bankingsupport-representative.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bankingsupport-representative.web.app/
Effective URL:
https://bankingsupport-representative.web.app/
Submission: On June 15 via manual (June 15th 2024, 11:47:37 am UTC) from GB — Scanned from GB

Summary HTTP 21 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is bankingsupport-representative.web.app.
TLS certificate: Issued by WR4 on May 21st 2024. Valid for: 3 months.

This is the only time bankingsupport-representative.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address	AS Autonomous System
5	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
5	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	5.255.88.142 5.255.88.142	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4	23.201.243.222 23.201.243.222	16625 (AKAMAI-AS) (AKAMAI-AS)
21	6

5 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

bankingsupport-representative.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

bankingsupport-representative.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.255.88.142 (Markenbinnen, Netherlands)

ASN50673 (SERVERIUS-AS, NL)

c0dersapi.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.201.243.222 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-243-222.deploy.static.akamaitechnologies.com

bank.barclays.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	web.app bankingsupport-representative.web.app	120 KB
4	barclays.co.uk bank.barclays.co.uk — Cisco Umbrella Rank: 170176	262 KB
3	c0dersapi.pro c0dersapi.pro	538 B
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 11645	899 B
21	4

	Domain	Requested by
10	bankingsupport-representative.web.app	bankingsupport-representative.web.app
4	bank.barclays.co.uk
3	c0dersapi.pro	bankingsupport-representative.web.app
1	ipapi.co	bankingsupport-representative.web.app
21	4

This site contains links to these domains. Also see Links.

Domain
status.uk.barclays
www.barclays.co.uk
www.bsigroup.com
www.iso.org
www.fscs.org.uk

Subject Issuer	Validity	Valid
web.app WR4	`2024-05-21` - `2024-08-19`	3 months	crt.sh
ipapi.co E1	`2024-05-07` - `2024-08-05`	3 months	crt.sh
c0dersapi.pro E6	`2024-06-12` - `2024-09-10`	3 months	crt.sh
bank.barclays.co.uk DigiCert SHA2 Extended Validation Server CA	`2023-07-13` - `2024-08-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bankingsupport-representative.web.app/
Frame ID: 32CF1DE4A28702C0DD4EFD999D603D98
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account Security

Page URL History Show full URLs

http://bankingsupport-representative.web.app/ HTTP 307
https://bankingsupport-representative.web.app/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Page Statistics

21
Requests

86 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

3
Countries

383 kB
Transfer

716 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://status.uk.barclays/
Title: Service status

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/Contactus/Contactus/P1242561757335
Title: Contact us

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/security
Title: Security

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.barclays.co.uk/important-information/cookies-policy/
Title: See our cookies policy

Search URL Search Domain Scan URL

URL: http://www.bsigroup.com/

Search URL Search Domain Scan URL

URL: https://www.iso.org/isoiec-27001-information-security.html

Search URL Search Domain Scan URL

URL: https://www.barclays.co.uk/digisafe/

Search URL Search Domain Scan URL

URL: https://www.fscs.org.uk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bankingsupport-representative.web.app/ HTTP 307
https://bankingsupport-representative.web.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bankingsupport-representative.web.app/
Redirect Chain

http://bankingsupport-representative.web.app/
https://bankingsupport-representative.web.app/

3 KB
1 KB

147ms
43ms

Document
text/html

2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

38f933b01277a4482dbc9f8c12a7bdc0f0d853eaa895f67bf7a1042688d7b92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 821
content-type: text/html; charset=utf-8
date: Sat, 15 Jun 2024 11:47:33 GMT
etag: "a42d342d302e1153eecacec76c7c7d2991d839bb687b4a45da93c62c1948ff9c-br"
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600052-LCY
x-timer: S1718452053.353958,VS0,VE1

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://bankingsupport-representative.web.app/
Non-Authoritative-Reason: HSTS

GET
H2 200 6.63c25342e2631cf03ac34.279999813638529.js Show response
bankingsupport-representative.web.app/_nuxt/ 2 KB
1 KB 45ms
44ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/_nuxt/6.63c25342e2631cf03ac34.279999813638529.js

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af6a8f9ed9e1b7692be40832237aa95987e0e3be566d9fcf7ae60549a15fa802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-lcy-eglc8600052-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452053.401822,VS0,VE1
etag: "eb56bcaed09dccc7dc0d3f13debf5d3d46363bfb934e9a58a0077a5b03ae6622-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1100
x-cache-hits: 0

GET
H2 200 1.55aea165b2aa37ad4d8a7.753211789620695.js Show response
bankingsupport-representative.web.app/_nuxt/ 199 KB
61 KB 46ms
45ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/_nuxt/1.55aea165b2aa37ad4d8a7.753211789620695.js

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

649ce74e140a9eba0ae6dcfeb00ea188e649e9ac2f25ba01a2a78040c411c5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-lcy-eglc8600052-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452053.401949,VS0,VE1
etag: "1ab469a0792e90da449eaad7f3a94657e964686739ed0f5fbe5aa4169f975d25-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 61962
x-cache-hits: 0

GET
H2 200 7.15c15b350f6397818c227.753211789620695.js Show response
bankingsupport-representative.web.app/_nuxt/ 94 KB
23 KB 46ms
46ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/_nuxt/7.15c15b350f6397818c227.753211789620695.js

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

abe4a02d519ef7dc6b267eb324e2865f33ae0ccd0086a429780f7197613383a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-lcy-eglc8600052-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452053.402244,VS0,VE1
etag: "4938d76dcf0eaa1f2494c59a455bb67c45ce28e8c28101a59b30785b421b1b70-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23487
x-cache-hits: 0

GET
H2 200 0.6dab861d43462314905e7.753211789620695.js Show response
bankingsupport-representative.web.app/_nuxt/ 119 B
227 B 43ms
43ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/_nuxt/0.6dab861d43462314905e7.753211789620695.js

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

883b3a3ffd23e36fff630d67295247a0b1e1c5cd2b119f41c16c1d9e04502f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-lcy-eglc8600052-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452053.401915,VS0,VE1
etag: "22e4a0d775c426dedd838def53d47004fc942ca5625273472f87415c930e5652-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 93
x-cache-hits: 0

GET
H3 200 2.9d9f021712001b7b0e747.753211789620695.js Show response
bankingsupport-representative.web.app/_nuxt/ 30 KB
11 KB 56ms
56ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/_nuxt/2.9d9f021712001b7b0e747.753211789620695.js

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/_nuxt/6.63c25342e2631cf03ac34.279999813638529.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0fb870e121e81de8d5d3b58af6d40937d832fdf7fd877365b3934d39da3977fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220123-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452054.527114,VS0,VE2
etag: "8fd4734de40b87db05517d14d47b6e084f1fba01c61156e879e75a4f6087ef25-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10732
x-cache-hits: 0

GET
H3 200 8.0cd8fa822934fa0d37987.753211789620695.js Show response
bankingsupport-representative.web.app/_nuxt/ 22 KB
6 KB 55ms
55ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/_nuxt/8.0cd8fa822934fa0d37987.753211789620695.js

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/_nuxt/6.63c25342e2631cf03ac34.279999813638529.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6a5a85e9a92c295239ca87b5de403b111609ecb03984b50720e89e308db8ad49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220123-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452054.527078,VS0,VE1
etag: "5c025567f1a36b92f398c6e067cd0666a89c6360db7336c6bb9803e9773866f0-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6143
x-cache-hits: 0

GET
H3 200 5.def0475e28d839aa693b7.753211789620695.js Show response
bankingsupport-representative.web.app/_nuxt/ 98 KB
15 KB 54ms
53ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/_nuxt/5.def0475e28d839aa693b7.753211789620695.js

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/_nuxt/6.63c25342e2631cf03ac34.279999813638529.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a996d4b6c39ffc68e556a0c5e4599fd4856316462dae4e2ffd1d5558f157ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220123-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452054.527102,VS0,VE1
etag: "0e318bd181e8fe93884812ec6b1b38e060da5286eccce5b41cba5602a2897dce-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14794
x-cache-hits: 0

GET
H3 200 ownerInfo.json Show response
bankingsupport-representative.web.app/files/ 74 B
394 B 55ms
53ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/files/ownerInfo.json

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/_nuxt/2.9d9f021712001b7b0e747.753211789620695.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ab379a2ee28c1d95f9ff9fce29f68d8ad24fe8fc15552afa0b8c59b99a7de57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220123-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452054.607474,VS0,VE1
etag: "4a1362ec7e3eac7fafdd49fbce6af0b821253e3f43260f129aaf92397d9944af-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 69
x-cache-hits: 0

GET
H3 200 favicon.ico
bankingsupport-representative.web.app/ 2 KB
2 KB 58ms
57ms Other
image/x-icon 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankingsupport-representative.web.app/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fda4a49d5ab5400152fad9456827b7d84bfa9e82a5d78824732486818e66955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220123-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 15 Jun 2024 11:47:33 GMT
last-modified: Sat, 15 Jun 2024 10:04:07 GMT
x-timer: S1718452054.608403,VS0,VE3
etag: "5ade7a099e4409fc49d0361ef9967667938ff3d3e2f0e4d65233dd05bc4617be-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/x-icon
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1263
x-cache-hits: 0

GET
H2 200 json Show response
ipapi.co/ 763 B
899 B 359ms
257ms Fetch
application/json 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json

Requested by

Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/_nuxt/5.def0475e28d839aa693b7.753211789620695.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c383bf05a3d491a735028009ae9f769ff13808a3d9cf93695f7952093decd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 11:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: GET, HEAD, OPTIONS, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://bankingsupport-representative.web.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5nDNYgfsIPpNreb8ZH5JK5dr7PMs5Du85%2BQFSzSghDnBEsfT0Knu3myvY7vH2%2FRnIEnWPJVccVJFacunN7VF3Yhey7JsBfahncU72iil5M6dHcZIO91Qt06o4u8x4M6YO0XVecH"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 89425377ff1c947f-LHR

GET
H/1.1 200
OK 2a01:4a0:2c::9 Show response
c0dersapi.pro/checkIp/ 2 B
269 B 163ms
53ms Fetch
text/plain 5.255.88.142
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c0dersapi.pro/checkIp/2a01:4a0:2c::9
Requested by: Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/_nuxt/5.def0475e28d839aa693b7.753211789620695.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.255.88.142 Markenbinnen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 11:47:34 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 2

OPTIONS
H/1.1 204
No Content giveVisitor
c0dersapi.pro/ 0
0 50ms
50ms Preflight 5.255.88.142
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c0dersapi.pro/giveVisitor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.255.88.142 Markenbinnen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bankingsupport-representative.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Jun 2024 11:47:34 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Access-Control-Request-Headers
X-Powered-By: Express

POST
H/1.1 200
OK giveVisitor Show response
c0dersapi.pro/ 2 B
269 B 60ms
60ms XHR
text/plain 5.255.88.142
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c0dersapi.pro/giveVisitor
Requested by: Host: bankingsupport-representative.web.app
URL: https://bankingsupport-representative.web.app/_nuxt/2.9d9f021712001b7b0e747.753211789620695.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.255.88.142 Markenbinnen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bankingsupport-representative.web.app/
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 11:47:34 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 2

GET
H2 200 mark-of-trust-kitemark-logo.png
bank.barclays.co.uk/OLB/A/Content/Images/ 44 KB
44 KB 446ms
298ms Image
image/png 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/mark-of-trust-kitemark-logo.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

cfb4f173773e27492a29df5d845616dc8e277f27a3f7c844f1ae456f95393c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 11:47:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2024 14:04:17 GMT
etag: "8bb4f75752b108991ca1feb733ad14d5"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 44674

GET
H2 200 mark-of-trust-certified-logo.png
bank.barclays.co.uk/OLB/A/Content/Images/ 46 KB
46 KB 335ms
187ms Image
image/png 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/mark-of-trust-certified-logo.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

890910ea7ff6e5484f37a80f492f03b7c6a49ce73089d732de137ec4f968bacc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 11:47:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2024 14:04:17 GMT
etag: "61eb662d32c666cb3fb274c1a88480b1"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 47348

GET
H2 200 Cyber-Essentials-Plus-logo.png
bank.barclays.co.uk/OLB/A/Content/Images/ 166 KB
166 KB 342ms
194ms Image
image/png 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/Cyber-Essentials-Plus-logo.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

53658b0d2d395aad315abf3906b9e9a95f9601727b9df0630b9cd87e6c90a0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 11:47:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2024 14:04:14 GMT
etag: "fbbabac4bbd535a95673f9901ada8b12"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 169688

GET
H2 200 login-fscs.png
bank.barclays.co.uk/OLB/A/Content/Images/ 5 KB
5 KB 345ms
197ms Image
image/png 23.201.243.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/login-fscs.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.243.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-243-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankingsupport-representative.web.app/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 11:47:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2024 14:04:17 GMT
etag: "dfd9eabfa0f659075e60dbd342e02c80"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 5419

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET Padlock_icon.svg
bank.barclays.co.uk/authlogin/img/ 0
0

GET expert-sans-regular.woff
bank.barclays.co.uk/authlogin/css/fonts/ 0
0

GET expert-sans-light.woff
bank.barclays.co.uk/authlogin/css/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/authlogin/img/Padlock_icon.svg

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-regular.woff

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-light.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://bankingsupport-representative.web.app/ Message: Access to font at 'https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-light.woff' from origin 'https://bankingsupport-representative.web.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bankingsupport-representative.web.app/ Message: Access to font at 'https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-regular.woff' from origin 'https://bankingsupport-representative.web.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-regular.woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
bankingsupport-representative.web.app
c0dersapi.pro
ipapi.co
bank.barclays.co.uk
199.36.158.100
23.201.243.222
2606:4700:20::681a:92c
2620:0:890::100
5.255.88.142
0ab379a2ee28c1d95f9ff9fce29f68d8ad24fe8fc15552afa0b8c59b99a7de57
0fb870e121e81de8d5d3b58af6d40937d832fdf7fd877365b3934d39da3977fb
1a996d4b6c39ffc68e556a0c5e4599fd4856316462dae4e2ffd1d5558f157ea0
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
38f933b01277a4482dbc9f8c12a7bdc0f0d853eaa895f67bf7a1042688d7b92b
53658b0d2d395aad315abf3906b9e9a95f9601727b9df0630b9cd87e6c90a0f2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
649ce74e140a9eba0ae6dcfeb00ea188e649e9ac2f25ba01a2a78040c411c5b4
6a5a85e9a92c295239ca87b5de403b111609ecb03984b50720e89e308db8ad49
7fda4a49d5ab5400152fad9456827b7d84bfa9e82a5d78824732486818e66955
883b3a3ffd23e36fff630d67295247a0b1e1c5cd2b119f41c16c1d9e04502f49
890910ea7ff6e5484f37a80f492f03b7c6a49ce73089d732de137ec4f968bacc
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91
abe4a02d519ef7dc6b267eb324e2865f33ae0ccd0086a429780f7197613383a6
af6a8f9ed9e1b7692be40832237aa95987e0e3be566d9fcf7ae60549a15fa802
cfb4f173773e27492a29df5d845616dc8e277f27a3f7c844f1ae456f95393c49
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6
e4c383bf05a3d491a735028009ae9f769ff13808a3d9cf93695f7952093decd1

bankingsupport-representative.web.app Open in urlscan Pro 2620:0:890::100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

86 %HTTPS

40 %IPv6

4 Domains

4 Subdomains

6 IPs

3 Countries

383 kBTransfer

716 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

0 Cookies

4 Console Messages

Security Headers

Indicators

bankingsupport-representative.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

86 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

3
Countries

383 kB
Transfer

716 kB
Size

0
Cookies

21 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!