bactrial011.dnsalias.net Open in urlscan Pro
18.233.226.115 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bactrial011.dnsalias.net/login/index.php
Submission: On August 17 via api (August 17th 2023, 7:20:10 pm UTC) from GB — Scanned from GB

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 18.233.226.115, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bactrial011.dnsalias.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 17th 2023. Valid for: 3 months.

This is the only time bactrial011.dnsalias.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	18.233.226.115 18.233.226.115	14618 (AMAZON-AES) (AMAZON-AES)
21	104.93.249.139 104.93.249.139	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.211.186.134 52.211.186.134	16509 (AMAZON-02) (AMAZON-02)
23	4

1 18.233.226.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-226-115.compute-1.amazonaws.com

bactrial011.dnsalias.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.93.249.139 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a104-93-249-139.deploy.static.akamaitechnologies.com

static.barclaycardus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.186.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-186-134.eu-west-1.compute.amazonaws.com

barclaybankdelaware.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	barclaycardus.com static.barclaycardus.com — Cisco Umbrella Rank: 69780	250 KB
1	demdex.net barclaybankdelaware.demdex.net — Cisco Umbrella Rank: 64169	3 KB
1	dnsalias.net bactrial011.dnsalias.net	16 KB
23	3

	Domain	Requested by
21	static.barclaycardus.com	bactrial011.dnsalias.net static.barclaycardus.com
1	barclaybankdelaware.demdex.net	bactrial011.dnsalias.net
1	bactrial011.dnsalias.net
23	3

This site contains no links.

Subject Issuer	Validity	Valid
bactrial011.dnsalias.net cPanel, Inc. Certification Authority	`2023-08-17` - `2023-11-15`	3 months	crt.sh
www.barclaycardus.com DigiCert SHA2 Extended Validation Server CA	`2023-05-09` - `2023-11-23`	7 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://bactrial011.dnsalias.net/login/index.php
Frame ID: 4774F16A759A8799F66BB73C2626B47B
Requests: 15 HTTP requests in this frame

Frame: https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0
Frame ID: F2A3B6DD447504409D3AB324089C489E
Requests: 1 HTTP requests in this frame

Frame: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
Frame ID: BDA5E542ECDF80199627454E2F242E5F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Card Servicing

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

269 kB
Transfer

906 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
bactrial011.dnsalias.net/login/ 16 KB
16 KB 738ms
239ms Document
text/html 18.233.226.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bactrial011.dnsalias.net/login/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.233.226.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-226-115.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3183fadcb9f88353fe0e150786b3cd632f7b3d031d25304f259621a1506b61de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 17 Aug 2023 19:20:04 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 barclays-theme.css
static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/ 485 KB
42 KB 487ms
306ms Stylesheet
text/css 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

53483f373cbb7ed8d1db67e3b00d01a8173c87b1d52d1804acb637046bf49334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Mon, 24 Jul 2023 19:17:09 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 42724
expires: Thu, 17 Aug 2023 19:30:05 GMT

GET
H2 200 login.css
static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/sections/ 15 KB
4 KB 483ms
302ms Stylesheet
text/css 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/sections/login.css

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

107bb77d191214ae3e04a54cd8cd73ad45df05a9f804ede1d2de295ec796993d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 15:19:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=574
accept-ranges: bytes
content-length: 3511
expires: Thu, 17 Aug 2023 19:29:39 GMT

GET
H2 200 header-logo.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 10 KB
5 KB 541ms
361ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/header-logo.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

270761c78a4f14e075c55d57ba092ae7e60afb9ffcc0a60767d1b748730f8e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 4585
expires: Thu, 17 Aug 2023 19:30:05 GMT

GET
H2 200 facebook-icon.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 1 KB
821 B 416ms
365ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/facebook-icon.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e8020482a24c5521937e6928217a4e1653e4b41b3e0c22f4708315bbe57b15ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Mon, 24 Jul 2023 19:04:09 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 625
expires: Thu, 17 Aug 2023 19:30:05 GMT

GET
H2 200 twitter-icon.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 1 KB
1002 B 357ms
305ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/twitter-icon.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

542180b9a67318121c4c8ccdf2adb39727dad59bb8be0af7c1fa7859c26c226b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Mon, 24 Jul 2023 19:04:09 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=581
accept-ranges: bytes
content-length: 806
expires: Thu, 17 Aug 2023 19:29:46 GMT

GET
H2 200 youtube-icon.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 3 KB
2 KB 447ms
396ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/youtube-icon.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

facc4dbfe238b26249b1dec3f9d467871ae40529b18a8333469b1cd81e675f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=558
accept-ranges: bytes
content-length: 1706
expires: Thu, 17 Aug 2023 19:29:23 GMT

GET
H2 200 fdic-logo-icon.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 1 KB
907 B 329ms
328ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/fdic-logo-icon.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b6acb07dfccb4463d9995e4a59cd898531181db64479af36d5e3040fae5851bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=579
accept-ranges: bytes
content-length: 712
expires: Thu, 17 Aug 2023 19:29:44 GMT

GET
H2 200 bbb-logo-icon.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 5 KB
2 KB 169ms
168ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/bbb-logo-icon.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

88cc1f3f1457c3dfccec9ea599e141cdcea8fa9d97c1e5112d36093a112f090a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=577
accept-ranges: bytes
content-length: 1892
expires: Thu, 17 Aug 2023 19:29:42 GMT

GET
H2 200 norton-secured-logo-icon.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 12 KB
5 KB 330ms
329ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/norton-secured-logo-icon.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

771682e11280aa88c560243e79ec9433ecf7b17d261f2e42ffb8d674add0eac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 4765
expires: Thu, 17 Aug 2023 19:30:05 GMT

GET
H2 200 rsa-security-logo-icon.svg
static.barclaycardus.com/servicing/b5bbe778/img/base/ 4 KB
2 KB 428ms
427ms Image
image/svg+xml 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/rsa-security-logo-icon.svg

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

793572690db44dc6c767a8b89257d357dcde0639aa2e63c63a11af3762b72d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bactrial011.dnsalias.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 1829
expires: Thu, 17 Aug 2023 19:30:05 GMT

GET
H/1.1 200
OK dest5.html Show response
barclaybankdelaware.demdex.net/ Frame F2A3 7 KB
3 KB 221ms
45ms Document
text/html 52.211.186.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0

Requested by

Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.186.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-186-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bactrial011.dnsalias.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v050-04aec769b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: teIhRXniTT0=
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 28 Jun 2023 12:57:54 GMT
vary: accept-encoding

GET
H2 200 adrum-xd.54a9a330b6d789bd61edecd89332c15b.html Show response
static.barclaycardus.com/servicing/js/base/monitoring/appd/eum// Frame BDA5 3 KB
3 KB 411ms
366ms Document
text/html 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
Requested by: Host: bactrial011.dnsalias.net
URL: https://bactrial011.dnsalias.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0a2d15a16b6a685c8ec60cd8d240c673952e705a0b946db4b57c6df2669007f8

Request headers

Referer: https://bactrial011.dnsalias.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1395
content-type: text/html; charset=ISO-8859-1
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Mon, 24 Jul 2023 19:04:10 GMT
server: Apache
vary: Accept-Encoding,User-Agent
x-akamai-transformed: 9 1108 0 pmb=mTOE,3

GET
H2 200 expertsans-light-webfont.woff2
static.barclaycardus.com/servicing/b5bbe778/img/base/fonts/expertsans/ 19 KB
19 KB 326ms
192ms Font
application/font-woff2 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/fonts/expertsans/expertsans-light-webfont.woff2

Requested by

Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9bb5c8f3d460e6ac33557400adef674006706bba061a270583019306fbc500ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css
Origin: https://bactrial011.dnsalias.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=496
accept-ranges: bytes
content-length: 19073
expires: Thu, 17 Aug 2023 19:28:21 GMT

GET
H2 200 opensans-regular-webfont.woff
static.barclaycardus.com/servicing/b5bbe778/img/base/fonts/opensans/ 24 KB
24 KB 290ms
156ms Font
application/x-font-woff 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/fonts/opensans/opensans-regular-webfont.woff

Requested by

Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

404688527e8873a4aeceb70e2c8785f065bbe48f53c7ba5865fe3e8862cecf68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css
Origin: https://bactrial011.dnsalias.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=548
accept-ranges: bytes
content-length: 24778
expires: Thu, 17 Aug 2023 19:29:13 GMT

GET
H2 200 expertsans-regular-webfont.woff2
static.barclaycardus.com/servicing/b5bbe778/img/base/fonts/expertsans/ 18 KB
19 KB 272ms
144ms Font
application/font-woff2 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.barclaycardus.com/servicing/b5bbe778/img/base/fonts/expertsans/expertsans-regular-webfont.woff2

Requested by

Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-93-249-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0993373322544051ba3c0bf17cd144f5eb50ad5db671906b3bc6f4cd66750779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css
Origin: https://bactrial011.dnsalias.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 17 Aug 2023 19:20:05 GMT
last-modified: Wed, 02 Aug 2023 14:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=542
accept-ranges: bytes
content-length: 18945
expires: Thu, 17 Aug 2023 19:29:07 GMT

GET
H2 200 glyphicons-halflings-regular.woff
static.barclaycardus.com/servicing/css/base/themes/fonts/ 23 KB
23 KB 220ms
92ms Font
application/x-font-woff 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/servicing/css/base/themes/fonts/glyphicons-halflings-regular.woff
Requested by: Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: https://static.barclaycardus.com/servicing/b5bbe778/css/base/build/themes/barclays/barclays-theme.css
Origin: https://bactrial011.dnsalias.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 19:20:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Aug 2023 14:41:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 23132

GET
H2 200 4ac8c3d3 Show response
static.barclaycardus.com/akam/13/ Frame BDA5 26 KB
9 KB 79ms
79ms Script
application/javascript 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/akam/13/4ac8c3d3
Requested by: Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 78781cccdbeab0b6afba44de670bfa3da1342e4f006e2b02196301a95691848c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 19:20:05 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:08:49 GMT
etag: "e655fbccb1d2e7ec0a4853116e73e3e8e0bb3fe37036174c1cbff1bc7a214564"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 8799
expires: Thu, 17 Aug 2023 19:20:05 GMT

GET
H2 200 QiIAUB Show response
static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/ Frame BDA5 224 KB
85 KB 53ms
53ms Script
application/javascript 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB
Requested by: Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c60b5d79dfb0706547f46fd1e00e48456d4050d3cc50157bf27f52ea0f85a6f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 19:20:05 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 16:14:16 GMT
etag: "471429e29d8ee06b6ff478b3583ff18f57f4537fee9425f576ff7c9f446e4738"
stored-attribute-sha-checksum: c60b5d79dfb0706547f46fd1e00e48456d4050d3cc50157bf27f52ea0f85a6f1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 86334

POST
H2 201 QiIAUB Show response
static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/ Frame BDA5 18 B
984 B 54ms
54ms XHR
application/json 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB
Requested by: Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://static.barclaycardus.com
date: Thu, 17 Aug 2023 19:20:05 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18
vary: Origin
content-type: application/json

GET
DATA 200
OK truncated
/ Frame BDA5 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BDA5 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 201 QiIAUB Show response
static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/ Frame BDA5 18 B
983 B 59ms
58ms XHR
application/json 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB
Requested by: Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://static.barclaycardus.com
date: Thu, 17 Aug 2023 19:20:06 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18
vary: Origin
content-type: application/json

POST
H2 200 pixel_4ac8c3d3 Show response
static.barclaycardus.com/akam/13/ Frame BDA5 0
572 B 56ms
55ms XHR
text/html 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/akam/13/pixel_4ac8c3d3
Requested by: Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/akam/13/4ac8c3d3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Aug 2023 19:20:06 GMT
content-length: 0
content-type: text/html

POST
H2 201 QiIAUB Show response
static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/ Frame BDA5 18 B
983 B 57ms
57ms XHR
application/json 104.93.249.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB
Requested by: Host: static.barclaycardus.com
URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.93.249.139 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-93-249-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer: https://static.barclaycardus.com/servicing/js/base/monitoring/appd/eum//adrum-xd.54a9a330b6d789bd61edecd89332c15b.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://static.barclaycardus.com
date: Thu, 17 Aug 2023 19:20:06 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18
vary: Origin
content-type: application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://barclaybankdelaware.demdex.net/dest5.html?d_nsid=0(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.barclaycardus.com') does not match the recipient window's origin ('https://bactrial011.dnsalias.net').
javascript	warning	URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://static.barclaycardus.com/gtNU/ptBD/L2/FJhW/Olkw/ur9kfbmfGhD9/GgwNV3ll/BQgTTg/QiIAUB Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bactrial011.dnsalias.net
barclaybankdelaware.demdex.net
static.barclaycardus.com
104.93.249.139
18.233.226.115
52.211.186.134
0993373322544051ba3c0bf17cd144f5eb50ad5db671906b3bc6f4cd66750779
0a2d15a16b6a685c8ec60cd8d240c673952e705a0b946db4b57c6df2669007f8
107bb77d191214ae3e04a54cd8cd73ad45df05a9f804ede1d2de295ec796993d
270761c78a4f14e075c55d57ba092ae7e60afb9ffcc0a60767d1b748730f8e86
3183fadcb9f88353fe0e150786b3cd632f7b3d031d25304f259621a1506b61de
404688527e8873a4aeceb70e2c8785f065bbe48f53c7ba5865fe3e8862cecf68
53483f373cbb7ed8d1db67e3b00d01a8173c87b1d52d1804acb637046bf49334
542180b9a67318121c4c8ccdf2adb39727dad59bb8be0af7c1fa7859c26c226b
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
771682e11280aa88c560243e79ec9433ecf7b17d261f2e42ffb8d674add0eac7
78781cccdbeab0b6afba44de670bfa3da1342e4f006e2b02196301a95691848c
793572690db44dc6c767a8b89257d357dcde0639aa2e63c63a11af3762b72d87
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
88cc1f3f1457c3dfccec9ea599e141cdcea8fa9d97c1e5112d36093a112f090a
9bb5c8f3d460e6ac33557400adef674006706bba061a270583019306fbc500ec
b6acb07dfccb4463d9995e4a59cd898531181db64479af36d5e3040fae5851bf
c60b5d79dfb0706547f46fd1e00e48456d4050d3cc50157bf27f52ea0f85a6f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8020482a24c5521937e6928217a4e1653e4b41b3e0c22f4708315bbe57b15ff
facc4dbfe238b26249b1dec3f9d467871ae40529b18a8333469b1cd81e675f21
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

bactrial011.dnsalias.net Open in urlscan Pro 18.233.226.115 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

269 kBTransfer

906 kBSize

0 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

bactrial011.dnsalias.net Open in urlscan Pro
18.233.226.115 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

269 kB
Transfer

906 kB
Size

0
Cookies

23 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!