barclays-verification.org Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://barclays-verification.org/
Submission: On July 06 via api (July 6th 2024, 2:40:25 pm UTC) from GB — Scanned from NL

Summary HTTP 27 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is barclays-verification.org.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.

This is the only time barclays-verification.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 7	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:235... 2600:9000:235a:9c00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	23.201.243.222 23.201.243.222	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	18.192.1.178 18.192.1.178	16509 (AMAZON-02) (AMAZON-02)
27	6

7 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

barclays-verification.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:235a:9c00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.201.243.222 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-243-222.deploy.static.akamaitechnologies.com

bank.barclays.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.1.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-1-178.eu-central-1.compute.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	barclays.co.uk bank.barclays.co.uk — Cisco Umbrella Rank: 133927 Failed	92 KB
7	barclays-verification.org 1 redirects barclays-verification.org	20 KB
3	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1370	53 KB
1	tealiumiq.com collect.tealiumiq.com — Cisco Umbrella Rank: 4214	528 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	83 KB
27	5

	Domain	Requested by
7	bank.barclays.co.uk	barclays-verification.org
7	barclays-verification.org	1 redirects barclays-verification.org code.jquery.com
3	tags.tiqcdn.com	barclays-verification.org tags.tiqcdn.com
1	collect.tealiumiq.com	tags.tiqcdn.com
1	code.jquery.com	barclays-verification.org
27	5

This site contains links to these domains. Also see Links.

Domain
www.barclays.co.uk
status.uk.barclays
www.bsigroup.com
www.iso.org
www.fscs.org.uk

Subject Issuer	Validity	Valid
barclays-verification.org WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
bank.barclays.co.uk DigiCert SHA2 Extended Validation Server CA	`2023-07-13` - `2024-08-08`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M02	`2024-06-25` - `2025-07-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://barclays-verification.org/
Frame ID: 55E204BE6659144E1E5C86AC9D839029
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Step 1 - Who are you? - Barclays Online Banking

Page URL History Show full URLs

https://barclays-verification.org/ Page URL
https://barclays-verification.org/cdn-cgi/phish-bypass?atok=KZlbIKdsDuF76ShnILD8bBDDrkzo4qMWIm0i4oNHXXw-172027... HTTP 301
https://barclays-verification.org/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

67 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

249 kB
Transfer

814 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.barclays.co.uk/security
Title: Secure

Search URL Search Domain Scan URL

URL: https://status.uk.barclays/
Title: status.uk.barclays

Search URL Search Domain Scan URL

URL: https://www.barclays.co.uk/help/online-banking/login/setup-passcode-word/
Title: find out how

Search URL Search Domain Scan URL

URL: https://www.barclays.co.uk/help/mobile-banking/pinsentry/info/
Title: www.barclays.co.uk/help/mobile-banking/pinsentry/info/

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/Contactus/Contactus/P1242561757335
Title: Contact us

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.barclays.co.uk/important-information/cookies-policy/
Title: See our cookies policy

Search URL Search Domain Scan URL

URL: http://www.bsigroup.com/

Search URL Search Domain Scan URL

URL: https://www.iso.org/isoiec-27001-information-security.html

Search URL Search Domain Scan URL

URL: https://www.barclays.co.uk/digisafe/

Search URL Search Domain Scan URL

URL: https://www.fscs.org.uk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://barclays-verification.org/ Page URL
https://barclays-verification.org/cdn-cgi/phish-bypass?atok=KZlbIKdsDuF76ShnILD8bBDDrkzo4qMWIm0i4oNHXXw-1720276815-0.0.1.1-%2F HTTP 301
https://barclays-verification.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
barclays-verification.org/ 4 KB
2 KB 65ms
20ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://barclays-verification.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673833f18b1722209253777f32c89f4900eb8916c8c85926837e97b7dca0c27c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-ray: 89f0595148116570-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 06 Jul 2024 14:40:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UbCl5dUq%2FZyBa1keWaJDheCwhWr4217rjHtTbDHS1AvL52AmyU31wSwqRjzSlrowOhVd3Rg31luqDw4QUNjGyHZO9mE9rMQHQzBhMKUVpQmE34%2BRqvyhfVUT%2Fyg6lVfgQIZXBWuO8r52rqy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
barclays-verification.org/cdn-cgi/styles/ 23 KB
5 KB 18ms
18ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://barclays-verification.org/cdn-cgi/styles/cf.errors.css

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jul 2024 09:57:21 GMT
server: cloudflare
etag: W/"66867201-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 89f0595168296570-AMS
expires: Sat, 06 Jul 2024 16:40:15 GMT

GET
H3 200 icon-exclamation.png
barclays-verification.org/cdn-cgi/images/ 452 B
634 B 17ms
17ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://barclays-verification.org/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/cdn-cgi/styles/cf.errors.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jul 2024 09:57:21 GMT
server: cloudflare
etag: "66867201-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 89f05951884a6570-AMS
content-length: 452
expires: Sat, 06 Jul 2024 16:40:15 GMT

GET
H3

200

Primary Request / Show response
barclays-verification.org/
Redirect Chain

https://barclays-verification.org/cdn-cgi/phish-bypass?atok=KZlbIKdsDuF76ShnILD8bBDDrkzo4qMWIm0i4oNHXXw-1720276815-0.0.1.1-%2F
https://barclays-verification.org/

70 KB
12 KB

192ms
192ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://barclays-verification.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e17d26f6ab1f7d86fe99961a739ae516d7a8c4c70ed6232a182b06661e29b285

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://barclays-verification.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89f059712ae96570-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 06 Jul 2024 14:40:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FUqvY7VfYT2b1iJHWK%2F0fwHuvVaWqQy3g4s8y8IaheWzZh2UKAj9ksbDQhsdDtnQsW4WM8OiaibFS9W%2FLbjPsgz9j5l2Upv05M1yoziIpcUzfd02X2hfqwVrjuyx3NeQpApiBYew26cPfku"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: private, no-cache
cf-ray: 89f059710ac26570-AMS
content-length: 167
content-type: text/html
date: Sat, 06 Jul 2024 14:40:20 GMT
location: https://barclays-verification.org/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/ 220 KB
46 KB 490ms
407ms Script
application/javascript 2600:9000:235a:9c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.js
Requested by: Host: barclays-verification.org
URL: https://barclays-verification.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a546728e7a41fa06ad91c73ead1e750b17ded92f4640060be48ca3b66655b4aa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 67MZWrt80ggqupiQS8xIHWy6aS7Il0yN
content-encoding: br
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront)
date: Sat, 06 Jul 2024 14:40:22 GMT
last-modified: Tue, 07 Mar 2023 05:26:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"0fa849dcc41d00eccc85713f3f3d9048"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: vLYFP-s6kR7a0PbRcBT3BW32HDcRD7b9P8Wa39hBfJ0NPUBJEWj6Gg==

GET
H3 404 bdlLogin-dss-jquery-libraries.min.js
barclays-verification.org/authlogin/ 0
0 180ms
178ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://barclays-verification.org/authlogin/bdlLogin-dss-jquery-libraries.min.js?v=1606745934868
Requested by: Host: barclays-verification.org
URL: https://barclays-verification.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYHpl5pYGn1W9qzgVj%2Bjv27VX1cAMkonP8MUKllmvHQB82RseMLxSly5tn29qn0soUd%2F%2BcDOLsMLDEatZ%2BqQ7pp44SlCbjU0yQTqhsiXNH8aN4ATJBgXTvXf52VSky%2FgqkS2VDKfsUXY4Sd9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 89f059726c3a6570-AMS
alt-svc: h3=":443"; ma=86400

GET polyfill.wp.js
bank.barclays.co.uk//authlogin/lib/ 0
0

GET
H2 200 angular.min.js Show response
bank.barclays.co.uk//js/myBarclays/vendor/angular/ 105 KB
39 KB 197ms
104ms Script
application/javascript 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk//js/myBarclays/vendor/angular/angular.min.js

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

f8ea0e980b8bdca260f9f81d0e98360c3080fdc7fd3992cf611e05701e2e8a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 May 2024 17:09:11 GMT
etag: W/"343243c98f96b22e6d376f603a8b8d5c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-length: 39894

GET
H2 200 angular-route.min.js Show response
bank.barclays.co.uk//js/myBarclays/vendor/angular/ 4 KB
2 KB 222ms
129ms Script
application/javascript 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk//js/myBarclays/vendor/angular/angular-route.min.js

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

225667650d0be401e4cb148aa2dea5ad695c19563d2f94cfa20aa7082c5c966a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 May 2024 17:09:10 GMT
etag: W/"1001f8ee549f549b20e27fb7cc07c3b3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-length: 1883

GET
H2 200 angular-sanitize.min.js Show response
bank.barclays.co.uk//js/myBarclays/vendor/angular/ 4 KB
3 KB 193ms
100ms Script
application/javascript 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk//js/myBarclays/vendor/angular/angular-sanitize.min.js

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

20318e023853ac4d3e1f231b0532de4c39d83c629a4155756c021e57825dc884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 May 2024 17:09:11 GMT
etag: W/"abdb94021a7497b8c970027579bfa1cd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-length: 2412

GET bdlLogin-rolb-dss.min.js
bank.barclays.co.uk//authlogin/ 0
0

GET bdlLogin-libraries.min.js
bank.barclays.co.uk//authlogin/ 0
0

GET bdlLogin-rolb-app.min.js
bank.barclays.co.uk//authlogin/ 0
0

GET
H2 200 s_codecookies.js Show response
bank.barclays.co.uk//js/sitecatalyst/ 52 KB
20 KB 182ms
91ms Script
application/javascript 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk//js/sitecatalyst/s_codecookies.js

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c8476ca18e6e6acf89b1409d488dd0d95ea02b80b0c3b089e131c161ed7561b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 May 2024 17:09:12 GMT
etag: W/"9ccd2a1171865f48689b01d4f22b6eb3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-length: 20234

GET 6bb5a42d.min.js
bank.barclays.co.uk//js/bc/2.8.1/ 0
0

GET
H2 200 jquery-3.5.1.js Show response
code.jquery.com/ 281 KB
83 KB 101ms
17ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.js
Requested by: Host: barclays-verification.org
URL: https://barclays-verification.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Origin: https://barclays-verification.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10233664
x-cache: HIT, HIT
content-length: 84374
x-served-by: cache-lga21971-LGA, cache-bru1480065-BRU
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1720276821.944996,VS0,VE0
etag: W/"28feccc0-4638e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 19442, 380

GET rolb-theme-2-0.css
bank.barclays.co.uk/authlogin/css/ 0
0

GET authlogin-bdl.min.css
bank.barclays.co.uk/authlogin/css/ 0
0

GET
H2 200 1321217916907-bsikitemarklogo.png
bank.barclays.co.uk/OLB/A/Content/Images/ 13 KB
13 KB 140ms
138ms Image
image/png 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/1321217916907-bsikitemarklogo.png

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2024 11:38:13 GMT
etag: "9e434283010fc8397c6a99ff07988d3a"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 13516

GET 1321217916492-iso27001footer.JPG
bank.barclays.co.uk/OLB/A/Content/Images/ 0
0

GET
H2 200 1321217918424-cyberfooter.jpg
bank.barclays.co.uk/OLB/A/Content/Images/ 9 KB
9 KB 91ms
90ms Image
image/jpeg 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/1321217918424-cyberfooter.jpg

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2024 11:38:13 GMT
etag: "a2ea6d00cdea2bbc998c99a0229fff01"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 9222

GET
H2 200 login-fscs.png
bank.barclays.co.uk/OLB/A/Content/Images/ 5 KB
5 KB 86ms
86ms Image
image/png 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/login-fscs.png

Requested by

Host: barclays-verification.org
URL: https://barclays-verification.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2024 11:38:29 GMT
etag: "dfd9eabfa0f659075e60dbd342e02c80"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 5419

GET bdlLogin.bootstrap.min.js
bank.barclays.co.uk/authlogin/ 0
0

GET
H2 200 utag.34.js Show response
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/ 23 KB
7 KB 126ms
125ms Script
application/javascript 2600:9000:235a:9c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e403ca417508832cedb771593ce705d180825d7d4e3b2643e295c0c6f83ce3fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: JC5i7yqP3vOiv45FZfXDkg_lSVfJmjMq
content-encoding: br
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront)
date: Sat, 06 Jul 2024 14:40:22 GMT
last-modified: Tue, 07 Mar 2023 05:26:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"9e48505d4f97c7d22099821f568b26fe"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: RUxlRbM9_CoG25rfaUgj_VVsJTkvNpt_mEKqLB3EyhhRbTcYx4RMfQ==

POST
H2 200 event Show response
collect.tealiumiq.com/ 0
528 B 78ms
23ms XHR
application/json 18.192.1.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/event
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.1.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-1-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jul 2024 14:40:21 GMT
x-serverid: uconnect_i-027e1838cb1e5d732
x-tid: 0190887d2578004aaa2944c1a9540506f002206700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: barclaysuk:barclays-web:2:event
x-region: eu-central-1
pragma: no-cache
vary: Origin
content-type: application/json
access-control-allow-origin: https://barclays-verification.org
x-ulver: 48d6d444c60a48b0fb994a4aed1c725e05c4a4b7-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 627eda43-7b5c-451f-b295-c1ed1aee730d
expires: Sat, 06 Jul 2024 14:40:21 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 22ms
22ms Script
application/javascript 2600:9000:235a:9c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=barclaysuk/barclays-olb/202110221035&cb=1720276821512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://barclays-verification.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sat, 06 Jul 2024 14:38:51 GMT
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 91
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: t5hRra1a6AKCJNsnZrNG36Y6K6yHmq-OU9XsWP9mgvtKIPVv4569iw==

GET
H3 200 activity.php Show response
barclays-verification.org/files/ 86 B
499 B 100ms
100ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://barclays-verification.org/files/activity.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b9c1086b5dcf3f21fd0d7d137cde4a28f8f7598473f940189c4150c179b843

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: */*
Referer: https://barclays-verification.org/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 14:40:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7AAnS4g0dgOWk1Ji9DXvXr%2B6M%2Brj4lrtftSqDEpOralMRto3duLKPZ1Rql5FBDBy88M0mch3gMC1kom5M0gEXIl0LpOLFJtf1KcPj%2BYexg1eBC6JjDNydHTkAz1mAbRPW7qZsE8P2ueISLN"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 89f05986ad836570-AMS
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk//authlogin/lib/polyfill.wp.js

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk//authlogin/bdlLogin-rolb-dss.min.js?v=1606745934868

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk//authlogin/bdlLogin-libraries.min.js?v=1606745934868

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk//authlogin/bdlLogin-rolb-app.min.js?v=1606745934868

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk//js/bc/2.8.1/6bb5a42d.min.js

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/authlogin/css/rolb-theme-2-0.css?v=1606745934868

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/authlogin/css/authlogin-bdl.min.css?v=1606745934868

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/OLB/A/Content/Images/1321217916492-iso27001footer.JPG

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/authlogin/bdlLogin.bootstrap.min.js?v=1606745934868

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.barclays-verification.org/	1970-01-20 21:52:43	Name: __cf_mw_byp Value: KZlbIKdsDuF76ShnILD8bBDDrkzo4qMWIm0i4oNHXXw-1720276815-0.0.1.1-/
barclays-verification.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: jhs5mu5tm63eqiaphalkes30mg
.barclays-verification.org/	1970-01-21 06:36:52	Name: utag_main Value: v_id:0190887d2578004aaa2944c1a9540506f002206700b08$_sn:1$_se:1$_ss:1$_st:1720278621369$ses_id:1720276821369%3Bexp-session$_pn:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://barclays-verification.org/authlogin/bdlLogin-dss-jquery-libraries.min.js?v=1606745934868 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
barclays-verification.org
code.jquery.com
collect.tealiumiq.com
tags.tiqcdn.com
bank.barclays.co.uk
18.192.1.178
188.114.96.3
23.201.243.222
2600:9000:235a:9c00:7:2bfb:7c00:93a1
2a04:4e42::649
20318e023853ac4d3e1f231b0532de4c39d83c629a4155756c021e57825dc884
225667650d0be401e4cb148aa2dea5ad695c19563d2f94cfa20aa7082c5c966a
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
673833f18b1722209253777f32c89f4900eb8916c8c85926837e97b7dca0c27c
6c8476ca18e6e6acf89b1409d488dd0d95ea02b80b0c3b089e131c161ed7561b
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a546728e7a41fa06ad91c73ead1e750b17ded92f4640060be48ca3b66655b4aa
b4b9c1086b5dcf3f21fd0d7d137cde4a28f8f7598473f940189c4150c179b843
e17d26f6ab1f7d86fe99961a739ae516d7a8c4c70ed6232a182b06661e29b285
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e403ca417508832cedb771593ce705d180825d7d4e3b2643e295c0c6f83ce3fb
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f8ea0e980b8bdca260f9f81d0e98360c3080fdc7fd3992cf611e05701e2e8a36

barclays-verification.org Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

67 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

249 kBTransfer

814 kBSize

3 Cookies

11 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

27 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

barclays-verification.org Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

67 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

249 kB
Transfer

814 kB
Size

3
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!