www.sampon-vopsea-balsam.ro Open in urlscan Pro
208.86.152.60 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Submission: On April 30 via automatic, source openphish (April 30th 2017, 9:22:58 pm UTC)

Summary HTTP 34 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 34 HTTP transactions. The main IP is 208.86.152.60, located in Lansing, United States and belongs to WIREDTREE - Cogswell Enterprises Inc., US. The main domain is www.sampon-vopsea-balsam.ro.

This is the only time www.sampon-vopsea-balsam.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address	AS Autonomous System
11	208.86.152.60 208.86.152.60	19066 (WIREDTREE) (WIREDTREE - Cogswell Enterprises Inc.)
22	157.83.96.200 157.83.96.200	44022 (BARCLAYS-...) (BARCLAYS-RETAIL)
1	66.117.29.6 66.117.29.6	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
34	3

11 208.86.152.60 (Lansing, United States)

ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US)
PTR: host2.nefasoft.ro

www.sampon-vopsea-balsam.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 157.83.96.200 (London, United Kingdom)

ASN44022 (BARCLAYS-RETAIL, GB)

bank.barclays.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.6 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

barclaysbankplc.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	barclays.co.uk bank.barclays.co.uk	274 KB
11	sampon-vopsea-balsam.ro www.sampon-vopsea-balsam.ro	13 KB
1	omtrdc.net barclaysbankplc.tt.omtrdc.net	730 B
34	3

	Domain	Requested by
22	bank.barclays.co.uk	www.sampon-vopsea-balsam.ro
11	www.sampon-vopsea-balsam.ro	www.sampon-vopsea-balsam.ro
1	barclaysbankplc.tt.omtrdc.net	bank.barclays.co.uk
34	3

This site contains links to these domains. Also see Links.

Domain
www.lendingstandardsboard.org.uk
www.premierleague.com

Subject Issuer	Validity	Valid
bank.barclays.co.uk Symantec Class 3 EV SSL CA - G3	`2015-06-30` - `2017-07-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Frame ID: 13916.1
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

34
Requests

65 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

288 kB
Transfer

1201 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.lendingstandardsboard.org.uk/
Title: www.lendingstandardsboard.org.uk

Search URL Search Domain Scan URL

URL: http://www.premierleague.com/
Title: Proud sponsors of the Barclays Premier League

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request verify-details.html Show response
www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/ 15 KB
5 KB 477ms
118ms Document
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash: 50cf763b2764db0e0be3f9a09beb2ad0068598b465324a4d4839b23761fd8ef5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Apr 2017 11:42:34 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5090
Expires: Mon, 30 Apr 2018 21:22:47 GMT

GET
H/1.1 200
OK Cookie set barclays1.css
bank.barclays.co.uk/css/ 241 KB
48 KB 450ms
55ms Stylesheet
text/css 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/css/barclays1.css

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

d51eda7cab7b24420ada9ff1294196811ae723fd9c732f5d74cb969653b06ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:47 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:13:28 GMT
Server: 560p-02
Etag: "bfa1-5900b918"
Vary: accept-encoding
Content-type: text/css
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:47 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 49057
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set barclays2.css
bank.barclays.co.uk/css/ 226 KB
34 KB 450ms
55ms Stylesheet
text/css 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/css/barclays2.css

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

561p-02 /

Resource Hash

8a9044b36c5a23702efda0613ef08b2b3f609f41e3f9c31cc7271bd2866ff27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:47 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:21:21 GMT
Server: 561p-02
Etag: "89b4-5900baf1"
Vary: accept-encoding
Content-type: text/css
Set-Cookie: rolb-live_AAGlou=188024842.19032.0000; expires=Sun, 30-Apr-2017 22:22:47 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 35252
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set features-store.css
bank.barclays.co.uk/css/ 86 KB
15 KB 448ms
53ms Stylesheet
text/css 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/css/features-store.css

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

9c5614f18582d4f3dcb7a503cda6b03b01c4a751ef4fd2b165a422937857f37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:47 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:13:28 GMT
Server: 560p-02
Etag: "3a76-5900b918"
Vary: accept-encoding
Content-type: text/css
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:47 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 14966
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set jq.js Show response
bank.barclays.co.uk/js/jq/ 273 KB
82 KB 449ms
54ms Script
application/x-javascript 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/jq/jq.js

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

561p-02 /

Resource Hash

cd13acb0c15e1e82a8da9dc9f725c467c19447a35552e0e53bee429e6c364bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:47 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:21:21 GMT
Server: 561p-02
Etag: "14847-5900baf1"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AAGlou=188024842.19032.0000; expires=Sun, 30-Apr-2017 22:22:47 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 84039
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set iBarclays.js Show response
bank.barclays.co.uk/js/ib/ 2 KB
1 KB 455ms
60ms Script
application/x-javascript 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/iBarclays.js

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

561p-02 /

Resource Hash

b04894ad9c4577fd5547afc7a87c60496612bd12d97eda8f9aaaecf0d136e93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:47 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:21:21 GMT
Server: 561p-02
Etag: "413-5900baf1"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AAGlou=188024842.19032.0000; expires=Sun, 30-Apr-2017 22:22:47 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 1043
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set ib-pre-a1f.js Show response
bank.barclays.co.uk/js/ib/ 192 KB
41 KB 456ms
62ms Script
application/x-javascript 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/ib-pre-a1f.js

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

562p-02 /

Resource Hash

aa9a3c86ed23f71577ce56ea9489f869570fe3eed053deb88d9a329ce1a68141

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:47 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:33:52 GMT
Server: 562p-02
Etag: "a372-5900bde0"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AAGlou=204802058.19032.0000; expires=Sun, 30-Apr-2017 22:22:47 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 41842
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set iBarclays.Unlock.js Show response
bank.barclays.co.uk/js/ib/ 57 B
75 B 486ms
31ms Script
application/x-javascript 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/js/ib/iBarclays.Unlock.js

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:13:31 GMT
Server: 560p-02
Etag: "4b-5900b91b"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 75
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set mbox.js Show response
bank.barclays.co.uk/touchclarity/ 28 KB
8 KB 504ms
28ms Script
application/x-javascript 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/touchclarity/mbox.js

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

59a6bc47d6fbedcd40ad7ec0f2a45f4e24e4f4e69ba2f11926975fca7334e1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:13:29 GMT
Server: 560p-02
Etag: "2038-5900b919"
Vary: accept-encoding
Content-type: application/x-javascript
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/ wagChosenCipher=12:TLSv1.2:AES128-SHA:128; path=/; secure
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 8248
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set barclays-logo.png
bank.barclays.co.uk/img/logos/ 4 KB
4 KB 54ms
53ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/logos/barclays-logo.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:34 GMT
Server: 560p-02
Etag: "ec0-5900b91e"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 3776
X-UA-Compatible: chrome=IE6

GET
H/1.1 404
Not Found GenericPage.js
www.sampon-vopsea-balsam.ro/js/pages/ 0
0 118ms
118ms Script
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sampon-vopsea-balsam.ro/js/pages/GenericPage.js
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Server: LiteSpeed
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1148

GET
H/1.1 404
Not Found RegistrationPersonalDetails.js
www.sampon-vopsea-balsam.ro/js/pages/ 0
0 127ms
125ms Script
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sampon-vopsea-balsam.ro/js/pages/RegistrationPersonalDetails.js
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Server: LiteSpeed
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1148

GET
H/1.1 404
Not Found Cookie set premier_league_masthead.jpg
www.sampon-vopsea-balsam.ro/img/logos/ 12 KB
0 329ms
209ms Image
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sampon-vopsea-balsam.ro/img/logos/premier_league_masthead.jpg
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash: 2957e908f6783effe059c363d1431b3dd28aedb7834e616ef2e80bd6f78e1dd8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-Encoding: gzip
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: frontend=al64u3lf6ifktk2q65t0i8nes5; expires=Sun, 30-Apr-2017 22:22:48 GMT; Max-Age=3600; path=/; domain=www.sampon-vopsea-balsam.ro; HttpOnly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found iBarclays.WebAnalytics.js
www.sampon-vopsea-balsam.ro/js/ib/ 0
0 163ms
118ms Script
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sampon-vopsea-balsam.ro/js/ib/iBarclays.WebAnalytics.js
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Server: LiteSpeed
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1148

GET
H/1.1 404
Not Found s_codecookies.js
www.sampon-vopsea-balsam.ro/js/sitecatalyst/ 0
0 238ms
118ms Script
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sampon-vopsea-balsam.ro/js/sitecatalyst/s_codecookies.js
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Server: LiteSpeed
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1148

GET
H/1.1 200
OK Cookie set print-browser.css
bank.barclays.co.uk/css/ 5 KB
2 KB 54ms
53ms Stylesheet
text/css 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.barclays.co.uk/css/print-browser.css

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

663057d96ebf667a2ee952d41838e2309d614043260caffb37409fc6149b387a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-encoding: gzip
Last-modified: Wed, 26 Apr 2017 15:13:28 GMT
Server: 560p-02
Etag: "6ae-5900b918"
Vary: accept-encoding
Content-type: text/css
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Strict-Transport-Security: max-age=63113904
Accept-ranges: bytes
Content-length: 1710
X-UA-Compatible: chrome=IE6

GET
H/1.1 404
Not Found Cookie set closed.gif
www.sampon-vopsea-balsam.ro/img/table/ 9 KB
0 349ms
223ms Image
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sampon-vopsea-balsam.ro/img/table/closed.gif
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash: 9412926b71866274bf77e5060455c80546840f83ecc14db2af00385d3651b898

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-Encoding: gzip
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: frontend=ols58pnotolnkia0mv12mc18f7; expires=Sun, 30-Apr-2017 22:22:48 GMT; Max-Age=3600; path=/; domain=www.sampon-vopsea-balsam.ro; HttpOnly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found Cookie set open.gif
www.sampon-vopsea-balsam.ro/img/table/ 12 KB
0 315ms
233ms Image
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sampon-vopsea-balsam.ro/img/table/open.gif
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash: 2957e908f6783effe059c363d1431b3dd28aedb7834e616ef2e80bd6f78e1dd8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-Encoding: gzip
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: frontend=cjir7sb6iah5d8o2cag46k88d6; expires=Sun, 30-Apr-2017 22:22:48 GMT; Max-Age=3600; path=/; domain=www.sampon-vopsea-balsam.ro; HttpOnly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found Cookie set closed-white.gif
www.sampon-vopsea-balsam.ro/img/table/ 12 KB
0 234ms
233ms Image
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sampon-vopsea-balsam.ro/img/table/closed-white.gif
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash: 2957e908f6783effe059c363d1431b3dd28aedb7834e616ef2e80bd6f78e1dd8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-Encoding: gzip
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: frontend=n6lt2s8l6tsv2cren2b1d2a880; expires=Sun, 30-Apr-2017 22:22:48 GMT; Max-Age=3600; path=/; domain=www.sampon-vopsea-balsam.ro; HttpOnly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found Cookie set open-white.gif
www.sampon-vopsea-balsam.ro/img/table/ 12 KB
0 209ms
209ms Image
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sampon-vopsea-balsam.ro/img/table/open-white.gif
Requested by: Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash: 2957e908f6783effe059c363d1431b3dd28aedb7834e616ef2e80bd6f78e1dd8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: mbox=check#true#1493587429|session#1493587368177-704783#1493589229
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-Encoding: gzip
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: frontend=cdtembnm96i2ches2ll82ahf11; expires=Sun, 30-Apr-2017 22:22:48 GMT; Max-Age=3600; path=/; domain=www.sampon-vopsea-balsam.ro; HttpOnly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK Cookie set eagle.jpg
bank.barclays.co.uk/img/backgrounds/ 13 KB
13 KB 29ms
28ms Image
image/jpeg 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/eagle.jpg

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

2cf9a13b0c760bc23d003af1a8dd924d5d90b4c350a97b0bbe59c32a24684955

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:35 GMT
Server: 560p-02
Etag: "3523-5900b91f"
Strict-Transport-Security: max-age=63113904
Content-type: image/jpeg
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 13603
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set body-background-top.png
bank.barclays.co.uk/img/backgrounds/ 166 B
166 B 31ms
31ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/body-background-top.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

840de33c29f831458689bd2f1f14496529edd7670521eb0115de29469e50857a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:35 GMT
Server: 560p-02
Etag: "a6-5900b91f"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 166
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set menu-bar-bg.png
bank.barclays.co.uk/img/backgrounds/ 267 B
267 B 27ms
27ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/menu-bar-bg.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

bcd3f5688ac19f672f74ee03db1a5cb7303b62dfba5b9c54e87d6d0370964db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:35 GMT
Server: 560p-02
Etag: "10b-5900b91f"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 267
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set login-icon.gif
bank.barclays.co.uk/img/login/ 831 B
831 B 70ms
27ms Image
image/gif 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/login/login-icon.gif

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

1329a745be28ac372a6ae7646ccabd81f63491b8cc8087c8cf264f079fd4d4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:34 GMT
Server: 560p-02
Etag: "33f-5900b91e"
Strict-Transport-Security: max-age=63113904
Content-type: image/gif
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 831
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set progress-bar.png
bank.barclays.co.uk/img/backgrounds/ 1 KB
1 KB 110ms
91ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/progress-bar.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

3611591f7a8d8193e8e3d1f1b1d0dd949fc60166dc79a7e2d41ed2252ac489c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/features-store.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/features-store.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:35 GMT
Server: 560p-02
Etag: "537-5900b91f"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 1335
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set blue-list-circle.jpg
bank.barclays.co.uk/img/icon/ 3 KB
3 KB 61ms
60ms Image
image/jpeg 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/icon/blue-list-circle.jpg

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

1df508390e226b91d4fb0bdb50043c5aa5c54c6fbadb709d523ff940fcf3647c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:34 GMT
Server: 560p-02
Etag: "df8-5900b91e"
Strict-Transport-Security: max-age=63113904
Content-type: image/jpeg
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 3576
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set text-input-bg.png
bank.barclays.co.uk/img/form/ 3 KB
3 KB 87ms
53ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/form/text-input-bg.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

66a4541bdd7d7614ce0eb006826168ac07172bba2afb3d21c2d00b90418ce3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays2.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:34 GMT
Server: 560p-02
Etag: "bcf-5900b91e"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 3023
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set buttons.png
bank.barclays.co.uk/img/buttons/ 11 KB
11 KB 54ms
31ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/buttons/buttons.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

fabaeb836936029320ea8d1ef0cfb033a67f81623a4577ba1fe42a6b7c278642

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays2.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:34 GMT
Server: 560p-02
Etag: "2dc1-5900b91e"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 11713
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set buttons-mid.png
bank.barclays.co.uk/img/buttons/ 476 B
476 B 60ms
27ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/buttons/buttons-mid.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

9378b8d6488dbcdf668e5caa8a617be6671659666c63aec1ef9c655c1d09b89f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays2.css
Cookie: rolb-live_AAGlou=171247626.19032.0000; wagChosenCipher=12:TLSv1.2:AES128-SHA:128
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:34 GMT
Server: 560p-02
Etag: "1dc-5900b91e"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 476
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set body-background-bottom.png
bank.barclays.co.uk/img/backgrounds/ 162 B
162 B 27ms
26ms Image
image/png 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/body-background-bottom.png

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

26a876aa5880f9067f76a4b59a0d8e488238b2fad03517c6cb690f9a8d044399

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AAGlou=171247626.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:35 GMT
Server: 560p-02
Etag: "a2-5900b91f"
Strict-Transport-Security: max-age=63113904
Content-type: image/png
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 162
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set body-background-outline.gif
bank.barclays.co.uk/img/backgrounds/ 2 KB
2 KB 93ms
92ms Image
image/gif 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/backgrounds/body-background-outline.gif

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

675b6641ffb8bc59d657e78fa1d2b2639d73f93da333442dab37490fe4dd1d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AAGlou=171247626.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:35 GMT
Server: 560p-02
Etag: "60c-5900b91f"
Strict-Transport-Security: max-age=63113904
Content-type: image/gif
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 1548
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK Cookie set premier_league_masthead.jpg
bank.barclays.co.uk/img/logos/ 4 KB
4 KB 101ms
100ms Image
image/jpeg 157.83.96.200
BARCLAYS-RETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.barclays.co.uk/img/logos/premier_league_masthead.jpg

Requested by

Host: www.sampon-vopsea-balsam.ro
URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

157.83.96.200 London, United Kingdom, ASN44022 (BARCLAYS-RETAIL, GB),

Reverse DNS

Software

560p-02 /

Resource Hash

af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bank.barclays.co.uk
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://bank.barclays.co.uk/css/barclays1.css
Cookie: wagChosenCipher=12:TLSv1.2:AES128-SHA:128; rolb-live_AAGlou=171247626.19032.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: https://bank.barclays.co.uk/css/barclays1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Sun, 30 Apr 2017 21:22:48 GMT
Last-modified: Wed, 26 Apr 2017 15:13:34 GMT
Server: 560p-02
Etag: "1105-5900b91e"
Strict-Transport-Security: max-age=63113904
Content-type: image/jpeg
Set-Cookie: rolb-live_AAGlou=171247626.19032.0000; expires=Sun, 30-Apr-2017 22:22:48 GMT; path=/
Accept-ranges: bytes
Content-length: 4357
X-UA-Compatible: chrome=IE6

GET
H/1.1 200
OK ajax Show response
barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ 730 B
730 B 125ms
76ms Script
text/javascript 66.117.29.6
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ajax?mboxHost=www.sampon-vopsea-balsam.ro&mboxSession=1493587368177-704783&mboxPage=1493587368426-144303&screenHeight=1200&screenWidth=1600&browserWidth=1598&browserHeight=1132&browserTimeOffset=0&colorDepth=24&mboxCount=1&mbox=trk_mbox&mboxId=0&mboxTime=1493587368420&mboxURL=http%3A%2F%2Fwww.sampon-vopsea-balsam.ro%2FBBLUH01936%2FM45K%2Fverify-details.html&mboxReferrer=&mboxVersion=55
Requested by: Host: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/touchclarity/mbox.js
Protocol: HTTP/1.1
Server: 66.117.29.6 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Test & Target /
Resource Hash: 19621f13637aebeac28089c72555d09bc2e87a6840ad664474394190c5d18e09

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: barclaysbankplc.tt.omtrdc.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Cache-Control: no-cache
Server: Test & Target
Content-Length: 730
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 404
Not Found Cookie set favicon.ico
www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/4!!/ 29 KB
8 KB 184ms
183ms Other
text/html 208.86.152.60
Cogswell Enterpri...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/4!!/favicon.ico
Protocol: HTTP/1.1
Server: 208.86.152.60 Lansing, United States, ASN19066 (WIREDTREE - Cogswell Enterprises Inc., US),
Reverse DNS: host2.nefasoft.ro
Software: LiteSpeed /
Resource Hash: 63a27769c5637eef4a6a34d684949c271c025426c8ba8c0515c0c9583dd875eb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.sampon-vopsea-balsam.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
Cookie: frontend=cdtembnm96i2ches2ll82ahf11; mbox=check#true#1493587429|session#1493587368177-704783#1493589229|PC#1493587368177-704783.26_5#1501363369
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sampon-vopsea-balsam.ro/BBLUH01936/M45K/verify-details.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2017 21:22:48 GMT
Content-Encoding: gzip
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: frontend=cdtembnm96i2ches2ll82ahf11; expires=Sun, 30-Apr-2017 22:22:48 GMT; Max-Age=3600; path=/; domain=www.sampon-vopsea-balsam.ro; httponly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sampon-vopsea-balsam.ro/	2017-07-29 21:22:49	Name: mbox Value: check#true#1493587429\|session#1493587368177-704783#1493589229\|PC#1493587368177-704783.26_5#1501363369
			.www.sampon-vopsea-balsam.ro/	2017-04-30 22:22:48	Name: frontend Value: cdtembnm96i2ches2ll82ahf11

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
barclaysbankplc.tt.omtrdc.net
www.sampon-vopsea-balsam.ro
157.83.96.200
208.86.152.60
66.117.29.6
1329a745be28ac372a6ae7646ccabd81f63491b8cc8087c8cf264f079fd4d4f2
19621f13637aebeac28089c72555d09bc2e87a6840ad664474394190c5d18e09
1df508390e226b91d4fb0bdb50043c5aa5c54c6fbadb709d523ff940fcf3647c
26a876aa5880f9067f76a4b59a0d8e488238b2fad03517c6cb690f9a8d044399
2957e908f6783effe059c363d1431b3dd28aedb7834e616ef2e80bd6f78e1dd8
2cf9a13b0c760bc23d003af1a8dd924d5d90b4c350a97b0bbe59c32a24684955
3611591f7a8d8193e8e3d1f1b1d0dd949fc60166dc79a7e2d41ed2252ac489c2
50cf763b2764db0e0be3f9a09beb2ad0068598b465324a4d4839b23761fd8ef5
59a6bc47d6fbedcd40ad7ec0f2a45f4e24e4f4e69ba2f11926975fca7334e1db
63a27769c5637eef4a6a34d684949c271c025426c8ba8c0515c0c9583dd875eb
663057d96ebf667a2ee952d41838e2309d614043260caffb37409fc6149b387a
66a4541bdd7d7614ce0eb006826168ac07172bba2afb3d21c2d00b90418ce3a8
675b6641ffb8bc59d657e78fa1d2b2639d73f93da333442dab37490fe4dd1d09
840de33c29f831458689bd2f1f14496529edd7670521eb0115de29469e50857a
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
8a9044b36c5a23702efda0613ef08b2b3f609f41e3f9c31cc7271bd2866ff27c
8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c
9378b8d6488dbcdf668e5caa8a617be6671659666c63aec1ef9c655c1d09b89f
9412926b71866274bf77e5060455c80546840f83ecc14db2af00385d3651b898
9c5614f18582d4f3dcb7a503cda6b03b01c4a751ef4fd2b165a422937857f37b
aa9a3c86ed23f71577ce56ea9489f869570fe3eed053deb88d9a329ce1a68141
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
b04894ad9c4577fd5547afc7a87c60496612bd12d97eda8f9aaaecf0d136e93a
bcd3f5688ac19f672f74ee03db1a5cb7303b62dfba5b9c54e87d6d0370964db3
cd13acb0c15e1e82a8da9dc9f725c467c19447a35552e0e53bee429e6c364bea
d51eda7cab7b24420ada9ff1294196811ae723fd9c732f5d74cb969653b06ae0
fabaeb836936029320ea8d1ef0cfb033a67f81623a4577ba1fe42a6b7c278642

www.sampon-vopsea-balsam.ro Open in urlscan Pro 208.86.152.60 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

34 Requests

65 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

288 kBTransfer

1201 kBSize

2 Cookies

2 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sampon-vopsea-balsam.ro Open in urlscan Pro
208.86.152.60 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

65 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

288 kB
Transfer

1201 kB
Size

2
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!