function| getRootDomain function| applyFontSize function| applyFontSizeToElementIds function| applyFontSizeToElementType object| Modernizr function| yepnope function| $ function| jQuery object| focusControl

3 Cookies

Domain/Path Name / Value
.forms.clydesdalebankintermediaries.co.uk/ Name: TS01e071f5
Value: 0104786f7d1d959794d66241b7eaac492e49089ad8c21359908c0ac88f0b2610ce7151bb64f9f85029d1773768ff0cea070c8518b7
forms.clydesdalebankintermediaries.co.uk/brk-lm/ Name: TS01a9ad5e
Value: 0104786f7d1c685fdc2d647977abdfd5919e3ee3b3c21359908c0ac88f0b2610ce7151bb644ec4aef5177fbf33dbce199454a4bf190cdc3ee3bca7ea6a75f8a715a0fcc416
forms.clydesdalebankintermediaries.co.uk/brk-lm/ Name: JSESSIONID
Value: 0001_ZsMofM6ohHx6BuWd0zPNrn:-1021Q13

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security
X-Frame-Options DENY