www.pass-nepal.org.np Open in urlscan Pro
67.231.244.58 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html#http://www.barclays.co.uk/cs/Satellite?c=Info_C&pagename=BarclaysO...
Effective URL:
http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Submission: On October 27 via automatic, source openphish (October 27th 2017, 10:23:13 am UTC)

Summary HTTP 23 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 67.231.244.58, located in Latham, United States and belongs to TURNKEY-INTERNET - Turnkey Internet Inc., US. The main domain is www.pass-nepal.org.np.

This is the only time www.pass-nepal.org.np was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	67.231.244.58 67.231.244.58	40244 (TURNKEY-I...) (TURNKEY-INTERNET - Turnkey Internet Inc.)
17	157.83.124.232 157.83.124.232	44022 (BARCLAYS-...) (BARCLAYS-RETAIL)
1 2	66.235.148.136 66.235.148.136	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	66.117.29.4 66.117.29.4	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
23	5

2 67.231.244.58 (Latham, United States)

ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US)
PTR: 67-231-244-58.static.as40244.net

www.pass-nepal.org.np	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 157.83.124.232 (London, United Kingdom)

ASN44022 (BARCLAYS-RETAIL, GB)

bank.barclays.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.235.148.136 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d3.sc.omtrdc.net

metrics.barclays.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.4 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

barclaysbankplc.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	barclays.co.uk 1 redirects bank.barclays.co.uk metrics.barclays.co.uk	141 KB
2	pass-nepal.org.np www.pass-nepal.org.np	29 KB
1	omtrdc.net barclaysbankplc.tt.omtrdc.net	730 B
23	3

	Domain	Requested by
17	bank.barclays.co.uk	www.pass-nepal.org.np
2	metrics.barclays.co.uk	1 redirects www.pass-nepal.org.np
2	www.pass-nepal.org.np	www.pass-nepal.org.np
1	barclaysbankplc.tt.omtrdc.net	bank.barclays.co.uk
23	4

This site contains links to these domains. Also see Links.

Domain
www.barclays.co.uk
www.lendingstandardsboard.org.uk
www.premierleague.com

Subject Issuer	Validity	Valid
bank.barclays.co.uk Symantec Class 3 EV SSL CA - G3	`2017-07-27` - `2017-12-31`	5 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Frame ID: 25662.1
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

23
Requests

74 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

170 kB
Transfer

572 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.barclays.co.uk/Contactus/Contactus/P1242561757335
Title: Contact us

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/security
Title: Security

Search URL Search Domain Scan URL

URL: http://www.barclays.co.uk/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://www.lendingstandardsboard.org.uk/
Title: www.lendingstandardsboard.org.uk

Search URL Search Domain Scan URL

URL: http://www.premierleague.com/
Title: Proud sponsors of the Barclays Premier League

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=http%3A%2F%2Fwww.pass-nepal.org.np%2FBRKUSHFNG0193%2FM45K%2FCLS45.html%23http%3A%2F%2Fwww.barclays.co.uk%2Fcs%2FSatellite%3Fc%3DInfo_C%26pagename%3DBarclaysOnline%2FBOPopUp%26cid%3D1242617571817&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&v0=1242617571817&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=11%3A00AM&v6=11%3A00AM&c7=Friday&v7=Friday&c8=Weekday&v8=Weekday&c9=1242617571817%3Aonl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&c16=%2FBRKUSHFNG0193%2FM45K%2FCLS45.html&v31=n%2Fa&v33=1242617571817&v34=n%2Fa&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&pccr=true&vidn=2CF9848385315EC5-40000121C000854F&&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=http%3A%2F%2Fwww.pass-nepal.org.np%2FBRKUSHFNG0193%2FM45K%2FCLS45.html%23http%3A%2F%2Fwww.barclays.co.uk%2Fcs%2FSatellite%3Fc%3DInfo_C%26pagename%3DBarclaysOnline%2FBOPopUp%26cid%3D1242617571817&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&v0=1242617571817&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=11%3A00AM&v6=11%3A00AM&c7=Friday&v7=Friday&c8=Weekday&v8=Weekday&c9=1242617571817%3Aonl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&c16=%2FBRKUSHFNG0193%2FM45K%2FCLS45.html&v31=n%2Fa&v33=1242617571817&v34=n%2Fa&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request CLS45.html Show response
www.pass-nepal.org.np/BRKUSHFNG0193/M45K/ 22 KB
7 KB 182ms
92ms Document
text/html 67.231.244.58
Turnkey Internet ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Protocol: HTTP/1.1
Server: 67.231.244.58 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS: 67-231-244-58.static.as40244.net
Software: nginx /
Resource Hash: 8f3cfb5eed3d9184e26b61a30b6fe11e68b72323ef401ddaae1406f2ac8a5050

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.pass-nepal.org.np
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jun 2016 16:13:22 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: max-age=172800
Connection: keep-alive
Expires: Sun, 29 Oct 2017 10:23:03 GMT

GET
H/1.1 200
OK barclays-ftb-login.css
www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/ 148 KB
23 KB 93ms
93ms Stylesheet
text/css 67.231.244.58
Turnkey Internet ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
Requested by: Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Protocol: HTTP/1.1
Server: 67.231.244.58 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS: 67-231-244-58.static.as40244.net
Software: nginx /
Resource Hash: 690e9c9483602610ab7aeceaa409ee4006b693827af0222e3d70cff4b8f2ffe0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.pass-nepal.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Feb 2015 20:06:04 GMT
Server: nginx
ETag: W/"54ee2b2c-24f58"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000 public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Sun, 26 Nov 2017 10:23:03 GMT

GET
H/1.1 200
OK Cookie set jq.js Show response
bank.barclays.co.uk/js/jq/ 273 KB
82 KB 133ms
28ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/jq/jq.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

570p-02 /

Resource Hash

cd13acb0c15e1e82a8da9dc9f725c467c19447a35552e0e53bee429e6c364bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:17:08 GMT
Server: 570p-02
Etag: "14847-59f20a84"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=188033034.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 84039
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set iBarclays.js Show response
bank.barclays.co.uk/js/ib/ 3 KB
1 KB 192ms
87ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/iBarclays.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

56750037c9793c90b789f338dc5117da9fe0d38d220633bad034d2ae3682ebc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:23:48 GMT
Server: 571p-02
Etag: "50d-59f20c14"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 1293
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set iBarclays.Unlock.js Show response
bank.barclays.co.uk/js/ib/ 57 B
57 B 129ms
25ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/iBarclays.Unlock.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

569p-02 /

Resource Hash

8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:11:43 GMT
Server: 569p-02
Etag: "39-59f2093f"
Strict-Transport-Security: max-age=63113904
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=171255818.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Accept-ranges: bytes
Content-length: 57
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set mbox.js Show response
bank.barclays.co.uk/touchclarity/ 28 KB
8 KB 131ms
26ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/touchclarity/mbox.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

569p-02 /

Resource Hash

59a6bc47d6fbedcd40ad7ec0f2a45f4e24e4f4e69ba2f11926975fca7334e1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:11:43 GMT
Server: 569p-02
Etag: "2038-59f2093f"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=171255818.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 8248
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set barclays-logo.png
bank.barclays.co.uk/img/logos/ 4 KB
4 KB 50ms
49ms Image
image/png 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/logos/barclays-logo.png

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:23:49 GMT
Server: 571p-02
Etag: "ec0-59f20c15"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 3776
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set iBarclays.Views.Accordion.LoginLinkWithoutAssistCookie.js Show response
bank.barclays.co.uk/js/ib/Views/Accordion/ 666 B
343 B 26ms
25ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/Views/Accordion/iBarclays.Views.Accordion.LoginLinkWithoutAssistCookie.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

aeb4c6bbb4361d94725a1de7512d192bcdf49b7448ccb6ddc60918015adea0a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: rolb-live_AASlou=204810250.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:23:48 GMT
Server: 571p-02
Etag: "157-59f20c14"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 343
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set 1321077819486-FSCS_logo_228_56.jpg
bank.barclays.co.uk/OLB/A/Content/Images/ 10 KB
10 KB 93ms
27ms Image
image/jpeg 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/OLB/A/Content/Images/1321077819486-FSCS_logo_228_56.jpg

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Wed, 21 Jan 2015 23:33:20 GMT
Server: 571p-02
Etag: "2734-54c03740"
Strict-Transport-Security: max-age=63113904
Content-type: image/jpeg
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 10036
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set iBarclays.Controls.Forms.Snippets.js Show response
bank.barclays.co.uk/js/ib/Controls/Forms/ftb/ 270 B
178 B 25ms
25ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/Controls/Forms/ftb/iBarclays.Controls.Forms.Snippets.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

2c4bbb1ff78fcd5c8b997030bed88174cf63b0d9aaeb2911988e35b0136c53c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:23:48 GMT
Server: 571p-02
Etag: "b2-59f20c14"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 178
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set LoginTimeoutKeepAlive.js Show response
bank.barclays.co.uk/js/ 555 B
240 B 28ms
27ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/LoginTimeoutKeepAlive.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

205d60ad39b9dc1a39ff98e8834b78c233e03cecce7cd3b0205488d9b4972321

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:23:48 GMT
Server: 571p-02
Etag: "f0-59f20c14"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 240
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set premier_league_masthead.jpg
bank.barclays.co.uk/img/logos/ 4 KB
4 KB 161ms
88ms Image
image/jpeg 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/logos/premier_league_masthead.jpg

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:23:49 GMT
Server: 571p-02
Etag: "1105-59f20c15"
Strict-Transport-Security: max-age=63113904
Content-type: image/jpeg
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 4357
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set iBarclays.WebAnalytics.js Show response
bank.barclays.co.uk/js/ib/ 22 KB
6 KB 50ms
50ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/iBarclays.WebAnalytics.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

36e4565e767c4307245f59bef61cc3c8aebb33262e04bd2a2c4f876387d4ddd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:23:48 GMT
Server: 571p-02
Etag: "182b-59f20c14"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 6187
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set s_codecookies.js Show response
bank.barclays.co.uk/js/sitecatalyst/ 51 KB
20 KB 27ms
27ms Script
application/x-javascript 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/sitecatalyst/s_codecookies.js

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

4443260f173a9227f2afb899b9e4337b364bcf78df56c322d6c19e4a6edf01d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Content-encoding: gzip
Last-modified: Thu, 26 Oct 2017 16:23:48 GMT
Server: 571p-02
Etag: "4e4c-59f20c14"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 20044
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set barclays-logo.gif
bank.barclays.co.uk/ftb/img/logos/ 4 KB
4 KB 50ms
48ms Image
image/gif 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/ftb/img/logos/barclays-logo.gif

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:23:46 GMT
Server: 571p-02
Etag: "ef7-59f20c12"
Strict-Transport-Security: max-age=63113904
Content-type: image/gif
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 3831
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set login-panel-header-active-arrow.gif
bank.barclays.co.uk/ftb/img/ftb/ 129 B
129 B 58ms
25ms Image
image/gif 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/ftb/img/ftb/login-panel-header-active-arrow.gif

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:23:46 GMT
Server: 571p-02
Etag: "81-59f20c12"
Strict-Transport-Security: max-age=63113904
Content-type: image/gif
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 129
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set select-arrow.gif
bank.barclays.co.uk/ftb/img/ftb/ 70 B
70 B 58ms
25ms Image
image/gif 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/ftb/img/ftb/select-arrow.gif

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

702bcc167b5fafbb7e18e9b1b8cae637c64747f7a00c9a309698c63a63dc1e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:23:46 GMT
Server: 571p-02
Etag: "46-59f20c12"
Strict-Transport-Security: max-age=63113904
Content-type: image/gif
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 70
X-UA-Compatible: chrome=IE6

GET expertsans-regular-webfont.woff
bank.barclays.co.uk/ftb/fonts/ 0
0

GET
H/1.1 200
OK Cookie set side-bar-arrow.png
bank.barclays.co.uk/ftb/img/ftb/ 224 B
224 B 41ms
25ms Image
image/png 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/ftb/img/ftb/side-bar-arrow.png

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:23:46 GMT
Server: 571p-02
Etag: "e0-59f20c12"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 224
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set login-panel-header-disabled-arrow.gif
bank.barclays.co.uk/ftb/img/ftb/ 183 B
183 B 42ms
27ms Image
image/gif 157.83.124.232
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/ftb/img/ftb/login-panel-header-disabled-arrow.gif

Requested by

Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.124.232 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

571p-02 /

Resource Hash

de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bank.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AASlou=204810250.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/barclays-ftb-login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
Last-modified: Thu, 26 Oct 2017 16:23:46 GMT
Server: 571p-02
Etag: "b7-59f20c12"
Strict-Transport-Security: max-age=63113904
Content-type: image/gif
Set-Cookie: rolb-live_AASlou=204810250.19032.0000; expires=Fri, 27-Oct-2017 11:23:03 GMT; path=/
Accept-ranges: bytes
Content-length: 183
X-UA-Compatible: chrome=IE6

GET
H/1.1

200
OK

Cookie set s12956639016344
metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/
Redirect Chain

http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLogin...
http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&pccr=true&vidn=2CF9848385315EC5-40000121C000854F&&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageNam...

43 B
43 B

23ms
23ms

Image
image/gif

66.235.148.136
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&pccr=true&vidn=2CF9848385315EC5-40000121C000854F&&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=http%3A%2F%2Fwww.pass-nepal.org.np%2FBRKUSHFNG0193%2FM45K%2FCLS45.html%23http%3A%2F%2Fwww.barclays.co.uk%2Fcs%2FSatellite%3Fc%3DInfo_C%26pagename%3DBarclaysOnline%2FBOPopUp%26cid%3D1242617571817&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&v0=1242617571817&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=11%3A00AM&v6=11%3A00AM&c7=Friday&v7=Friday&c8=Weekday&v8=Weekday&c9=1242617571817%3Aonl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&c16=%2FBRKUSHFNG0193%2FM45K%2FCLS45.html&v31=n%2Fa&v33=1242617571817&v34=n%2Fa&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by: Host: www.pass-nepal.org.np
URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Protocol: HTTP/1.1
Server: 66.235.148.136 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS: *.d3.sc.omtrdc.net
Software: Omniture DC/2.0.0 /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: metrics.barclays.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Cookie: s_vi=[CS]v1|2CF9848385315EC5-40000121C000854F[CE]
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
X-C: ms-5.6.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 28 Oct 2017 10:23:03 GMT
Server: Omniture DC/2.0.0
xserver: www248
ETag: "59F30907-4DE1-38CE044F"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Set-Cookie: s_vi=[CS]v1|2CF9848385315EC5-40000121C000854F[CE]; Expires=Sun, 27 Oct 2019 10:23:03 GMT; Domain=barclays.co.uk; Path=/
Keep-Alive: timeout=15
Expires: Thu, 26 Oct 2017 10:23:03 GMT

Redirect headers

Date: Fri, 27 Oct 2017 10:23:03 GMT
X-C: ms-5.6.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 0
Pragma: no-cache
Last-Modified: Sat, 28 Oct 2017 10:23:03 GMT
Server: Omniture DC/2.0.0
xserver: www214
Location: http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&pccr=true&vidn=2CF9848385315EC5-40000121C000854F&&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=http%3A%2F%2Fwww.pass-nepal.org.np%2FBRKUSHFNG0193%2FM45K%2FCLS45.html%23http%3A%2F%2Fwww.barclays.co.uk%2Fcs%2FSatellite%3Fc%3DInfo_C%26pagename%3DBarclaysOnline%2FBOPopUp%26cid%3D1242617571817&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&v0=1242617571817&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=11%3A00AM&v6=11%3A00AM&c7=Friday&v7=Friday&c8=Weekday&v8=Weekday&c9=1242617571817%3Aonl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&c16=%2FBRKUSHFNG0193%2FM45K%2FCLS45.html&v31=n%2Fa&v33=1242617571817&v34=n%2Fa&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Set-Cookie: s_vi=[CS]v1|2CF9848385315EC5-40000121C000854F[CE]; Expires=Sun, 27 Oct 2019 10:23:03 GMT; Domain=barclays.co.uk; Path=/
Keep-Alive: timeout=15
Expires: Thu, 26 Oct 2017 10:23:03 GMT

GET
H/1.1 200 ajax Show response
barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ 730 B
730 B 60ms
46ms Script
text/javascript 66.117.29.4
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ajax?mboxHost=www.pass-nepal.org.np&mboxSession=1509099783366-17743&mboxPage=1509099783473-95592&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&colorDepth=24&mboxCount=1&mbox=trk_mbox&mboxId=0&mboxTime=1509099783463&mboxURL=http%3A%2F%2Fwww.pass-nepal.org.np%2FBRKUSHFNG0193%2FM45K%2FCLS45.html%23http%3A%2F%2Fwww.barclays.co.uk%2Fcs%2FSatellite%3Fc%3DInfo_C%26pagename%3DBarclaysOnline%2FBOPopUp%26cid%3D1242617571817&mboxReferrer=&mboxVersion=55
Requested by: Host: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/touchclarity/mbox.js
Protocol: HTTP/1.1
Server: 66.117.29.4 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: 6d03e8476fd331355c8a6677d86d8bf558e7fb4847145c497d51d3febc305714

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: barclaysbankplc.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: */*
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Oct 2017 10:23:03 GMT
Cache-Control: no-cache
Content-Length: 730
X-Application-Context: application:prod26:11180
Content-Type: text/javascript;charset=utf-8

GET expertsans-regular-webfont.ttf
bank.barclays.co.uk/ftb/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/ftb/fonts/expertsans-regular-webfont.woff

Domain: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/ftb/fonts/expertsans-regular-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pass-nepal.org.np/	1970-01-01 00:00:00	Name: s_ppv Value: -%2C100%2C100%2C1200
.pass-nepal.org.np/	1970-01-18 13:21:15	Name: mbox Value: check#true#1509099844\|session#1509099783366-17743#1509101644\|PC#1509099783366-17743.26_30#1516875784
.pass-nepal.org.np/	1970-01-01 00:00:00	Name: s_sq Value: %5B%5BB%5D%5D
.pass-nepal.org.np/	1970-01-01 00:00:00	Name: c_m Value: 1242617571817undefinedUnknown%20Paid%20Channelundefined
.pass-nepal.org.np/	1970-01-18 11:11:41	Name: s_visit Value: 1
.pass-nepal.org.np/	1970-01-20 07:01:06	Name: s_ev31 Value: %5B%5B%27n%2Fa%27%2C%271509099783455%27%5D%5D
.pass-nepal.org.np/	1970-01-18 11:54:51	Name: s_nr Value: 1509099783455-New
.pass-nepal.org.np/	1970-01-18 11:11:41	Name: prevPage Value: onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays
.pass-nepal.org.np/	1970-01-20 07:01:06	Name: s_ev33 Value: %5B%5B%271242617571817%27%2C%271509099783455%27%5D%5D
.pass-nepal.org.np/	1970-01-01 00:00:00	Name: campPath Value: 1242617571817
.pass-nepal.org.np/	1970-01-01 00:00:00	Name: ttc_evar3 Value: 1509099783456
.pass-nepal.org.np/	1970-01-01 00:00:00	Name: s_cid Value: 1242617571817
.pass-nepal.org.np/	1970-01-01 00:00:00	Name: s_cc Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
barclaysbankplc.tt.omtrdc.net
metrics.barclays.co.uk
www.pass-nepal.org.np
bank.barclays.co.uk
157.83.124.232
66.117.29.4
66.235.148.136
67.231.244.58
205d60ad39b9dc1a39ff98e8834b78c233e03cecce7cd3b0205488d9b4972321
2c4bbb1ff78fcd5c8b997030bed88174cf63b0d9aaeb2911988e35b0136c53c4
36e4565e767c4307245f59bef61cc3c8aebb33262e04bd2a2c4f876387d4ddd6
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3
4443260f173a9227f2afb899b9e4337b364bcf78df56c322d6c19e4a6edf01d6
56750037c9793c90b789f338dc5117da9fe0d38d220633bad034d2ae3682ebc7
56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710
59a6bc47d6fbedcd40ad7ec0f2a45f4e24e4f4e69ba2f11926975fca7334e1db
5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff
690e9c9483602610ab7aeceaa409ee4006b693827af0222e3d70cff4b8f2ffe0
6d03e8476fd331355c8a6677d86d8bf558e7fb4847145c497d51d3febc305714
702bcc167b5fafbb7e18e9b1b8cae637c64747f7a00c9a309698c63a63dc1e62
71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
8f3cfb5eed3d9184e26b61a30b6fe11e68b72323ef401ddaae1406f2ac8a5050
8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aeb4c6bbb4361d94725a1de7512d192bcdf49b7448ccb6ddc60918015adea0a5
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
cd13acb0c15e1e82a8da9dc9f725c467c19447a35552e0e53bee429e6c364bea
de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309

www.pass-nepal.org.np Open in urlscan Pro 67.231.244.58 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

23 Requests

74 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

170 kBTransfer

572 kBSize

13 Cookies

5 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

13 Cookies

Indicators

www.pass-nepal.org.np Open in urlscan Pro
67.231.244.58 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

74 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

170 kB
Transfer

572 kB
Size

13
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!