barclays-london.com
Open in
urlscan Pro
45.136.57.5
Malicious Activity!
Public Scan
Submission: On March 14 via manual from IN — Scanned from DE
Summary
This is the only time barclays-london.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lloyds (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 45.136.57.5 45.136.57.5 | 208450 (MEGAHOST_) (MEGAHOST_) | |
2 2 | 2600:9000:235... 2600:9000:235a:9200:7:2bfb:7c00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2600:9000:235... 2600:9000:235a:6800:7:2bfb:7c00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.248.239.92 34.248.239.92 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 63.140.62.222 63.140.62.222 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 178.249.97.23 178.249.97.23 | 11054 (LIVEPERSON) (LIVEPERSON) | |
1 | 63.140.62.17 63.140.62.17 | 15224 (OMNITURE) (OMNITURE) | |
27 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-239-92.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net
lloydsbankinggroup.d3.sc.omtrdc.net |
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net
lloydsbankinggroup.d3.sc.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
barclays-london.com
barclays-london.com |
2 MB |
7 |
tiqcdn.com
2 redirects
tags.tiqcdn.com — Cisco Umbrella Rank: 1234 |
249 KB |
2 |
omtrdc.net
lloydsbankinggroup.d3.sc.omtrdc.net — Cisco Umbrella Rank: 32015 |
868 B |
1 |
liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3902 |
|
1 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 246 |
826 B |
27 | 5 |
Domain | Requested by | |
---|---|---|
18 | barclays-london.com |
barclays-london.com
|
7 | tags.tiqcdn.com |
2 redirects
barclays-london.com
tags.tiqcdn.com |
2 | lloydsbankinggroup.d3.sc.omtrdc.net |
barclays-london.com
|
1 | lptag.liveperson.net |
barclays-london.com
|
1 | dpm.demdex.net |
barclays-london.com
|
27 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
contact.lloydsbank.com |
www.mycarfinance.lloydsbank.com |
www.lloydsbank-careers.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
tags.tiqcdn.com Amazon RSA 2048 M01 |
2023-04-18 - 2024-05-17 |
a year | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
*.d3.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-07 - 2025-03-09 |
a year | crt.sh |
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2023-11-28 - 2024-11-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://barclays-london.com/help-guidance/managing-your-money/guidance-for-students.html
Frame ID: 3A3D50782EF7B06CB0F9C903B063B123
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Lloyds Bank - Financial Planning - Help & Guidance for StudentsDetected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*parbase
- /etc/designs/
- /etc\.clientlibs/
AppDynamics (Analytics) Expand
Detected patterns
- adrum
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Book a branch appointment
Search URL Search Domain Scan URL
Title: Log on to your Car Finance account
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- http://tags.tiqcdn.com/utag/lbg/code/prod/utag.2.js?cb=2024031410 HTTP 301
- https://tags.tiqcdn.com/utag/lbg/code/prod/utag.2.js?cb=2024031410
- http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lbg/main/202403071421&cb=1710412530804 HTTP 301
- https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lbg/main/202403071421&cb=1710412530804
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
guidance-for-students.html
barclays-london.com/help-guidance/managing-your-money/ |
323 KB 323 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlibs.min.c6bcb70d615db55f259e08c331cdf9ff.css
barclays-london.com/etc/designs/white-label/ |
417 KB 417 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlibs.min.a7e84ed7b8b01042c001b53932f7744c.css
barclays-london.com/etc/designs/lloyds/ |
275 KB 275 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-4.4.3.717.js
barclays-london.com/content/dam/lloyds/js/appdynamics/ |
63 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.1494c0abbe501301e2ab9daecc6082a8.js
barclays-london.com/etc.clientlibs/clientlibs/granite/ |
98 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils.min.4a192b590a2c2926fb000264370c0588.js
barclays-london.com/etc.clientlibs/clientlibs/granite/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
granite.min.543d214c88dfa6f4a3233b630c82d875.js
barclays-london.com/etc.clientlibs/clientlibs/granite/jquery/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.sync.js
barclays-london.com/utag/lbg/code/prod/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlibs.min.35b5b25df111861416ad62b4983b282b.js
barclays-london.com/etc/designs/white-label/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
token.json
barclays-london.com/libs/granite/csrf/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.2.js
tags.tiqcdn.com/utag/lbg/code/prod/ Redirect Chain
|
407 B 850 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chevron-down.svg
barclays-london.com/etc/designs/lloyds/clientlibs/icons/sprite-icons/ |
132 B 377 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
play.svg
barclays-london.com/etc/designs/lloyds/clientlibs/icons/ |
136 B 381 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chevron-right.svg
barclays-london.com/etc/designs/lloyds/clientlibs/icons/sprite-icons/ |
123 B 368 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lloyds_bank_jack-mediumWEB.woff
barclays-london.com/etc/designs/lloyds/clientlibs/fonts/LloydsBankJackMedium/ |
29 KB 29 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lloyds_bank_jack-lightWEB.woff
barclays-london.com/etc/designs/lloyds/clientlibs/fonts/LloydsBankJackLight/ |
69 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lloyds_bank_jack-boldWEB.woff
barclays-london.com/etc/designs/lloyds/clientlibs/fonts/LloydsBankJackBold/ |
30 KB 30 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lloyds_bank_jack-regularWEB.woff
barclays-london.com/etc/designs/lloyds/clientlibs/fonts/LloydsBankJackRegular/ |
63 KB 63 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/lbg/main/prod/ |
370 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
227 B 826 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
barclays-london_com.js
tags.tiqcdn.com/dle/lbg/main/ |
3 B 414 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
lloydsbankinggroup.d3.sc.omtrdc.net/ |
2 B 269 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/lbg/main/prod/ |
650 KB 139 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
barclays-london.com/content/dam/lloyds/js/appdynamics/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ Redirect Chain
|
2 B 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
s14831020482355
lloydsbankinggroup.d3.sc.omtrdc.net/b/ss/lloydsbankinggroupprod/1/JS-2.22.4/ |
43 B 599 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lloyds (Banking)127 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| targetPageParams number| adrum-start-time object| adrum-config object| ADRUM function| $ function| jQuery object| matched object| browser object| Granite object| _g object| lbgpagedata object| utag_data function| $CQ object| ce function| a2cldrHasClass function| a2cldrOnButtonsClicked undefined| Add2Calendar function| svg4everybody object| picturefillCFG function| picturefill object| responsiveTables object| c-404-add-to-calendar object| c-403-timeline object| c-402-progressive-disclosure object| c-401-calculator object| c-300-article-listing object| c-268-cookie-box object| c-266-back-to-top object| c-258-local-hosted-video object| c-257-document-download-list object| c-256-youtube object| c-251-link-list function| getScrollBarWidth object| c-150-overdraft-calculator object| c-143-filter object| c-142-product object| c-139-insurance-calculator function| iFrameResize object| c-131-iframe object| c-128-social-media-responsive object| c-122-masthead object| c-119-search-results object| c-117-form-elements object| c-115-accordion object| c-114-anchor-list object| c-114-anchor-details object| c-113-table object| c-110-promo-box object| c-108-nav-list object| c-108-mega-nav object| c-107-progressive-nav object| c-107-breadcrumb-nav object| c-106-hero-hub-page object| c-106-hero-home-page object| c-106-hero object| c-103-rich-text object| jQuery1124019314947601032117 function| aprToMpr function| productReattachOpenPanelEvent number| useUtagFile string| cacheBuster string| tealiumSyncVersion object| utag_timing object| LBGAnalytics object| utag_cfg_ovrd function| setAnalyticsVariables function| triggerAnalyticsPageEvent object| clovaAcquire object| clova2 object| clova3 object| utag_dataEmpty object| adobe function| Visitor object| s_c_il number| s_c_in function| lateLoadTarget function| runOnDelay boolean| stillDelay object| _onAnalyticsReady object| LBGCSP object| utag_dle boolean| utag_condload undefined| CSPEnablement undefined| foundCSPDeployInstruction undefined| cspToDeploy undefined| cspString function| _typeof object| dl boolean| webviewDetected boolean| hatch undefined| giveMeQ undefined| dlParams object| clientHints object| _gaq object| pageTracker object| s number| maximumQueryLength function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| tealium_liveperson_lib function| wipeWindowName function| waitForObject function| ngaToCookie function| enhanceCookieLogic function| Elementool boolean| __tealium_twc_switch string| encodedVersion object| utag_stub object| utag number| analytics_event_count object| analytics_event_log number| ngaConstantsSearchTimestamp number| ngaConstantsSearchInterval number| s_objectID number| s_giq boolean| delegatedDeferralOfTags function| dcsMultiTrack object| lpTag function| printCelebrusLog function| enableLBGAnalyticsCommandPalette object| pl object| _uxa string| CustomList number| webchateventinterval object| s_i_lloydsbankinggroupprod8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 49660725935697615101284308343014322485 |
|
.barclays-london.com/ | Name: AMCVS_230D643E5A2550980A495DB6%40AdobeOrg Value: 1 |
|
.barclays-london.com/ | Name: AMCV_230D643E5A2550980A495DB6%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19797%7CMCMID%7C49170862724942553871226440340908475592%7CMCAAMLH-1711017330%7C6%7CMCAAMB-1711017330%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1710419730s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.3.0 |
|
.barclays-london.com/ | Name: LBGc3 Value: usac2r70200X4LFbarclays-londoncom |
|
barclays-london.com/ | Name: WTLOPTOUT Value: X |
|
.barclays-london.com/ | Name: OPTOUTMULTI Value: 0:0%7Cc1:1%7Cc3:1%7Cc5:1%7Cc4:1%7Cc2:1 |
|
.barclays-london.com/ | Name: utag_main Value: v_id:018e3c8804450015492d8004e26d03074005706c00b08$_sn:1$_se:2$_ss:0$_st:1710414330818$ses_id:1710412530758%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:barclays-london.com |
|
.barclays-london.com/ | Name: s_cc Value: true |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
barclays-london.com
dpm.demdex.net
lloydsbankinggroup.d3.sc.omtrdc.net
lptag.liveperson.net
tags.tiqcdn.com
178.249.97.23
2600:9000:235a:6800:7:2bfb:7c00:93a1
2600:9000:235a:9200:7:2bfb:7c00:93a1
34.248.239.92
45.136.57.5
63.140.62.17
63.140.62.222
06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1075d745691f79e15495ace28f7ec03766de58a24ed04deef99d9f606448bc0c
119d0b61fadac44feba196874d1913033bb34ce6eed00cff538533c0791f72b4
1d5dcc1f5ef70e9ab2b6190c1bc183d8c7b7bb7e37f99a2a426174c5c4f2b7c5
387d5ecd71538fe60bf373a7e591538c9dee71393e8d637938a0e3fd56d32b36
4125f7fb5ef940e03901ec9b35eb9a9345427aaf6348976e7b9521b6322919f8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f9d9ff40a43a5c8b9fe2807ead3d585ea301e41df17c188b68c104b48933436
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
74bd494df47fca4b1d401ec60158f0cf1eb8e46456214555e658460e30d6ab3a
78d0a8c16565833062b75620f13115150b9932696d278e6986766db07136263c
802c5fed1b6b380ec8614db954ae4b5a623615c2d3fe6c08c3259b1b257615eb
81c56d67e350f6a7b2cf18cc1f09fac9adc42d0fbeefac0a41d96b8ea0a34bfb
991a121de8faf40ccce7ee09da5d5058a6a9fc0f116da0ae6661937d564718fe
9e6eda2bbb5bdf12576c5735f1a26df1654c5701f3c5df3c15ca1e42f579864b
a1bce1648ba659d8cd7aa2c8c3ac7133358a619619fbbbe97f752ab9542c4b2f
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
d54267b8f4a76dfcc96d91aa1461143d90bb8c322a26bb65e36dd46c270797ee
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3c51fd58cf4b6697ba6dc6ffab25d3f52cd72b0f5c7410a02c8567760b294b5
f247982d280f993d662c19825fada7152001acfb6969c95aa3d7262db41d0de8
f3cd192c80ecca5e352dbf35790051922814efb9bd82c0e838459409a0de1fe7
f8fa53b5ad3b46296027913ec8d02e3f043055e3c4576532673c048a682d42d0
fe16624d1247884081b9fb72b0c00962630bbf2b7027921314af02a42b7b7951