online-reviewpayee11.com Open in urlscan Pro
185.156.72.17  Malicious Activity! Public Scan

URL: http://online-reviewpayee11.com/
Submission: On July 11 via automatic, source openphish — Scanned from DE

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 29 HTTP transactions. The main IP is 185.156.72.17, located in Russian Federation and belongs to VAIZ-AS ITBks892, UA. The main domain is online-reviewpayee11.com.
This is the only time online-reviewpayee11.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
4 185.156.72.17 61432 (VAIZ-AS I...)
3 2600:9000:211... 16509 (AMAZON-02)
17 104.79.34.107 16625 (AKAMAI-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2 2600:9000:211... 16509 (AMAZON-02)
1 3.126.145.180 16509 (AMAZON-02)
29 6
Apex Domain
Subdomains
Transfer
17 barclays.co.uk
bank.barclays.co.uk — Cisco Umbrella Rank: 158359
596 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1029
54 KB
4 online-reviewpayee11.com
online-reviewpayee11.com
17 KB
1 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 2908
526 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
83 KB
29 5
Domain Requested by
17 bank.barclays.co.uk online-reviewpayee11.com
bank.barclays.co.uk
5 tags.tiqcdn.com 2 redirects online-reviewpayee11.com
4 online-reviewpayee11.com online-reviewpayee11.com
code.jquery.com
1 collect.tealiumiq.com tags.tiqcdn.com
1 code.jquery.com online-reviewpayee11.com
29 5

This site contains links to these domains. Also see Links.

Domain
www.barclays.co.uk
status.uk.barclays
www.bsigroup.com
www.iso.org
www.fscs.org.uk
Subject Issuer Validity Valid
tags.tiqcdn.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-17
a year crt.sh
bank.barclays.co.uk
DigiCert SHA2 Extended Validation Server CA
2022-08-09 -
2023-08-09
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.tealiumiq.com
Amazon RSA 2048 M02
2023-02-10 -
2023-09-23
7 months crt.sh

This page contains 1 frames:

Primary Page: http://online-reviewpayee11.com/
Frame ID: 63F76CEF4F264EB663F18A04C116ECCA
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Step 1 - Who are you? - Barclays Online BankingTick

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

69 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

749 kB
Transfer

2419 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • http://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035 HTTP 301
  • https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
Request Chain 27
  • http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=barclaysuk/barclays-olb/202110221035&cb=1689103490680 HTTP 301
  • https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=barclaysuk/barclays-olb/202110221035&cb=1689103490680

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
online-reviewpayee11.com/
69 KB
14 KB
Document
General
Full URL
http://online-reviewpayee11.com/
Protocol
HTTP/1.1
Server
185.156.72.17 , Russian Federation, ASN61432 (VAIZ-AS ITBks892, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
15453990b0077c212926dd887590149408d70ad1ce838d816c5280e9ce075162

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
14032
content-type
text/html; charset=UTF-8
date
Tue, 11 Jul 2023 19:24:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
utag.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/
220 KB
46 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a546728e7a41fa06ad91c73ead1e750b17ded92f4640060be48ca3b66655b4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
67MZWrt80ggqupiQS8xIHWy6aS7Il0yN
content-encoding
br
via
1.1 59778df72778f60e4701bb8768b14bcc.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 19:24:50 GMT
last-modified
Tue, 07 Mar 2023 05:26:42 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
etag
W/"0fa849dcc41d00eccc85713f3f3d9048"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
1NNACmZdJUYvCDZiTBQzbME3CfRE-oKORn2dnVIJ8aDE37mmegiWHA==
bdlLogin-dss-jquery-libraries.min.js
online-reviewpayee11.com/authlogin/
0
0
Script
General
Full URL
http://online-reviewpayee11.com/authlogin/bdlLogin-dss-jquery-libraries.min.js?v=1606745934868
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
HTTP/1.1
Server
185.156.72.17 , Russian Federation, ASN61432 (VAIZ-AS ITBks892, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:24:49 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
polyfill.wp.js
bank.barclays.co.uk//authlogin/lib/
98 KB
98 KB
Script
General
Full URL
https://bank.barclays.co.uk//authlogin/lib/polyfill.wp.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02e9e14e36ad05a2a528e81898868b7c9fb738980d111599f4460dc7926aa1b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Thu, 13 May 2021 14:24:21 GMT
etag
"18659-609d3695"
content-type
application/x-javascript
accept-ranges
bytes
content-length
99929
x-ua-compatible
chrome=IE6
angular.min.js
bank.barclays.co.uk//js/myBarclays/vendor/angular/
105 KB
39 KB
Script
General
Full URL
https://bank.barclays.co.uk//js/myBarclays/vendor/angular/angular.min.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8ea0e980b8bdca260f9f81d0e98360c3080fdc7fd3992cf611e05701e2e8a36
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Thu, 08 Jun 2023 08:12:44 GMT
etag
"9bd6-64818d7c"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
39894
x-ua-compatible
chrome=IE6
angular-route.min.js
bank.barclays.co.uk//js/myBarclays/vendor/angular/
4 KB
2 KB
Script
General
Full URL
https://bank.barclays.co.uk//js/myBarclays/vendor/angular/angular-route.min.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
225667650d0be401e4cb148aa2dea5ad695c19563d2f94cfa20aa7082c5c966a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Thu, 08 Jun 2023 08:12:44 GMT
etag
"75b-64818d7c"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1883
x-ua-compatible
chrome=IE6
angular-sanitize.min.js
bank.barclays.co.uk//js/myBarclays/vendor/angular/
4 KB
3 KB
Script
General
Full URL
https://bank.barclays.co.uk//js/myBarclays/vendor/angular/angular-sanitize.min.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20318e023853ac4d3e1f231b0532de4c39d83c629a4155756c021e57825dc884
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Thu, 08 Jun 2023 08:12:44 GMT
etag
"96c-64818d7c"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
2412
x-ua-compatible
chrome=IE6
bdlLogin-rolb-dss.min.js
bank.barclays.co.uk//authlogin/
256 KB
66 KB
Script
General
Full URL
https://bank.barclays.co.uk//authlogin/bdlLogin-rolb-dss.min.js?v=1606745934868
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ade0326f7dc6af27f034b989c0e250569608abfd9ee01ce7210ea65a02ce836
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Fri, 09 Jun 2023 13:31:07 GMT
etag
"107ee-6483299b"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
67566
x-ua-compatible
chrome=IE6
bdlLogin-libraries.min.js
bank.barclays.co.uk//authlogin/
71 KB
27 KB
Script
General
Full URL
https://bank.barclays.co.uk//authlogin/bdlLogin-libraries.min.js?v=1606745934868
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23258114961c94563c3e7df66f059d487995e01f4ce666f2e5b84f1c499e63cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Fri, 09 Jun 2023 13:31:07 GMT
etag
"6a7a-6483299b"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
27258
x-ua-compatible
chrome=IE6
bdlLogin-rolb-app.min.js
bank.barclays.co.uk//authlogin/
301 KB
82 KB
Script
General
Full URL
https://bank.barclays.co.uk//authlogin/bdlLogin-rolb-app.min.js?v=1606745934868
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6e78aa13caa13213f7169129ce9fcb7e381c35ab6cb84defa0526871b64228e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Fri, 09 Jun 2023 13:31:07 GMT
etag
"14749-6483299b"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
83785
x-ua-compatible
chrome=IE6
s_codecookies.js
bank.barclays.co.uk//js/sitecatalyst/
52 KB
20 KB
Script
General
Full URL
https://bank.barclays.co.uk//js/sitecatalyst/s_codecookies.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c8476ca18e6e6acf89b1409d488dd0d95ea02b80b0c3b089e131c161ed7561b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Thu, 08 Jun 2023 08:12:45 GMT
etag
"4f0a-64818d7d"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
20234
x-ua-compatible
chrome=IE6
6bb5a42d.min.js
bank.barclays.co.uk//js/bc/2.8.1/
340 KB
88 KB
Script
General
Full URL
https://bank.barclays.co.uk//js/bc/2.8.1/6bb5a42d.min.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52aa6e020c0bb612dd9221d801a3ebda86836e047dbd30e21069248669061cbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Fri, 11 Nov 2022 12:31:45 GMT
etag
"15e7f-636e40b1"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
89727
x-ua-compatible
chrome=IE6
jquery-3.5.1.js
code.jquery.com/
281 KB
83 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.js
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Referer
http://online-reviewpayee11.com/
Origin
http://online-reviewpayee11.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:24:49 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-4638e"
vary
Accept-Encoding
x-hw
1689103489.dop016.fr8.t,1689103489.cds097.fr8.hn,1689103489.cds234.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84374
rolb-theme-2-0.css
bank.barclays.co.uk/authlogin/css/
333 KB
68 KB
Stylesheet
General
Full URL
https://bank.barclays.co.uk/authlogin/css/rolb-theme-2-0.css?v=1606745934868
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:49 GMT
last-modified
Fri, 09 Jun 2023 13:31:07 GMT
etag
"11083-6483299b"
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
69763
x-ua-compatible
chrome=IE6
authlogin-bdl.min.css
bank.barclays.co.uk/authlogin/css/
45 KB
45 KB
Stylesheet
General
Full URL
https://bank.barclays.co.uk/authlogin/css/authlogin-bdl.min.css?v=1606745934868
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7588e66ab3dfc34b4beda8e07aa630e5a764a001d7568244ef963c3620f3365
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:24:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 14:24:26 GMT
etag
"b345-609d369a"
content-type
text/css
accept-ranges
bytes
content-length
45893
x-ua-compatible
chrome=IE6
1321217916907-bsikitemarklogo.png
bank.barclays.co.uk/OLB/A/Content/Images/
13 KB
13 KB
Image
General
Full URL
https://bank.barclays.co.uk/OLB/A/Content/Images/1321217916907-bsikitemarklogo.png
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:24:50 GMT
last-modified
Thu, 13 Jun 2019 15:08:21 GMT
etag
"34cc-5d0266e5"
content-type
image/png
accept-ranges
bytes
content-length
13516
x-ua-compatible
chrome=IE6
1321217916492-iso27001footer.JPG
bank.barclays.co.uk/OLB/A/Content/Images/
24 KB
24 KB
Image
General
Full URL
https://bank.barclays.co.uk/OLB/A/Content/Images/1321217916492-iso27001footer.JPG
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03c2526a71f8b178491bca3226f69d72a28aa606133527c00b28adab490f940d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:24:50 GMT
last-modified
Thu, 13 Jun 2019 15:10:15 GMT
etag
"5e04-5d026757"
content-type
image/jpeg
accept-ranges
bytes
content-length
24068
x-ua-compatible
chrome=IE6
1321217918424-cyberfooter.jpg
bank.barclays.co.uk/OLB/A/Content/Images/
9 KB
9 KB
Image
General
Full URL
https://bank.barclays.co.uk/OLB/A/Content/Images/1321217918424-cyberfooter.jpg
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:24:50 GMT
last-modified
Thu, 13 Jun 2019 15:09:04 GMT
etag
"2406-5d026710"
content-type
image/jpeg
accept-ranges
bytes
content-length
9222
x-ua-compatible
chrome=IE6
login-fscs.png
bank.barclays.co.uk/OLB/A/Content/Images/
5 KB
6 KB
Image
General
Full URL
https://bank.barclays.co.uk/OLB/A/Content/Images/login-fscs.png
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:24:50 GMT
last-modified
Wed, 09 Sep 2020 09:55:15 GMT
etag
"152b-5f58a683"
content-type
image/png
accept-ranges
bytes
content-length
5419
x-ua-compatible
chrome=IE6
bdlLogin.bootstrap.min.js
bank.barclays.co.uk/authlogin/
19 KB
4 KB
Script
General
Full URL
https://bank.barclays.co.uk/authlogin/bdlLogin.bootstrap.min.js?v=1606745934868
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d98f81145048ee836f40a1eb9a22f6e6ef8fb704ef1aaa7170fecb1be0bb5caf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:50 GMT
last-modified
Fri, 09 Jun 2023 13:31:07 GMT
etag
"cda-6483299b"
vary
accept-encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
3290
x-ua-compatible
chrome=IE6
7a6c8c6b-d031-42b3-a1d1-554d41d7272b
http://online-reviewpayee11.com/
139 KB
0
Other
General
Full URL
blob:http://online-reviewpayee11.com/7a6c8c6b-d031-42b3-a1d1-554d41d7272b
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed6604f7293bcfe87ee03795e418c40cb40a96444a320d45bb97dfdcf40a14b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
142652
Content-Type
application/javascript
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
Padlock_icon.svg
bank.barclays.co.uk/authlogin/img/
2 KB
1 KB
Image
General
Full URL
https://bank.barclays.co.uk/authlogin/img/Padlock_icon.svg
Requested by
Host: bank.barclays.co.uk
URL: https://bank.barclays.co.uk/authlogin/css/authlogin-bdl.min.css?v=1606745934868
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.34.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-34-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.barclays.co.uk/authlogin/css/authlogin-bdl.min.css?v=1606745934868
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:24:50 GMT
last-modified
Fri, 09 Jun 2023 13:31:07 GMT
etag
"2f3-6483299b"
vary
accept-encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
755
x-ua-compatible
chrome=IE6
expert-sans-regular.woff
bank.barclays.co.uk/authlogin/css/fonts/
0
0

expert-sans-light.woff
bank.barclays.co.uk/authlogin/css/fonts/
0
0

utag.34.js
tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/
Redirect Chain
  • http://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
  • https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
23 KB
7 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Server
2600:9000:2117:e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e403ca417508832cedb771593ce705d180825d7d4e3b2643e295c0c6f83ce3fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
JC5i7yqP3vOiv45FZfXDkg_lSVfJmjMq
content-encoding
br
via
1.1 59778df72778f60e4701bb8768b14bcc.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 19:24:51 GMT
last-modified
Tue, 07 Mar 2023 05:26:43 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
etag
W/"9e48505d4f97c7d22099821f568b26fe"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
0u_HlFoUgCDbPEWgqYFVJ0XW0A5htRDhivHpXzRLQLN1tFBJIqjM0w==

Redirect headers

Date
Tue, 11 Jul 2023 19:24:50 GMT
Via
1.1 71fab3812d3ca29aef88f4dc095b47da.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CDG50-C1
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
Cache-Control
max-age=1296000
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
m910DBfafqgggSqSb75d9dzRlGraF74Jt5HS8VEH7Om5TpsZJ_ymUw==
event
collect.tealiumiq.com/
0
526 B
XHR
General
Full URL
https://collect.tealiumiq.com/event
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/barclaysuk/barclays-olb/prod/utag.34.js?utv=ut4.46.202110221035
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.145.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-145-180.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://online-reviewpayee11.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Jul 2023 19:24:50 GMT
x-serverid
uconnect_i-0ccb63bc464382003
x-tid
01894669da910021652c464af10c03074002006c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
barclaysuk:barclays-web:2:event
x-region
eu-central-1
pragma
no-cache
vary
Origin
content-type
application/json
access-control-allow-origin
http://online-reviewpayee11.com
x-ulver
5fac8a15dbb9d13564d5e121399a132fe7e63b20-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
fcb35734-28ef-46a8-9c4e-2afe5f09ef5b
expires
Tue, 11 Jul 2023 19:24:50 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
Redirect Chain
  • http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=barclaysuk/barclays-olb/202110221035&cb=1689103490680
  • https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=barclaysuk/barclays-olb/202110221035&cb=1689103490680
2 B
431 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=barclaysuk/barclays-olb/202110221035&cb=1689103490680
Requested by
Host: online-reviewpayee11.com
URL: http://online-reviewpayee11.com/
Protocol
H2
Server
2600:9000:2117:e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://online-reviewpayee11.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Tue, 11 Jul 2023 19:19:24 GMT
via
1.1 59778df72778f60e4701bb8768b14bcc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
age
327
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
dWswcKuqATMId1xrlwH1EOd1tSMTlEJOxoIHkq622hdjb2m44HIcnQ==

Redirect headers

Date
Tue, 11 Jul 2023 19:24:50 GMT
Via
1.1 71fab3812d3ca29aef88f4dc095b47da.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CDG50-C1
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=barclaysuk/barclays-olb/202110221035&cb=1689103490680
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
LW_0B2Qac6Oc9oH_rQGqXMbMdyrhwxi7Q6euPnl3D6Q-krDNSSHdQQ==
activity.php
online-reviewpayee11.com/files/
1 KB
1 KB
XHR
General
Full URL
http://online-reviewpayee11.com/files/activity.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.js
Protocol
HTTP/1.1
Server
185.156.72.17 , Russian Federation, ASN61432 (VAIZ-AS ITBks892, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept
*/*
Referer
http://online-reviewpayee11.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:24:53 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
activity.php
online-reviewpayee11.com/files/
1 KB
1 KB
XHR
General
Full URL
http://online-reviewpayee11.com/files/activity.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.js
Protocol
HTTP/1.1
Server
185.156.72.17 , Russian Federation, ASN61432 (VAIZ-AS ITBks892, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept
*/*
Referer
http://online-reviewpayee11.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:24:56 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bank.barclays.co.uk
URL
https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-regular.woff
Domain
bank.barclays.co.uk
URL
https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-light.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend boolean| utag_condload object| utag function| e boolean| __tealium_twc_switch object| utag_cfg_ovrd object| adobe function| Visitor object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| angular number| ng339 function| _ function| getElementsByClassName function| getTextContent function| scFixed function| scFixed1Tag function| scAppendWholeTag function| scLowRankTag function| scProductsTag function| scSetLinkNameTag function| scCombinedP123 function| scRemap function| tagPageView function| tagAjaxContent function| tagQueryContents function| setFromClickTagsFTB function| scLinkTrack function| scLinkTrackError function| dcsMultiTrack function| scMeta function| scSetInitial function| scSetDerived function| isLoginPage function| isHomePage function| scSetHelpCardButtons function| scCleanUpEvents function| scLoginPagesTracking function| scCleanUp function| scSetValidationErrorMessage function| fireLoadEvent function| scSetErrorMessage function| scSetErrorServiceMessage function| scSetImpressions function| scSetLOGIN_METHOD function| scSetLOGIN_MECHANISM function| scSetLoginEvents function| scSetDeepLink function| scSetdcsuri function| scSetProducts function| scSetView function| getProp34 function| scSetPurchaseTracking function| scSetActivityTracking function| scSetLoginReg function| scSetPageName function| isMultipleSavedUsers function| scSetEvents function| scSetDcsvid function| scBarclaysCookieConsent function| scMapTag function| scSetTag function| scAddTag function| scUpdateLinkTrack function| scSaveBasePageName function| scRestoreBasePageName function| scSaveTakeoverPageName function| scRestoreTakeoverPageName object| AppName object| authloginDigitalData string| s_account object| dcs2sc string| scBasePageName string| scTakeoverPageName object| _self object| Prism string| digitalDataDeviceBuildId undefined| WebAnalytics function| cookieCat2Status object| s undefined| s_code undefined| s_objectID undefined| s_doPlugins undefined| s_gi undefined| s_giqf object| cdApi function| $ function| jQuery boolean| ie8 object| browser_detect function| mboxDefine function| mboxUpdate string| pathref object| dataLayer number| interval function| heartbeat

5 Cookies

Domain/Path Name / Value
online-reviewpayee11.com/ Name: PHPSESSID
Value: c8d74fcf6476f6e12bd246176eafd82d
.online-reviewpayee11.com/ Name: bmuid
Value: 1689103489991-0D07EF9B-B9CF-4271-8244-A33C5C3A850B
.online-reviewpayee11.com/ Name: cdContextId
Value: 2
.online-reviewpayee11.com/ Name: cdSNum
Value: 1689103490169-sjt0000412-1b1ab714-74f6-4576-97de-5a8f07ae7cc4
.online-reviewpayee11.com/ Name: utag_main
Value: v_id:01894669da910021652c464af10c03074002006c00b08$_sn:1$_se:1$_ss:1$_st:1689105289682$ses_id:1689103489682%3Bexp-session$_pn:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session

8 Console Messages

Source Level URL
Text
network error URL: http://online-reviewpayee11.com/authlogin/bdlLogin-dss-jquery-libraries.min.js?v=1606745934868
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://bank.barclays.co.uk//js/bc/2.8.1/6bb5a42d.min.js(Line 7)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript error URL: http://online-reviewpayee11.com/
Message:
Access to font at 'https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-light.woff' from origin 'http://online-reviewpayee11.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://online-reviewpayee11.com/
Message:
Access to font at 'https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-regular.woff' from origin 'http://online-reviewpayee11.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bank.barclays.co.uk/authlogin/css/fonts/expert-sans-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: http://online-reviewpayee11.com/files/activity.php
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://online-reviewpayee11.com/files/activity.php
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.barclays.co.uk
code.jquery.com
collect.tealiumiq.com
online-reviewpayee11.com
tags.tiqcdn.com
bank.barclays.co.uk
104.79.34.107
185.156.72.17
2001:4de0:ac18::1:a:1b
2600:9000:2117:2e00:7:2bfb:7c00:93a1
2600:9000:2117:e00:7:2bfb:7c00:93a1
3.126.145.180
02e9e14e36ad05a2a528e81898868b7c9fb738980d111599f4460dc7926aa1b0
03c2526a71f8b178491bca3226f69d72a28aa606133527c00b28adab490f940d
15453990b0077c212926dd887590149408d70ad1ce838d816c5280e9ce075162
20318e023853ac4d3e1f231b0532de4c39d83c629a4155756c021e57825dc884
225667650d0be401e4cb148aa2dea5ad695c19563d2f94cfa20aa7082c5c966a
23258114961c94563c3e7df66f059d487995e01f4ce666f2e5b84f1c499e63cc
2aa89b0d3ed189360406952265076a3f79ea08b045f2e07d7d71e3c38982533e
32f5891b648500c4f534390e1c348060685ba728e64394d964e778eedabd7249
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
52aa6e020c0bb612dd9221d801a3ebda86836e047dbd30e21069248669061cbb
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6c8476ca18e6e6acf89b1409d488dd0d95ea02b80b0c3b089e131c161ed7561b
90326fd2ae35b37049ca9b624acb2b698be96a509f3619cf647d686433eaaa15
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91
9ade0326f7dc6af27f034b989c0e250569608abfd9ee01ce7210ea65a02ce836
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a546728e7a41fa06ad91c73ead1e750b17ded92f4640060be48ca3b66655b4aa
b173ff6e97748a8a4e079bf7afa965e4d264fa43a351c4a0bf2c130bc65b4366
c7588e66ab3dfc34b4beda8e07aa630e5a764a001d7568244ef963c3620f3365
d98f81145048ee836f40a1eb9a22f6e6ef8fb704ef1aaa7170fecb1be0bb5caf
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e403ca417508832cedb771593ce705d180825d7d4e3b2643e295c0c6f83ce3fb
ed6604f7293bcfe87ee03795e418c40cb40a96444a320d45bb97dfdcf40a14b8
effa2f551ae3f572384002e36028aa1e85544462f42c28065731284e8f81bfcd
f6e78aa13caa13213f7169129ce9fcb7e381c35ab6cb84defa0526871b64228e
f8ea0e980b8bdca260f9f81d0e98360c3080fdc7fd3992cf611e05701e2e8a36