urlscan.io logo urlscan.io
SecurityTrails logo

customer.barclays-partnerfinance.com Open in urlscan Pro
162.13.22.56  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://customer.barclays-partnerfinance.com/
Submission: On January 04 via manual from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 16 HTTP transactions. The main IP is 162.13.22.56, located in United Kingdom and belongs to RACKSPACE-LON, GB. The main domain is customer.barclays-partnerfinance.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on February 15th 2022. Valid for: a year.
This is the only time customer.barclays-partnerfinance.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

IP Address AS Autonomous System
8 162.13.22.56 15395 (RACKSPACE...)
2 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
4 52.208.172.164 16509 (AMAZON-02)
1 34.249.28.111 16509 (AMAZON-02)
1 13.36.218.177 16509 (AMAZON-02)
1 1 54.171.1.252 16509 (AMAZON-02)
2 2 142.251.39.66 15169 (GOOGLE)
16 6
8    162.13.22.56 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
customer.barclays-partnerfinance.com
2    2a02:26f0:f700:481::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
4    52.208.172.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-172-164.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.249.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-28-111.eu-west-1.compute.amazonaws.com
barclaysbankplc.demdex.net
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
barclaysuk.sc.omtrdc.net
1    54.171.1.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-1-252.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
8 barclays-partnerfinance.com
customer.barclays-partnerfinance.com
434 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 301
barclaysbankplc.demdex.net — Cisco Umbrella Rank: 385174
8 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
1 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 500
49 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1416
517 B
1 omtrdc.net
barclaysuk.sc.omtrdc.net — Cisco Umbrella Rank: 87378
446 B
16 6
Domain Requested by
8 customer.barclays-partnerfinance.com customer.barclays-partnerfinance.com
4 dpm.demdex.net assets.adobedtm.com
2 cm.g.doubleclick.net 2 redirects
2 assets.adobedtm.com customer.barclays-partnerfinance.com
assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 barclaysuk.sc.omtrdc.net assets.adobedtm.com
1 barclaysbankplc.demdex.net assets.adobedtm.com
16 7

This site contains links to these domains. Also see Links.

Domain
www.barclayspartnerfinance.com
Subject Issuer Validity Valid
customer.barclays-partnerfinance.com
Entrust Certification Authority - L1M		 2022-02-15 -
2023-02-15		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://customer.barclays-partnerfinance.com/
Frame ID: 93CF7B02976FB22E66CF8D4EA726879A
Requests: 17 HTTP requests in this frame

Frame: https://barclaysbankplc.demdex.net/dest5.html?d_nsid=0
Frame ID: 8E4547A204286D7E46B3BFE0B0E7B343
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Customer Portal | Barclays Partner Finance

Page Statistics

16
Requests

88 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

6
IPs

5
Countries

491 kB
Transfer

1587 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://cm.everesttech.net/cm/dd?d_uuid=04791069792163786424285722296736888541 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7XtxwAAAG429AOJ
Request Chain 17
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDQ3OTEwNjk3OTIxNjM3ODY0MjQyODU3MjIyOTY3MzY4ODg1NDE= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDQ3OTEwNjk3OTIxNjM3ODY0MjQyODU3MjIyOTY3MzY4ODg1NDE=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED7gTOk78EfE0-lNQho-pz4&google_cver=1?gdpr=0&gdpr_consent=

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
customer.barclays-partnerfinance.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
6105ed779494f42b8a05fe8b8b209a2dc179ab2c2457fd0b1930dc09743ff982

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 04 Jan 2023 21:21:10 GMT
ETag
W/"634e7530-838"
Last-Modified
Tue, 18 Oct 2022 09:43:12 GMT
Server
nginx
Transfer-Encoding
chunked
vendor.11499f.css
customer.barclays-partnerfinance.com/ 		244 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/vendor.11499f.css
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
f0207d845ffe48a70fbf656dcd65fdc641ef7dac025584036bc4665102f0f03d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.barclays-partnerfinance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 21:21:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Oct 2022 09:43:12 GMT
Server
nginx
ETag
W/"634e7530-3d068"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
style.913556.css
customer.barclays-partnerfinance.com/ 		264 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/style.913556.css
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
705e1a3cd2d918014214c40a19f2a5d5e79a0299a3f183a64484f18e695e7ef4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.barclays-partnerfinance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 21:21:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Oct 2022 09:43:12 GMT
Server
nginx
ETag
W/"634e7530-421ca"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
app.cce641.js
customer.barclays-partnerfinance.com/ 		853 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/app.cce641.js
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
b994761694e3c9f132600657811797bbc94ad165a4ba0fa7f09ecf2701908697

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.barclays-partnerfinance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 21:21:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Oct 2022 09:43:12 GMT
Server
nginx
ETag
W/"634e7530-d552d"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
launch-989b42b41a54.min.js
assets.adobedtm.com/230591edb41d/941e2f83c519/ 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/230591edb41d/941e2f83c519/launch-989b42b41a54.min.js
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4d6a847b81f61094de5a07dfbb1e2e8885bf1d46925efa332398ed88404c73a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.barclays-partnerfinance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 21:21:11 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 08:59:46 GMT
server
AkamaiNetStorage
etag
"e5d3c51be6246652ffbc4b4e30ece5ac:1597654786.273793"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://customer.barclays-partnerfinance.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
36358
expires
Wed, 04 Jan 2023 22:21:11 GMT
id
dpm.demdex.net/ 		602 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=14CF22CE52782FEA0A490D4D%40AdobeOrg&d_nsid=0&ts=1672867271508
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/941e2f83c519/launch-989b42b41a54.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.172.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-172-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
121779e7a32a19b591224b8eb1b264d2c0688ea6c275098ae2304a8c215d0e0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://customer.barclays-partnerfinance.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
kbZO5YiWQkQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://customer.barclays-partnerfinance.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
447
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EX96f0fc54deb741c692d5e0c0d91a6e0f-libraryCode_source.min.js
assets.adobedtm.com/230591edb41d/941e2f83c519/b9ca964ffa6c/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/230591edb41d/941e2f83c519/b9ca964ffa6c/EX96f0fc54deb741c692d5e0c0d91a6e0f-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/941e2f83c519/launch-989b42b41a54.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dfff8ee6d6963a6cc193d0b42fb83815a9eee0a0685154be37919872ea16ca1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.barclays-partnerfinance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 21:21:11 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 08:59:47 GMT
server
AkamaiNetStorage
etag
"9aa26994121d85cdb667bb711f21618e:1597654787.023264"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://customer.barclays-partnerfinance.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
13017
expires
Wed, 04 Jan 2023 22:21:11 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		279 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
763058f8b9ad8867f5de66f96f904aa0309fb875927ae12655da55745b82831b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
expertsans-regular-webfont.woff
customer.barclays-partnerfinance.com/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/fonts/expertsans-regular-webfont.woff
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/vendor.11499f.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f

Request headers

Referer
https://customer.barclays-partnerfinance.com/vendor.11499f.css
Origin
https://customer.barclays-partnerfinance.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 21:21:11 GMT
Last-Modified
Tue, 18 Oct 2022 09:43:12 GMT
Server
nginx
ETag
"634e7530-55a4"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21924
expertsans-light-webfont.woff
customer.barclays-partnerfinance.com/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/fonts/expertsans-light-webfont.woff
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/vendor.11499f.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
cfd7fb9f4a18ffee0a0c870a6a43435d7cb9678f7f56f67bef0ba433f14e766e

Request headers

Referer
https://customer.barclays-partnerfinance.com/vendor.11499f.css
Origin
https://customer.barclays-partnerfinance.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 21:21:11 GMT
Last-Modified
Tue, 18 Oct 2022 09:43:12 GMT
Server
nginx
ETag
"634e7530-555c"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21852
expertsans-b14-light-webfont.woff
customer.barclays-partnerfinance.com/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/fonts/expertsans-b14-light-webfont.woff
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/vendor.11499f.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
7531bcf88a7a7637a29bd87b4eb7208279e529ab4a1b6f37fa4164b28e31ceb0

Request headers

Referer
https://customer.barclays-partnerfinance.com/vendor.11499f.css
Origin
https://customer.barclays-partnerfinance.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 21:21:11 GMT
Last-Modified
Tue, 18 Oct 2022 09:43:12 GMT
Server
nginx
ETag
"634e7530-55dc"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21980
logs
customer.barclays-partnerfinance.com/api/logs/ 		46 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://customer.barclays-partnerfinance.com/api/logs/logs?_=1672867271670
Requested by
Host: customer.barclays-partnerfinance.com
URL: https://customer.barclays-partnerfinance.com/app.cce641.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
162.13.22.56 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
fac8779798b7f7bc2ad2916438348f8fb5ae6f56b09d8e9f5d1eaa73184b7fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript
Cache-Control
no-cache
Referer
https://customer.barclays-partnerfinance.com/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 04 Jan 2023 21:21:11 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application:8080
Expires
0
dest5.html
barclaysbankplc.demdex.net/ Frame 8E45 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://barclaysbankplc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/941e2f83c519/launch-989b42b41a54.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-28-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://customer.barclays-partnerfinance.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v045-0f9127447.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
WRqp7y/XSzA=
content-encoding
gzip
date
Wed, 4 Jan 2023 21:21:12 GMT
last-modified
Fri, 28 Oct 2022 11:22:23 GMT
transfer-encoding
chunked
vary
accept-encoding
id
barclaysuk.sc.omtrdc.net/ 		42 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://barclaysuk.sc.omtrdc.net/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=14CF22CE52782FEA0A490D4D%40AdobeOrg&mid=07334995949908765694031347307221977686&ts=1672867271811
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/941e2f83c519/launch-989b42b41a54.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
c4039aa2e82ba007f66cc9e4cbd4ea7f0ee8d999686524ea788d850fc7ee91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://customer.barclays-partnerfinance.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 04 Jan 2023 21:21:11 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://customer.barclays-partnerfinance.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
42
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y7XtxwAAAG429AOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=04791069792163786424285722296736888541
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7XtxwAAAG429AOJ
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7XtxwAAAG429AOJ
Protocol
HTTP/1.1
Server
52.208.172.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-172-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.barclays-partnerfinance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v052-0f73f706c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Xs1THYAyQOQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7XtxwAAAG429AOJ
Date
Wed, 04 Jan 2023 21:21:11 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
id
dpm.demdex.net/ 		602 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=14CF22CE52782FEA0A490D4D%40AdobeOrg&d_nsid=0&d_mid=07334995949908765694031347307221977686&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%0131DAF6E3996D2BCB-600000855A3E530D&ts=1672867272000
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/941e2f83c519/launch-989b42b41a54.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.172.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-172-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
042f7f9732c327c5e7966f150cb871447812e10c825947ffa22c4b1940d5405f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://customer.barclays-partnerfinance.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 10 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
I0m+hpe/S+w=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://customer.barclays-partnerfinance.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
450
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=771&dpuuid=CAESED7gTOk78EfE0-lNQho-pz4&google_cver=1
dpm.demdex.net/ Frame 8E45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDQ3OTEwNjk3OTIxNjM3ODY0MjQyODU3MjIyOTY3MzY4ODg1NDE=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDQ3OTEwNjk3OTIxNjM3ODY0MjQyODU3MjIyOTY3MzY4ODg1NDE=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED7gTOk78EfE0-lNQho-pz4&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED7gTOk78EfE0-lNQho-pz4&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.208.172.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-172-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://barclaysbankplc.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0f822ad5b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fo0fOvYcTlk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 04 Jan 2023 21:21:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED7gTOk78EfE0-lNQho-pz4&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| head string| dev string| staging string| production string| src object| script object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| webpackJsonp object| __core-js_shared__ object| core function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| siteUrl object| s string| s_account number| s_objectID number| s_giq

11 Cookies

Domain/Path Name / Value
customer.barclays-partnerfinance.com/ Name: acceptedCookie
Value: true
customer.barclays-partnerfinance.com/ Name: XSRF-TOKEN
Value: 68b98d57-b059-44ad-8829-35b412187a37
customer.barclays-partnerfinance.com/ Name: pcid
Value: 167286727117160687347233655133
.demdex.net/ Name: demdex
Value: 04791069792163786424285722296736888541
.barclays-partnerfinance.com/ Name: AMCVS_14CF22CE52782FEA0A490D4D%40AdobeOrg
Value: 1
.omtrdc.net/ Name: s_vi
Value: [CS]v1|31DAF6E3996D2BCB-600000855A3E530D[CE]
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y7XtxwAAAG429AOJ
.dpm.demdex.net/ Name: dpm
Value: 04791069792163786424285722296736888541
.barclays-partnerfinance.com/ Name: AMCV_14CF22CE52782FEA0A490D4D%40AdobeOrg
Value: 870038026%7CMCIDTS%7C19362%7CMCMID%7C07334995949908765694031347307221977686%7CMCAAMLH-1673472072%7C6%7CMCAAMB-1673472072%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1672874472s%7CNONE%7CMCAID%7C31DAF6E3996D2BCB-600000855A3E530D%7CMCSYNCSOP%7C411-19369%7CvVersion%7C5.0.0
.demdex.net/ Name: dextp
Value: 771-1-1672867272172
.doubleclick.net/ Name: IDE
Value: AHWqTUkIrCTnzgcDtFsiqitGwgjK_R-eTx5KxDE_lENzbjeFu00fCvwA1T8Qyy6B5Ns

1 Console Messages

Source Level URL
Text
network error URL: https://customer.barclays-partnerfinance.com/api/logs/logs?_=1672867271670
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
barclaysbankplc.demdex.net
barclaysuk.sc.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
customer.barclays-partnerfinance.com
dpm.demdex.net
13.36.218.177
142.251.39.66
162.13.22.56
2a02:26f0:f700:481::1e80
34.249.28.111
52.208.172.164
54.171.1.252
042f7f9732c327c5e7966f150cb871447812e10c825947ffa22c4b1940d5405f
121779e7a32a19b591224b8eb1b264d2c0688ea6c275098ae2304a8c215d0e0e
4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f
4d6a847b81f61094de5a07dfbb1e2e8885bf1d46925efa332398ed88404c73a3
6105ed779494f42b8a05fe8b8b209a2dc179ab2c2457fd0b1930dc09743ff982
705e1a3cd2d918014214c40a19f2a5d5e79a0299a3f183a64484f18e695e7ef4
7531bcf88a7a7637a29bd87b4eb7208279e529ab4a1b6f37fa4164b28e31ceb0
763058f8b9ad8867f5de66f96f904aa0309fb875927ae12655da55745b82831b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
91a06213190743f440aa3411f1393afaf3de8b3b6309d6677fb7680248f09e91
b994761694e3c9f132600657811797bbc94ad165a4ba0fa7f09ecf2701908697
c4039aa2e82ba007f66cc9e4cbd4ea7f0ee8d999686524ea788d850fc7ee91af
cfd7fb9f4a18ffee0a0c870a6a43435d7cb9678f7f56f67bef0ba433f14e766e
dfff8ee6d6963a6cc193d0b42fb83815a9eee0a0685154be37919872ea16ca1f
e111be4c24fc0743ca7eb1c4873a64bb234135b9bea86cabd922a5caabb6c9c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0207d845ffe48a70fbf656dcd65fdc641ef7dac025584036bc4665102f0f03d
fac8779798b7f7bc2ad2916438348f8fb5ae6f56b09d8e9f5d1eaa73184b7fbd