urlscan.io logo urlscan.io
SecurityTrails logo

nguoiyeuphim.com Open in urlscan Pro
31.22.4.116  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Submission: On February 03 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 34 HTTP transactions. The main IP is 31.22.4.116, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is nguoiyeuphim.com.
This is the only time nguoiyeuphim.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
1 31.22.4.116 34119 (WILDCARD-...)
31 104.111.249.181 16625 (AKAMAI-AS)
1 2 172.82.228.18 15224 (OMNITURE)
1 66.117.29.3 15224 (OMNITURE)
34 4
Domain Requested by
31 bank.barclays.co.uk nguoiyeuphim.com
2 metrics.barclays.co.uk 1 redirects nguoiyeuphim.com
1 barclaysbankplc.tt.omtrdc.net bank.barclays.co.uk
1 nguoiyeuphim.com
34 4
Subject Issuer Validity Valid
bank.barclays.co.uk
Entrust Certification Authority - L1M		 2019-01-09 -
2019-04-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://nguoiyeuphim.com/Metro/LoginError.php
Frame ID: 898C0E7551438A541A57EA5313EB0D53
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

34
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

295 kB
Transfer

1017 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s04918734854006?AQB=1&ndh=1&t=3%2F1%2F2019%202%3A53%3A11%200%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&g=http%3A%2F%2Fnguoiyeuphim.com%2FMetro%2FLoginError.php&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogIn&c6=2%3A30AM&v6=2%3A30AM&c7=Sunday&v7=Sunday&c8=Weekend&v8=Weekend&c16=%2FMetro%2FLoginError.php&v37=Passcode&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&h1=onl%3Alogon%3ALogonLogIn&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s04918734854006?AQB=1&pccr=true&vidn=2E2B2BCB8531071D-60000193600C481D&&ndh=1&t=3%2F1%2F2019%202%3A53%3A11%200%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&g=http%3A%2F%2Fnguoiyeuphim.com%2FMetro%2FLoginError.php&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogIn&c6=2%3A30AM&v6=2%3A30AM&c7=Sunday&v7=Sunday&c8=Weekend&v8=Weekend&c16=%2FMetro%2FLoginError.php&v37=Passcode&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&h1=onl%3Alogon%3ALogonLogIn&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LoginError.php
nguoiyeuphim.com/Metro/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
HTTP/1.1
Server
31.22.4.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv34.byethost34.org
Software
nginx /
Resource Hash
9909330b22dff6096d29665a39b661b0b3d009c09c49d8ba0c8b1cf21b3b0e29

Request headers

Host
nguoiyeuphim.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Sun, 03 Feb 2019 02:53:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=0
Expires
Sun, 03 Feb 2019 02:53:10 GMT
Content-Encoding
gzip
barclays.css
bank.barclays.co.uk/css/ 		285 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/css/barclays.css
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
560p-01 /
Resource Hash
e9df3e6267d63ac741531d69c3d8e08435a049b21a9f58b89f21e5beb23b76ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 12:49:47 GMT
server
560p-01
etag
"c4cc-5b97b9eb"
vary
accept-encoding
content-type
text/css
status
200
date
Sun, 03 Feb 2019 02:53:10 GMT
accept-ranges
bytes
content-length
50380
x-ua-compatible
chrome=IE6
features-store.css
bank.barclays.co.uk/css/ 		86 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/css/features-store.css
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
9c5614f18582d4f3dcb7a503cda6b03b01c4a751ef4fd2b165a422937857f37b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:38 GMT
server
562p-01
etag
"3a76-5c12008a"
vary
accept-encoding
content-type
text/css
status
200
date
Sun, 03 Feb 2019 02:53:10 GMT
accept-ranges
bytes
content-length
14966
x-ua-compatible
chrome=IE6
jq.js
bank.barclays.co.uk/js/jq/ 		274 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/js/jq/jq.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
561p-01 /
Resource Hash
bbd75191ee52f8422abbeccbd77a625b5bbffd02eacc9764a68f1a093698545d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:51 GMT
server
561p-01
etag
"1484a-5c120097"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:10 GMT
accept-ranges
bytes
content-length
84042
x-ua-compatible
chrome=IE6
iBarclays.js
bank.barclays.co.uk/js/ib/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/js/ib/iBarclays.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
559p-01 /
Resource Hash
9fdc07f66f9bc8571ec24bb4cde8969ef6b832f940d8764f552c9bdb00afe84d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:51 GMT
server
559p-01
etag
"517-5c120097"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:10 GMT
accept-ranges
bytes
content-length
1303
x-ua-compatible
chrome=IE6
ib-pre.js
bank.barclays.co.uk/js/ib/ 		176 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/js/ib/ib-pre.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
559p-01 /
Resource Hash
3eb081e0c28a146e903d91a48aee3ffe1770ec035d23dcf8a84b002fa86bafea
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 11:25:59 GMT
server
559p-01
etag
"9769-5b97a647"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:10 GMT
accept-ranges
bytes
content-length
38761
x-ua-compatible
chrome=IE6
iBarclays.Unlock.js
bank.barclays.co.uk/js/ib/ 		57 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/js/ib/iBarclays.Unlock.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:51 GMT
server
562p-01
etag
"4b-5c120097"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:10 GMT
accept-ranges
bytes
content-length
75
x-ua-compatible
chrome=IE6
mbox.js
bank.barclays.co.uk/touchclarity/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/touchclarity/mbox.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
43e8d28010d5185e1ed218db5b7c537251f019713b02464fd3b6be08b65751e1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:56 GMT
server
562p-01
etag
"205e-5c12009c"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:10 GMT
accept-ranges
bytes
content-length
8286
x-ua-compatible
chrome=IE6
barclays-logo.png
bank.barclays.co.uk/img/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/logos/barclays-logo.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:12 GMT
server
562p-01
etag
"ec0-5c11ff08"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
3776
x-ua-compatible
chrome=IE6
Authenticate.js
bank.barclays.co.uk/js/pages/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/js/pages/Authenticate.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
2b3d2d575527b2319f98766feaecc44139e7ab0137176f24d18f3fd262be118c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:53 GMT
server
562p-01
etag
"92c-5c120099"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
2348
x-ua-compatible
chrome=IE6
premier_league_masthead.jpg
bank.barclays.co.uk/img/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/logos/premier_league_masthead.jpg
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:22 GMT
server
562p-01
etag
"1105-5c11ff12"
content-type
image/jpeg
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
4357
x-ua-compatible
chrome=IE6
iBarclays.WebAnalytics.js
bank.barclays.co.uk/js/ib/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/js/ib/iBarclays.WebAnalytics.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
5329c01da056f6f2a29fe4c099ee3fc20df0d0faa32c8866ae50587f653ecb43
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:51 GMT
server
562p-01
etag
"1811-5c120097"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
6161
x-ua-compatible
chrome=IE6
s_codecookies.js
bank.barclays.co.uk/js/sitecatalyst/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/js/sitecatalyst/s_codecookies.js
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
4443260f173a9227f2afb899b9e4337b364bcf78df56c322d6c19e4a6edf01d6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:54 GMT
server
562p-01
etag
"4e4c-5c12009a"
vary
accept-encoding
content-type
application/x-javascript
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
20044
x-ua-compatible
chrome=IE6
print-browser.css
bank.barclays.co.uk/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.barclays.co.uk/css/print-browser.css
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
663057d96ebf667a2ee952d41838e2309d614043260caffb37409fc6149b387a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 06:47:38 GMT
server
562p-01
etag
"6ae-5c12008a"
vary
accept-encoding
content-type
text/css
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
1710
x-ua-compatible
chrome=IE6
closed.gif
bank.barclays.co.uk/img/table/ 		64 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/table/closed.gif
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
918283f78e55525cacb727daad22f0c5a3cdbdba1ff50ae100e46095adead7d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:12 GMT
server
562p-01
etag
"40-5c11ff08"
content-type
image/gif
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
64
x-ua-compatible
chrome=IE6
open.gif
bank.barclays.co.uk/img/table/ 		62 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/table/open.gif
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
8c386596c084822e07657ea81ed390f3f8519f4e46c4f40a8a3ebe8dc6f3b209
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:31 GMT
server
562p-01
etag
"3e-5c11ff1b"
content-type
image/gif
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
62
x-ua-compatible
chrome=IE6
closed-white.gif
bank.barclays.co.uk/img/table/ 		852 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/table/closed-white.gif
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
bb94113cd971a17dc9875c0e906e3206115fb3a751d7b535bdd32e013b96622d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:21 GMT
server
562p-01
etag
"354-5c11ff11"
content-type
image/gif
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
852
x-ua-compatible
chrome=IE6
open-white.gif
bank.barclays.co.uk/img/table/ 		852 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/table/open-white.gif
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
354c0b4c8629c00d7f7c98691bcbc557e92d8b276fc391a74c8ab9ffb7c73bf2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:29 GMT
server
562p-01
etag
"354-5c11ff19"
content-type
image/gif
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
852
x-ua-compatible
chrome=IE6
eagle.jpg
bank.barclays.co.uk/img/backgrounds/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/eagle.jpg
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
2cf9a13b0c760bc23d003af1a8dd924d5d90b4c350a97b0bbe59c32a24684955
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:10 GMT
server
562p-01
etag
"3523-5c11ff06"
content-type
image/jpeg
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
13603
x-ua-compatible
chrome=IE6
body-background-top.png
bank.barclays.co.uk/img/backgrounds/ 		166 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/body-background-top.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
840de33c29f831458689bd2f1f14496529edd7670521eb0115de29469e50857a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:19 GMT
server
562p-01
etag
"a6-5c11ff0f"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
166
x-ua-compatible
chrome=IE6
menu-bar-bg.png
bank.barclays.co.uk/img/backgrounds/ 		267 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/menu-bar-bg.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
bcd3f5688ac19f672f74ee03db1a5cb7303b62dfba5b9c54e87d6d0370964db3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:19 GMT
server
562p-01
etag
"10b-5c11ff0f"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
267
x-ua-compatible
chrome=IE6
login-icon.gif
bank.barclays.co.uk/img/login/ 		831 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/login/login-icon.gif
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
1329a745be28ac372a6ae7646ccabd81f63491b8cc8087c8cf264f079fd4d4f2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:27 GMT
server
562p-01
etag
"33f-5c11ff17"
content-type
image/gif
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
831
x-ua-compatible
chrome=IE6
progress-bar.png
bank.barclays.co.uk/img/backgrounds/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/progress-bar.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
3611591f7a8d8193e8e3d1f1b1d0dd949fc60166dc79a7e2d41ed2252ac489c2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/features-store.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:26 GMT
server
562p-01
etag
"537-5c11ff16"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
1335
x-ua-compatible
chrome=IE6
inline-help.png
bank.barclays.co.uk/img/backgrounds/ 		622 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/inline-help.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
5032ce717cb7e8109db86c863d49fe82bb87399ee08cc4050d7f92e1aa41be72
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:21 GMT
server
562p-01
etag
"26e-5c11ff11"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
622
x-ua-compatible
chrome=IE6
text-input-bg.png
bank.barclays.co.uk/img/form/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/form/text-input-bg.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
66a4541bdd7d7614ce0eb006826168ac07172bba2afb3d21c2d00b90418ce3a8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:25 GMT
server
562p-01
etag
"bcf-5c11ff15"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
3023
x-ua-compatible
chrome=IE6
buttons.png
bank.barclays.co.uk/img/buttons/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/buttons/buttons.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
fabaeb836936029320ea8d1ef0cfb033a67f81623a4577ba1fe42a6b7c278642
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:20 GMT
server
562p-01
etag
"2dc1-5c11ff10"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
11713
x-ua-compatible
chrome=IE6
buttons-mid.png
bank.barclays.co.uk/img/buttons/ 		476 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/buttons/buttons-mid.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
9378b8d6488dbcdf668e5caa8a617be6671659666c63aec1ef9c655c1d09b89f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:11 GMT
server
562p-01
etag
"1dc-5c11ff07"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
476
x-ua-compatible
chrome=IE6
background.jpg
bank.barclays.co.uk/img/login/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/login/background.jpg
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
eaa5f0c0d57aaccedc783e3eda5d708776cbf2506c9a7937b4ced53d965c2c94
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:19 GMT
server
562p-01
etag
"2d19-5c11ff0f"
content-type
image/jpeg
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
11545
x-ua-compatible
chrome=IE6
header-standard.png
bank.barclays.co.uk/img/backgrounds/ 		607 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/header-standard.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
737ce425b0b3c3c9593224f62a3d3e555e06f57c5f4fb99b3834b89312676ff3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:17 GMT
server
562p-01
etag
"25f-5c11ff0d"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
607
x-ua-compatible
chrome=IE6
module-footer-bg.png
bank.barclays.co.uk/img/backgrounds/ 		384 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/module-footer-bg.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
a02a0402b171a6d8bc2e2caac6ba34c9ca73156247866f90806c6584f4038797
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:14 GMT
server
562p-01
etag
"180-5c11ff0a"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
384
x-ua-compatible
chrome=IE6
body-background-bottom.png
bank.barclays.co.uk/img/backgrounds/ 		162 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/body-background-bottom.png
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
26a876aa5880f9067f76a4b59a0d8e488238b2fad03517c6cb690f9a8d044399
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:30 GMT
server
562p-01
etag
"a2-5c11ff1a"
content-type
image/png
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
162
x-ua-compatible
chrome=IE6
body-background-outline.gif
bank.barclays.co.uk/img/backgrounds/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.barclays.co.uk/img/backgrounds/body-background-outline.gif
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.249.181 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-249-181.deploy.static.akamaitechnologies.com
Software
562p-01 /
Resource Hash
675b6641ffb8bc59d657e78fa1d2b2639d73f93da333442dab37490fe4dd1d09
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

Referer
https://bank.barclays.co.uk/css/barclays.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains; preload
last-modified
Thu, 13 Dec 2018 06:41:18 GMT
server
562p-01
etag
"60c-5c11ff0e"
content-type
image/gif
status
200
date
Sun, 03 Feb 2019 02:53:11 GMT
accept-ranges
bytes
content-length
1548
x-ua-compatible
chrome=IE6
s04918734854006
metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/
Redirect Chain
  • http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s04918734854006?AQB=1&ndh=1&t=3%2F1%2F2019%202%3A53%3A11%200%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemor...
  • http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s04918734854006?AQB=1&pccr=true&vidn=2E2B2BCB8531071D-60000193600C481D&&ndh=1&t=3%2F1%2F2019%202%3A53%3A11%200%200&ns=barclaysuk&cdp=3&pageName...
43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s04918734854006?AQB=1&pccr=true&vidn=2E2B2BCB8531071D-60000193600C481D&&ndh=1&t=3%2F1%2F2019%202%3A53%3A11%200%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&g=http%3A%2F%2Fnguoiyeuphim.com%2FMetro%2FLoginError.php&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogIn&c6=2%3A30AM&v6=2%3A30AM&c7=Sunday&v7=Sunday&c8=Weekend&v8=Weekend&c16=%2FMetro%2FLoginError.php&v37=Passcode&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&h1=onl%3Alogon%3ALogonLogIn&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: nguoiyeuphim.com
URL: http://nguoiyeuphim.com/Metro/LoginError.php
Protocol
HTTP/1.1
Server
172.82.228.18 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d3.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Feb 2019 02:53:11 GMT
Last-Modified
Mon, 04 Feb 2019 02:53:11 GMT
Server
Omniture DC
xserver
www7155
ETag
"3326800902856179712-4739864418430240802"
Vary
*
X-C
ms-6.6.0
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Feb 2019 02:53:11 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 03 Feb 2019 02:53:11 GMT
Last-Modified
Mon, 04 Feb 2019 02:53:11 GMT
Server
Omniture DC
xserver
www7155
Location
http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s04918734854006?AQB=1&pccr=true&vidn=2E2B2BCB8531071D-60000193600C481D&&ndh=1&t=3%2F1%2F2019%202%3A53%3A11%200%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&g=http%3A%2F%2Fnguoiyeuphim.com%2FMetro%2FLoginError.php&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogIn&c6=2%3A30AM&v6=2%3A30AM&c7=Sunday&v7=Sunday&c8=Weekend&v8=Weekend&c16=%2FMetro%2FLoginError.php&v37=Passcode&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord&h1=onl%3Alogon%3ALogonLogIn&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
X-C
ms-6.6.0
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
keep-alive
Content-Type
text/plain
Content-Length
0
Expires
Sat, 02 Feb 2019 02:53:11 GMT
ajax
barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ajax?mboxHost=nguoiyeuphim.com&mboxSession=1549162391148-102243&mboxPage=1549162391388-303550&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&colorDepth=24&mboxCount=1&mbox3rdPartyId=&mbox=trk_mbox&mboxId=0&mboxTime=1549162391376&mboxURL=http%3A%2F%2Fnguoiyeuphim.com%2FMetro%2FLoginError.php&mboxReferrer=&mboxVersion=55
Requested by
Host: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/touchclarity/mbox.js
Protocol
HTTP/1.1
Server
66.117.29.3 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
/
Resource Hash
1ab71ae5a73165fe3d5eb7e2ff095b37f72092d3de25dadc49bfcc9d0128601a

Request headers

Referer
http://nguoiyeuphim.com/Metro/LoginError.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Feb 2019 02:53:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Timing-Allow-Origin
*
X-Request-ID
ce3b2fa1-2d45-4ad9-96c6-f0b48b8841c2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| escapeRegExp function| replaceAll function| ftbLabelClick function| selectBoxFix function| $ function| jQuery function| DP_jQuery_1549162391126 function| DateInput function| ftbIE8Fixes function| ftbClearPlaceholders string| _tc string| _tc_extra string| _trk_mbox_name object| mboxFactoryDefault object| iBarclays function| mboxDefine number| offX number| offY function| helpDialogMouseUp function| helpDialogMouseDown function| helpDialogMove object| EventUtil boolean| formSubmitted function| preventDoubleSubmit function| block function| unblock function| blockContainer function| unblockContainer function| blockModal boolean| ftb3 function| isPastDateValid function| isToYearValid function| isAmountValid function| isProviderNameValid function| updateSelectedRadioButtons function| showContextHelp function| hideContextHelp function| refreshHelp boolean| _ccpCat3 string| mboxCopyright object| TNT number| mboxVersion object| mboxFactories function| mboxLoadSCPlugin function| mboxTrack function| mboxTrackLink function| tt_Log function| tt_Redirect object| cmid function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxBarclaysCookieConsent object| reason function| mboxScPluginFetcher function| mboxVizTargetUrl undefined| f string| s_account function| getElementsByClassName function| getTextContent object| dcs2sc function| scFixed function| scFixed1Tag function| scAppendWholeTag function| scLowRankTag function| scProductsTag function| scSetLinkNameTag function| scCombinedP123 function| scRemap boolean| scCallDone function| tagPageView function| tagAjaxContent function| tagQueryContents function| setFromClickTagsFTB function| scLinkTrack function| scLinkTrackError function| dcsMultiTrack function| scMeta function| scSetInitial function| scSetDerived function| isLoginPage function| isHomePage function| scSetHelpCardButtons function| scCleanUpEvents function| scLoginPagesTracking function| scCleanUp function| scSetValidationErrorMessage function| fireLoadEvent function| scSetErrorMessage function| scSetErrorServiceMessage function| scSetImpressions function| scSetLOGIN_METHOD function| scSetLOGIN_MECHANISM function| scSetLoginEvents function| scSetDeepLink function| scSetdcsuri function| scSetProducts function| scSetView function| getProp34 function| scSetPurchaseTracking function| scSetActivityTracking function| scSetLoginReg function| scSetPageName function| isMultipleSavedUsers function| scSetEvents function| scSetDcsvid function| scBarclaysCookieConsent function| scMapTag function| scSetTag function| scAddTag function| scUpdateLinkTrack string| scBasePageName string| scTakeoverPageName function| scSaveBasePageName function| scRestoreBasePageName function| scSaveTakeoverPageName function| scRestoreTakeoverPageName number| duplicateSCRequestThreshold undefined| lastRequestEvent undefined| lastRequestSelector undefined| lastRequestTime function| scIsDuplicateRequest function| transposeWindowTitle object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq string| j string| s_tnt string| k object| s_i_barclaysuk string| containerSegment boolean| onlineMarketingSuppressed boolean| BankUserOrTPA string| tnt_extra object| mboxCurrent function| _mboxDefaultContentOffer object| ttMETA

8 Cookies

Domain/Path Name / Value
.nguoiyeuphim.com/ Name: s_ppv
Value: -%2C100%2C100%2C1200
.nguoiyeuphim.com/ Name: mbox
Value: check#true#1549162452|session#1549162391148-102243#1549164252|PC#1549162391148-102243.26_22#1556938392
.nguoiyeuphim.com/ Name: s_visit
Value: 1
.nguoiyeuphim.com/ Name: s_sq
Value: %5B%5BB%5D%5D
.nguoiyeuphim.com/ Name: ttc_evar3
Value: 1549162391372
.nguoiyeuphim.com/ Name: prevPage
Value: onl%3Alogon%3ALogonLogIn%3AStep3YourPasscodeMemorableWord
.nguoiyeuphim.com/ Name: s_nr
Value: 1549162391370-New
.nguoiyeuphim.com/ Name: s_cc
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
barclaysbankplc.tt.omtrdc.net
metrics.barclays.co.uk
nguoiyeuphim.com
104.111.249.181
172.82.228.18
31.22.4.116
66.117.29.3
1329a745be28ac372a6ae7646ccabd81f63491b8cc8087c8cf264f079fd4d4f2
1ab71ae5a73165fe3d5eb7e2ff095b37f72092d3de25dadc49bfcc9d0128601a
26a876aa5880f9067f76a4b59a0d8e488238b2fad03517c6cb690f9a8d044399
2b3d2d575527b2319f98766feaecc44139e7ab0137176f24d18f3fd262be118c
2cf9a13b0c760bc23d003af1a8dd924d5d90b4c350a97b0bbe59c32a24684955
354c0b4c8629c00d7f7c98691bcbc557e92d8b276fc391a74c8ab9ffb7c73bf2
3611591f7a8d8193e8e3d1f1b1d0dd949fc60166dc79a7e2d41ed2252ac489c2
3eb081e0c28a146e903d91a48aee3ffe1770ec035d23dcf8a84b002fa86bafea
43e8d28010d5185e1ed218db5b7c537251f019713b02464fd3b6be08b65751e1
4443260f173a9227f2afb899b9e4337b364bcf78df56c322d6c19e4a6edf01d6
5032ce717cb7e8109db86c863d49fe82bb87399ee08cc4050d7f92e1aa41be72
5329c01da056f6f2a29fe4c099ee3fc20df0d0faa32c8866ae50587f653ecb43
663057d96ebf667a2ee952d41838e2309d614043260caffb37409fc6149b387a
66a4541bdd7d7614ce0eb006826168ac07172bba2afb3d21c2d00b90418ce3a8
675b6641ffb8bc59d657e78fa1d2b2639d73f93da333442dab37490fe4dd1d09
737ce425b0b3c3c9593224f62a3d3e555e06f57c5f4fb99b3834b89312676ff3
840de33c29f831458689bd2f1f14496529edd7670521eb0115de29469e50857a
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
8c386596c084822e07657ea81ed390f3f8519f4e46c4f40a8a3ebe8dc6f3b209
8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c
918283f78e55525cacb727daad22f0c5a3cdbdba1ff50ae100e46095adead7d3
9378b8d6488dbcdf668e5caa8a617be6671659666c63aec1ef9c655c1d09b89f
9909330b22dff6096d29665a39b661b0b3d009c09c49d8ba0c8b1cf21b3b0e29
9c5614f18582d4f3dcb7a503cda6b03b01c4a751ef4fd2b165a422937857f37b
9fdc07f66f9bc8571ec24bb4cde8969ef6b832f940d8764f552c9bdb00afe84d
a02a0402b171a6d8bc2e2caac6ba34c9ca73156247866f90806c6584f4038797
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
bb94113cd971a17dc9875c0e906e3206115fb3a751d7b535bdd32e013b96622d
bbd75191ee52f8422abbeccbd77a625b5bbffd02eacc9764a68f1a093698545d
bcd3f5688ac19f672f74ee03db1a5cb7303b62dfba5b9c54e87d6d0370964db3
e9df3e6267d63ac741531d69c3d8e08435a049b21a9f58b89f21e5beb23b76ad
eaa5f0c0d57aaccedc783e3eda5d708776cbf2506c9a7937b4ced53d965c2c94
fabaeb836936029320ea8d1ef0cfb033a67f81623a4577ba1fe42a6b7c278642