www.pass-nepal.org.np
Open in
urlscan Pro
67.231.244.58
Malicious Activity!
Public Scan
Effective URL: http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Submission: On October 27 via automatic, source openphish
Summary
This is the only time www.pass-nepal.org.np was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Barclays (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 67.231.244.58 67.231.244.58 | 40244 (TURNKEY-I...) (TURNKEY-INTERNET - Turnkey Internet Inc.) | |
17 | 157.83.124.232 157.83.124.232 | 44022 (BARCLAYS-...) (BARCLAYS-RETAIL) | |
1 2 | 66.235.148.136 66.235.148.136 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 66.117.29.4 66.117.29.4 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
23 | 5 |
ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US)
PTR: 67-231-244-58.static.as40244.net
www.pass-nepal.org.np |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d3.sc.omtrdc.net
metrics.barclays.co.uk |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
barclaysbankplc.tt.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
barclays.co.uk
1 redirects
bank.barclays.co.uk metrics.barclays.co.uk |
141 KB |
2 |
pass-nepal.org.np
www.pass-nepal.org.np |
29 KB |
1 |
omtrdc.net
barclaysbankplc.tt.omtrdc.net |
730 B |
23 | 3 |
Domain | Requested by | |
---|---|---|
17 | bank.barclays.co.uk |
www.pass-nepal.org.np
|
2 | metrics.barclays.co.uk |
1 redirects
www.pass-nepal.org.np
|
2 | www.pass-nepal.org.np |
www.pass-nepal.org.np
|
1 | barclaysbankplc.tt.omtrdc.net |
bank.barclays.co.uk
|
23 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.barclays.co.uk |
www.lendingstandardsboard.org.uk |
www.premierleague.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bank.barclays.co.uk Symantec Class 3 EV SSL CA - G3 |
2017-07-27 - 2017-12-31 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.pass-nepal.org.np/BRKUSHFNG0193/M45K/CLS45.html
Frame ID: 25662.1
Requests: 23 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: Contact us
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: www.lendingstandardsboard.org.uk
Search URL Search Domain Scan URL
Title: Proud sponsors of the Barclays Premier League
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=http%3A%2F%2Fwww.pass-nepal.org.np%2FBRKUSHFNG0193%2FM45K%2FCLS45.html%23http%3A%2F%2Fwww.barclays.co.uk%2Fcs%2FSatellite%3Fc%3DInfo_C%26pagename%3DBarclaysOnline%2FBOPopUp%26cid%3D1242617571817&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&v0=1242617571817&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=11%3A00AM&v6=11%3A00AM&c7=Friday&v7=Friday&c8=Weekday&v8=Weekday&c9=1242617571817%3Aonl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&c16=%2FBRKUSHFNG0193%2FM45K%2FCLS45.html&v31=n%2Fa&v33=1242617571817&v34=n%2Fa&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- http://metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s12956639016344?AQB=1&pccr=true&vidn=2CF9848385315EC5-40000121C000854F&&ndh=1&t=27%2F9%2F2017%2010%3A23%3A3%205%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=http%3A%2F%2Fwww.pass-nepal.org.np%2FBRKUSHFNG0193%2FM45K%2FCLS45.html%23http%3A%2F%2Fwww.barclays.co.uk%2Fcs%2FSatellite%3Fc%3DInfo_C%26pagename%3DBarclaysOnline%2FBOPopUp%26cid%3D1242617571817&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&v0=1242617571817&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=11%3A00AM&v6=11%3A00AM&c7=Friday&v7=Friday&c8=Weekday&v8=Weekday&c9=1242617571817%3Aonl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&c16=%2FBRKUSHFNG0193%2FM45K%2FCLS45.html&v31=n%2Fa&v33=1242617571817&v34=n%2Fa&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
CLS45.html
www.pass-nepal.org.np/BRKUSHFNG0193/M45K/ |
22 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
barclays-ftb-login.css
www.pass-nepal.org.np/BRKUSHFNG0193/M45K/files/ |
148 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
jq.js
bank.barclays.co.uk/js/jq/ |
273 KB 82 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.js
bank.barclays.co.uk/js/ib/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.Unlock.js
bank.barclays.co.uk/js/ib/ |
57 B 57 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
mbox.js
bank.barclays.co.uk/touchclarity/ |
28 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
barclays-logo.png
bank.barclays.co.uk/img/logos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.Views.Accordion.LoginLinkWithoutAssistCookie.js
bank.barclays.co.uk/js/ib/Views/Accordion/ |
666 B 343 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
1321077819486-FSCS_logo_228_56.jpg
bank.barclays.co.uk/OLB/A/Content/Images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.Controls.Forms.Snippets.js
bank.barclays.co.uk/js/ib/Controls/Forms/ftb/ |
270 B 178 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
LoginTimeoutKeepAlive.js
bank.barclays.co.uk/js/ |
555 B 240 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
premier_league_masthead.jpg
bank.barclays.co.uk/img/logos/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.WebAnalytics.js
bank.barclays.co.uk/js/ib/ |
22 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
s_codecookies.js
bank.barclays.co.uk/js/sitecatalyst/ |
51 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
barclays-logo.gif
bank.barclays.co.uk/ftb/img/logos/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
login-panel-header-active-arrow.gif
bank.barclays.co.uk/ftb/img/ftb/ |
129 B 129 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
select-arrow.gif
bank.barclays.co.uk/ftb/img/ftb/ |
70 B 70 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-regular-webfont.woff
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
side-bar-arrow.png
bank.barclays.co.uk/ftb/img/ftb/ |
224 B 224 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
login-panel-header-disabled-arrow.gif
bank.barclays.co.uk/ftb/img/ftb/ |
183 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
s12956639016344
metrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax
barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ |
730 B 730 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-regular-webfont.ttf
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-regular-webfont.woff
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-regular-webfont.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Barclays (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.pass-nepal.org.np/ | Name: s_ppv Value: -%2C100%2C100%2C1200 |
|
.pass-nepal.org.np/ | Name: mbox Value: check#true#1509099844|session#1509099783366-17743#1509101644|PC#1509099783366-17743.26_30#1516875784 |
|
.pass-nepal.org.np/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
.pass-nepal.org.np/ | Name: c_m Value: 1242617571817undefinedUnknown%20Paid%20Channelundefined |
|
.pass-nepal.org.np/ | Name: s_visit Value: 1 |
|
.pass-nepal.org.np/ | Name: s_ev31 Value: %5B%5B%27n%2Fa%27%2C%271509099783455%27%5D%5D |
|
.pass-nepal.org.np/ | Name: s_nr Value: 1509099783455-New |
|
.pass-nepal.org.np/ | Name: prevPage Value: onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays |
|
.pass-nepal.org.np/ | Name: s_ev33 Value: %5B%5B%271242617571817%27%2C%271509099783455%27%5D%5D |
|
.pass-nepal.org.np/ | Name: campPath Value: 1242617571817 |
|
.pass-nepal.org.np/ | Name: ttc_evar3 Value: 1509099783456 |
|
.pass-nepal.org.np/ | Name: s_cid Value: 1242617571817 |
|
.pass-nepal.org.np/ | Name: s_cc Value: true |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bank.barclays.co.uk
barclaysbankplc.tt.omtrdc.net
metrics.barclays.co.uk
www.pass-nepal.org.np
bank.barclays.co.uk
157.83.124.232
66.117.29.4
66.235.148.136
67.231.244.58
205d60ad39b9dc1a39ff98e8834b78c233e03cecce7cd3b0205488d9b4972321
2c4bbb1ff78fcd5c8b997030bed88174cf63b0d9aaeb2911988e35b0136c53c4
36e4565e767c4307245f59bef61cc3c8aebb33262e04bd2a2c4f876387d4ddd6
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3
4443260f173a9227f2afb899b9e4337b364bcf78df56c322d6c19e4a6edf01d6
56750037c9793c90b789f338dc5117da9fe0d38d220633bad034d2ae3682ebc7
56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710
59a6bc47d6fbedcd40ad7ec0f2a45f4e24e4f4e69ba2f11926975fca7334e1db
5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff
690e9c9483602610ab7aeceaa409ee4006b693827af0222e3d70cff4b8f2ffe0
6d03e8476fd331355c8a6677d86d8bf558e7fb4847145c497d51d3febc305714
702bcc167b5fafbb7e18e9b1b8cae637c64747f7a00c9a309698c63a63dc1e62
71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
8f3cfb5eed3d9184e26b61a30b6fe11e68b72323ef401ddaae1406f2ac8a5050
8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aeb4c6bbb4361d94725a1de7512d192bcdf49b7448ccb6ddc60918015adea0a5
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
cd13acb0c15e1e82a8da9dc9f725c467c19447a35552e0e53bee429e6c364bea
de1660f0952bc3a9a3cba3c5bd504f8c779578c9bc5eea310e009f270df73309