hmrc-taxrebate.info Open in urlscan Pro
199.188.200.96 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Submission: On November 23 via automatic, source openphish (November 23rd 2020, 1:39:40 am UTC)

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 199.188.200.96, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is hmrc-taxrebate.info.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 22nd 2020. Valid for: a year.

This is the only time hmrc-taxrebate.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 22	199.188.200.96 199.188.200.96	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 1	2606:4700:303... 2606:4700:3031::681c:1477	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	4

22 199.188.200.96 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server247-4.web-hosting.com

hmrc-taxrebate.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681c:1477 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jqueryvalidation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	hmrc-taxrebate.info 1 redirects hmrc-taxrebate.info	210 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	jqueryvalidation.org 1 redirects jqueryvalidation.org	606 B
1	jsdelivr.net cdn.jsdelivr.net	12 KB
1	googleapis.com ajax.googleapis.com	33 KB
24	5

	Domain	Requested by
22	hmrc-taxrebate.info	1 redirects hmrc-taxrebate.info
1	cdnjs.cloudflare.com	hmrc-taxrebate.info
1	jqueryvalidation.org	1 redirects
1	cdn.jsdelivr.net	hmrc-taxrebate.info
1	ajax.googleapis.com	hmrc-taxrebate.info
24	5

This site contains no links.

Subject Issuer	Validity	Valid
hmrc-taxrebate.info Sectigo RSA Domain Validation Secure Server CA	`2020-11-22` - `2021-11-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Frame ID: 2D947DDC93DD0B06D2E9E448372F3265
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hmrc-taxrebate.info/banks/bank.barclays.co.uk HTTP 301
https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

260 kB
Transfer

539 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hmrc-taxrebate.info/banks/bank.barclays.co.uk HTTP 301
https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://jqueryvalidation.org/files/dist/additional-methods.min.js HTTP 301
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Redirect Chain

https://hmrc-taxrebate.info/banks/bank.barclays.co.uk
https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/

22 KB
7 KB

193ms
192ms

Document
text/html

199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache / PHP/7.2.34
Resource Hash: bce3dc1ad9f94fb7e3c6c0409fdfbddb78ef56bd2e30a58cae9a91fc8b60ca96

Request headers

:method: GET
:authority: hmrc-taxrebate.info
:scheme: https
:path: /banks/bank.barclays.co.uk/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
server: Apache
x-powered-by: PHP/7.2.34
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=0dda7aea57438b79457b7e0372998f86; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 6394
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 23 Nov 2020 01:39:22 GMT
server: Apache
location: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
content-length: 262
content-type: text/html; charset=iso-8859-1

GET
H2 200 login.css
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/ 166 KB
18 KB 351ms
350ms Stylesheet
text/css 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: de4939f8f96204dc9156fe2bf58d46616294099bf730ab194eacfb4c816d9a31

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 05:40:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: none
content-length: 18311

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113729
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:03:54 GMT

GET
H2 200 jquery.payment.js Show response
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/js/ 17 KB
3 KB 185ms
184ms Script
application/javascript 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/js/jquery.payment.js
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 190b90b1f62ad6798fca4c93adce6d0205c13b960b609af306f2d87b54885f85

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3425

GET
H2 200 jquery.validate.js Show response
cdn.jsdelivr.net/jquery.validation/1.14.0/ 42 KB
12 KB 18ms
5ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.validation/1.14.0/jquery.validate.js

Requested by

Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad5da6112553bd7511aea64dd18d23cef797432148142d766424c900dd919d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 299584
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 11438
etag: W/"a686-lD4vCzGkRPW9lmVTvUVEazM4/T0"
x-served-by: cache-fra19141-FRA, cache-hhn4031-HHN
date: Mon, 23 Nov 2020 01:39:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/
Redirect Chain

https://jqueryvalidation.org/files/dist/additional-methods.min.js
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js

22 KB
6 KB

24ms
12ms

Script
application/javascript

2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js

Requested by

Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 225673
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 5693
cf-request-id: 06945a82290000bf0a36b52000000001
timing-allow-origin: *
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
etag: "5ed13e63-5884"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=190O8Ry%2FjHEjjCCUbI4KzYpstUCzlh%2B6VtA3JDQQYC9Becyv8T1q37K2ie%2F6Vs8iKFKMzHTRYidixIisapluunje%2F6f2z2Xi1N24OuKltJSthOJHfSUQMprF8Iq%2FDjq5Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f672d16a8e8bf0a-FRA
expires: Sat, 13 Nov 2021 01:39:23 GMT

Redirect headers

date: Mon, 23 Nov 2020 01:39:23 GMT
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rPyKzHpsfbqFm5tx%2FGNuqisGdnSZCXvrc7xf%2FvNwBcd2Shdr1OtN5iCtrzS2ySoSTJUWkzmGuIgeyH3sFV1lXI16TpP2nGmW0rQqS0Uy%2Be%2F6ofoQTW0V1VqrnrPG8yB9Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.min.js
cache-control: max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5f672d168a08c290-FRA
cf-request-id: 06945a82120000c29083aaf000000001
expires: Mon, 23 Nov 2020 02:39:23 GMT

GET
H2 200 logo.png
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 4 KB
4 KB 184ms
184ms Image
image/png 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/logo.png
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 3776
content-type: image/png

GET
H2 200 card_number_card.jpg
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 6 KB
6 KB 186ms
185ms Image
image/jpeg 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/card_number_card.jpg
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 6ee1441c9f75388b957221fbc58d686c840012e845ed6e43b9a1cf85ac003e6d

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 6468
content-type: image/jpeg

GET
H2 200 sortcode_account_number_card.jpg
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 6 KB
6 KB 335ms
334ms Image
image/jpeg 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/sortcode_account_number_card.jpg
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: d0060cbe7b7e1348fd897b9c2b80fdc0c2c549d9774d3f691a7eb443bd5c6466

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 6215
content-type: image/jpeg

GET
H2 200 pin_step_1.jpg
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 23 KB
23 KB 353ms
352ms Image
image/jpeg 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/pin_step_1.jpg
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 0e078c07e5e5b37614fabdfc2e1326a9af8bee6786e835ec4ed690defcdc35aa

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 23367
content-type: image/jpeg

GET
H2 200 pin_step_2.jpg
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 36 KB
37 KB 510ms
509ms Image
image/jpeg 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/pin_step_2.jpg
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 75dd403e2153b8eb869dd36d4fd801226b7fbbc579c26592978b02c33e30d4df

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 37248
content-type: image/jpeg

GET
H2 200 pin_step_3.jpg
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 20 KB
20 KB 658ms
657ms Image
image/jpeg 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/pin_step_3.jpg
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 4df67877ff869b00a30f041ae17efa62f9d7879196c2887ae4927d14d5332602

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 20185
content-type: image/jpeg

GET
H2 200 FSCS.jpg
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 10 KB
10 KB 335ms
334ms Image
image/jpeg 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/FSCS.jpg
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:44 GMT
server: Apache
accept-ranges: bytes
content-length: 10036
content-type: image/jpeg

GET
H2 200 premier.jpg
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 4 KB
4 KB 186ms
185ms Image
image/jpeg 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/premier.jpg
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 4357
content-type: image/jpeg

GET
H2 200 logo.gif
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 4 KB
4 KB 653ms
653ms Image
image/gif 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/logo.gif
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 3831
content-type: image/gif

GET
H2 200 login-panel-header-active-arrow.gif
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 129 B
250 B 653ms
653ms Image
image/gif 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/login-panel-header-active-arrow.gif
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 129
content-type: image/gif

GET
H2 200 radiosprite.gif
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 860 B
981 B 705ms
705ms Image
image/gif 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/radiosprite.gif
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 4710f88c657b9ce094b80cf825b3c4c981499501de33ded45929dcdcede6e6f8

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 860
content-type: image/gif

GET
H2 200 checkbox-sprite.png
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 635 B
756 B 705ms
705ms Image
image/png 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/checkbox-sprite.png
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 5e39fe62b15262d3c80dd21fa4444f0e85303b49b83c5d5069d8f2a6e3cecaa1

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 635
content-type: image/png

GET
H2 200 login-panel-header-disabled-arrow.gif
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 183 B
304 B 704ms
704ms Image
image/gif 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/login-panel-header-disabled-arrow.gif
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 183
content-type: image/gif

GET
H2 200 side-bar-arrow.png
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/ 224 B
345 B 705ms
704ms Image
image/png 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/img/side-bar-arrow.png
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819

Request headers

Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:46 GMT
server: Apache
accept-ranges: bytes
content-length: 224
content-type: image/png

GET
H2 200 expertsans-bold-webfont.woff
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/ 20 KB
20 KB 807ms
806ms Font
font/woff 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/expertsans-bold-webfont.woff
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc

Request headers

Origin: https://hmrc-taxrebate.info
Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:44 GMT
server: Apache
accept-ranges: bytes
content-length: 20080
content-type: font/woff

GET
H2 200 expertsans-light-webfont.woff
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/ 22 KB
22 KB 704ms
704ms Font
font/woff 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/expertsans-light-webfont.woff
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5

Request headers

Origin: https://hmrc-taxrebate.info
Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:44 GMT
server: Apache
accept-ranges: bytes
content-length: 22612
content-type: font/woff

GET
H2 200 ftb-new-login-icons.woff
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/ 1 KB
1 KB 865ms
865ms Font
font/woff 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/ftb-new-login-icons.woff
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 7a757682c4457ddfbf0e39e2298a9e07d662fcd3dcbe481fe6673742d17b7116

Request headers

Origin: https://hmrc-taxrebate.info
Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:44 GMT
server: Apache
accept-ranges: bytes
content-length: 1344
content-type: font/woff

GET
H2 200 expertsans-regular-webfont.woff
hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/ 21 KB
22 KB 821ms
821ms Font
font/woff 199.188.200.96
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/fonts/expertsans-regular-webfont.woff
Requested by: Host: hmrc-taxrebate.info
URL: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.96 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server247-4.web-hosting.com
Software: Apache /
Resource Hash: 4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f

Request headers

Origin: https://hmrc-taxrebate.info
Referer: https://hmrc-taxrebate.info/banks/bank.barclays.co.uk/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 01:39:23 GMT
last-modified: Thu, 30 Apr 2020 05:40:44 GMT
server: Apache
accept-ranges: bytes
content-length: 21924
content-type: font/woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hmrc-taxrebate.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0dda7aea57438b79457b7e0372998f86

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
hmrc-taxrebate.info
jqueryvalidation.org
199.188.200.96
2606:4700:3031::681c:1477
2606:4700::6810:125e
2a00:1450:4001:803::200a
2a04:4e42:1b::621
0e078c07e5e5b37614fabdfc2e1326a9af8bee6786e835ec4ed690defcdc35aa
190b90b1f62ad6798fca4c93adce6d0205c13b960b609af306f2d87b54885f85
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3
4710f88c657b9ce094b80cf825b3c4c981499501de33ded45929dcdcede6e6f8
4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f
4df67877ff869b00a30f041ae17efa62f9d7879196c2887ae4927d14d5332602
56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710
5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff
5e39fe62b15262d3c80dd21fa4444f0e85303b49b83c5d5069d8f2a6e3cecaa1
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6ee1441c9f75388b957221fbc58d686c840012e845ed6e43b9a1cf85ac003e6d
71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819
75dd403e2153b8eb869dd36d4fd801226b7fbbc579c26592978b02c33e30d4df
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c
7a757682c4457ddfbf0e39e2298a9e07d662fcd3dcbe481fe6673742d17b7116
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
ad5da6112553bd7511aea64dd18d23cef797432148142d766424c900dd919d0a
adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
bce3dc1ad9f94fb7e3c6c0409fdfbddb78ef56bd2e30a58cae9a91fc8b60ca96
d0060cbe7b7e1348fd897b9c2b80fdc0c2c549d9774d3f691a7eb443bd5c6466
de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309
de4939f8f96204dc9156fe2bf58d46616294099bf730ab194eacfb4c816d9a31
f56f823e0bd75388778cbccca78bcf7453c2c03c889274da7b47eebbc37b86b5

hmrc-taxrebate.info Open in urlscan Pro 199.188.200.96 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

260 kBTransfer

539 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

Indicators

hmrc-taxrebate.info Open in urlscan Pro
199.188.200.96 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

260 kB
Transfer

539 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!