fastandsecureportal.xyz

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 172.67.153.158, located in United States and belongs to CLOUDFLARENET, US. The main domain is fastandsecureportal.xyz.
TLS certificate: Issued by WE1 on August 12th 2024. Valid for: 3 months.

This is the only time fastandsecureportal.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	172.67.153.158 172.67.153.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.100.71.198 95.100.71.198	16625 (AKAMAI-AS) (AKAMAI-AS)
7	3

6 172.67.153.158 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

fastandsecureportal.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.71.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-71-198.deploy.static.akamaitechnologies.com

www.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	fastandsecureportal.xyz 2 redirects fastandsecureportal.xyz	58 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	82 KB
1	citi.com www.citi.com — Cisco Umbrella Rank: 29463	9 KB
7	3

	Domain	Requested by
6	fastandsecureportal.xyz	2 redirects fastandsecureportal.xyz
2	cdnjs.cloudflare.com	fastandsecureportal.xyz cdnjs.cloudflare.com
1	www.citi.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
fastandsecureportal.xyz WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
www.citi.com DigiCert EV RSA CA G2	`2024-05-09` - `2024-12-05`	7 months	crt.sh

This page contains 2 frames:

Primary Page: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Frame ID: 594C902045A5059F3B6851A10B7D468D
Requests: 5 HTTP requests in this frame

Frame: https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: B80BE8AEC6FE976DED28C32342C237B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Citi

Page URL History Show full URLs

https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e HTTP 301
https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

147 kB
Transfer

178 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e HTTP 301
https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/
Redirect Chain

https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

7 KB
3 KB

25ms
25ms

Document
text/html

172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8e7acfe7bc0c3fc0c6021a0fbc5bc183d6605e5c3a70cbaecc74f1b60e36b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b256cde6e933a9c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 02:55:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x52CQEhuXZ6ESaQFZy7ZWGzJG8PKql%2Bs99xdDDuPVSa5UvPqBc%2FBrQlNjUU%2Fqv4qPrOF9QHgo8fQZK68MUO44I3D1UoyN9V7g4%2BEXkZpdJvgslah4AstZSgW3ss4Utk4WPMBEr8JoisGDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b256cde2e7e3a9c-FRA
content-type: text/html
date: Tue, 13 Aug 2024 02:55:16 GMT
location: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gCP8kMTov%2FysmKkgeIiZnYYIVfyE42V%2B9laHjX7CdIruZDyGb%2BcHBSX%2BHW3j2vCxuPe3eK2qCNhQHg3yFf68wz86e%2BjFdO3qwh8OkHD9EeTTNS1xl2x57nT%2BOxwu0BUGBHfg2cWDguGaDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 30ms
16ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fastandsecureportal.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 383675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxUd0H2bMSxln2aab9hvVWWqIYl%2FICRgaF2pJbvje2RKhucJG%2FQJehYWQOr5kGdXdNJTgSHHlQE4bHAb0COXzbdFZzRmt3QQ1Kn9wTSD6tzXQUdWZlyhoUow1wcibteMjBwRq6bY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b256cdeab119f17-FRA
expires: Sun, 03 Aug 2025 02:55:16 GMT

GET
H3 200 Citibank.svg.png
fastandsecureportal.xyz/UpdateVerifyPrss!/files/ 49 KB
50 KB 33ms
33ms Image
image/png 172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/files/Citibank.svg.png
Requested by: Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fc36e4371ad5f605b8888c6d3b175e2c48ad80d4a71dda29ddf1a8f66d50974

Request headers

Referer: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:55:16 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 14:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c41d-66b37ed4-1679ca;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nUQTkz%2B%2BSAW14U4Wjy1MMrbhlVuP2zTh6y%2BE0zTyrwy%2BlzUf946sgVAb0XRiV7mCF3md2wfpfbC3aq5RKQYh%2BJOATaRxJ%2BxE%2BP%2Fhfyc44%2F%2B1IzV6nZrW2oDOyOtt%2FoygOW0uJuaHSMfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8b256cde9ea63a9c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 50205
expires: Tue, 20 Aug 2024 02:55:16 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 27ms
15ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://fastandsecureportal.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:55:16 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 382157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3a0d69rfkKXLERbCznEzV%2FLn70URZHup1ee2TZKoypgJg5mLQr5OlLXwHhYvzH%2FijqAgascwwXXBGqjyCa56ihL0wCjlppF76TzdbEs%2BQtPp%2BJGcRxqYmcUbLkalU2nEQzx6IXR"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b256cdeffbd906a-FRA
expires: Sun, 03 Aug 2025 02:55:16 GMT

GET
H3

200

main.js Show response
fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame B80B
Redirect Chain

https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

8 KB
4 KB

17ms
17ms

Script
application/javascript

172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

Requested by

Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

H3

Server

172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f938ebd392e85c2790fc6e12463197d797173497ca7f3e74f8cd45757c8830

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVnmEm%2BOhGQElmrLpYJPkX%2FZcgZLh5TUs9IPl7pxV%2BbGejax7y%2BMbXTKBKp2GtJ1UFjqRZ9JFnpFonGxq6r27iXngtfj33Y05U0RKoKL9NzTVkfTUJk0O6ohlq8dvGkWfPpPIOrJAdRyFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b256cdf0eea3a9c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 13 Aug 2024 02:55:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oc%2Bdefy1snrL%2B%2F3EhZVmvpl4GUc%2B1rFOdZnyOhVK4ZqcSk3niqtNLz8WBf1ePa5CyCqs6cDCv24NQQN%2BoscxchNqRynu6RzVUBP8iaSunG3dO039DVnLliNQoPS%2FMWqFBBCumS%2Bk2uEV1g%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b256cdeeed53a9c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8b256cde6e933a9c Show response
fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B80B 0
706 B 32ms
29ms XHR
text/plain 172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8b256cde6e933a9c
Requested by: Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 02:55:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGg6s58y%2BP5yq%2F%2FbX4e86do058u9D7F1nYBbtAEeYDqcUK5jSDIDteLaC%2F4m%2Baq1SlvE3w10rCbgqh0ugposBajL0SNtpvf9JWtvn2SiRXBd%2FKocAbfCcVxWRZrSzNcw%2BypYEraFFhe72g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b256cdfaf7d3a9c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 favicon.ico
www.citi.com/cbol-pre-login-static-assets/assets/ 9 KB
9 KB 88ms
26ms Other
image/x-icon 95.100.71.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/favicon.ico

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.71.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-71-198.deploy.static.akamaitechnologies.com

Software

/

Resource Hash

2f6d73a312361b30f573d8f97bf9b345f2316c3d8b40723592b3145e360f8c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://fastandsecureportal.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

sid: f319f8c3-84eb-457f-bc59-6f813de6c68d
content-encoding: gzip
x-content-type-options: nosniff
nonce: 2066482883264237
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Aug 2024 02:55:16 GMT
dclocation: GT1DMS
uuid: 35de6cd5-c324-4e15-be3d-ff365f52f4f8
content-length: 8136
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Sat, 27 Jul 2024 09:33:26 GMT
x-akamai-citisite: GTDC
etag: W/"222b-190f389b43f"
access-control-max-age: 2147483647
vary: Accept-Encoding
content-type: image/x-icon
scope: VISITOR
x-vcap-request-id: c3535e7f-cc96-46f3-630c-6a77a112753e
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
accept-ranges: bytes
expires: Tue, 13 Aug 2024 08:55:16 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.fastandsecureportal.xyz/	1970-01-21 07:30:53	Name: cf_clearance Value: 0VO2TRK8mn73hEA83wzHQ.MEmEfCvBvHbffQGw2sD.Y-1723517716-1.0.1.1-rHuxKHt1vp.xuzsqg4hzIjddGxFJkxgcR08vG6Jz8VgIeu4KInQnmGf9XL2IHZCtHrCMLih9KOKq4wJ31ttOXw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/Citibank/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fastandsecureportal.xyz
www.citi.com
104.17.24.14
172.67.153.158
95.100.71.198
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f6d73a312361b30f573d8f97bf9b345f2316c3d8b40723592b3145e360f8c32
5c8e7acfe7bc0c3fc0c6021a0fbc5bc183d6605e5c3a70cbaecc74f1b60e36b4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fc36e4371ad5f605b8888c6d3b175e2c48ad80d4a71dda29ddf1a8f66d50974
88f938ebd392e85c2790fc6e12463197d797173497ca7f3e74f8cd45757c8830
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

fastandsecureportal.xyz Open in urlscan Pro 172.67.153.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

147 kBTransfer

178 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

fastandsecureportal.xyz Open in urlscan Pro
172.67.153.158 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

147 kB
Transfer

178 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions