citiserve.duia.us
Open in
urlscan Pro
165.227.25.217
Malicious Activity!
Public Scan
Submitted URL: https://citiserve.duia.us/
Effective URL: https://citiserve.duia.us/US/
Submission: On September 29 via automatic, source certstream-suspicious
Effective URL: https://citiserve.duia.us/US/
Submission: On September 29 via automatic, source certstream-suspicious
Summary
This website contacted 5 IPs
in 3 countries
across 4 domains to perform 47 HTTP transactions.
The main IP is 165.227.25.217, located in
Santa Clara, United States and
belongs to DIGITALOCEAN-ASN, US.
The main domain is citiserve.duia.us.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 29th 2020. Valid for: 3 months.
This is the only time citiserve.duia.us was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on September 29th 2020. Valid for: 3 months.
This is the only time citiserve.duia.us was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citibank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 42 | 165.227.25.217 165.227.25.217 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:819::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 107.22.16.63 107.22.16.63 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 47 | 5 |
1
107.22.16.63
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-16-63.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-16-63.compute-1.amazonaws.com
| cyseal.cyveillance.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 42 |
duia.us
1 redirects
citiserve.duia.us |
1017 KB |
| 4 |
google.com
cse.google.com www.google.com |
101 KB |
| 1 |
cyveillance.com
cyseal.cyveillance.com |
226 B |
| 1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
7 KB |
| 47 | 4 |
| Domain | Requested by | |
|---|---|---|
| 42 | citiserve.duia.us |
1 redirects
citiserve.duia.us
|
| 3 | www.google.com |
cse.google.com
|
| 1 | cyseal.cyveillance.com |
citiserve.duia.us
|
| 1 | cse.google.com |
citiserve.duia.us
|
| 1 | stackpath.bootstrapcdn.com |
citiserve.duia.us
|
| 47 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.citi.com |
| citi.com |
| www.citigroup.com |
| jobs.citi.com |
| online.citi.com |
| citieasydeals.com |
| www.citiprivatepass.com |
| www.privatebank.citibank.com |
| itunes.apple.com |
| play.google.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| citiserve.duia.us Let's Encrypt Authority X3 |
2020-09-29 - 2020-12-28 |
3 months | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
| *.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
| www.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
| cyseal.cyveillance.com Amazon |
2020-01-05 - 2021-02-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://citiserve.duia.us/US/
Frame ID: 115136D2FCE62550F5E54FBF10E4CC80
Requests: 47 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://citiserve.duia.us/
HTTP 302
https://citiserve.duia.us/US/ Page URL
Detected technologies
Ubuntu
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Ubuntu/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-rewards-plus-credit-card&afc=106
Title:
Title:
Search URL Search Domain Scan URL
URL: https://citi.com/citi/racial-equity/
Search URL Search Domain Scan URL
URL: http://www.citigroup.com/citi/
Title: Our Story
Title: Our Story
Search URL Search Domain Scan URL
URL: https://jobs.citi.com/
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits & Services
Title: Benefits & Services
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards
Title: Rewards
Search URL Search Domain Scan URL
URL: https://citieasydeals.com/
Title: Citi Easy DealsSM
Title: Citi Easy DealsSM
Search URL Search Domain Scan URL
URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM
Title: Citi EntertainmentSM
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers
Title: Special Offers
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority
Title: Citi Priority
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®
Title: Citigold®
Search URL Search Domain Scan URL
URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank
Title: Citi Private Bank
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/small-business-banking
Title: Small Business Accounts
Title: Small Business Accounts
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts
Title: Commercial Accounts
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Personal Banking
Title: Personal Banking
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare/view-all-credit-cards
Title: Credit Cards
Title: Credit Cards
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=todays_mortgage_rates&type=buy
Title: Mortgage
Title: Mortgage
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=home_equity_rates
Title: Home Equity
Title: Home Equity
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/current-interest-rates/personal-loans-and-lines-of-credit
Title: Lending
Title: Lending
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/contactus
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/search/fullSearch;search=
Title: Help & FAQs
Title: Help & FAQs
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/security-center
Title: Security Center
Title: Security Center
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title:
Title:
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title:
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://citiserve.duia.us/
HTTP 302
https://citiserve.duia.us/US/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
47 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
citiserve.duia.us/US/ Redirect Chain
|
77 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
citiserve.duia.us/US/assets/ |
46 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ddl.css
citiserve.duia.us/US/assets/ |
624 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main_branding.css
citiserve.duia.us/US/assets/ |
272 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.js
citiserve.duia.us/US/assets/ |
204 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
homePage.css
citiserve.duia.us/US/assets/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
citiserve.duia.us/US/assets/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cbol-smartSearch.css
citiserve.duia.us/US/assets/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HowCanWeHelpButton_default.png
citiserve.duia.us/US/assets/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citiHomePage.js
citiserve.duia.us/US/assets/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rsa.js
citiserve.duia.us/US/assets/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
TMXProfiling.js
citiserve.duia.us/US/assets/ |
1 KB 895 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
peworkflow.js
citiserve.duia.us/US/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP3443_H.jpg
citiserve.duia.us/US/assets/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
450x285-rewards.png
citiserve.duia.us/US/assets/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8119_M.jpg
citiserve.duia.us/US/assets/ |
97 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
M1-M7_Citi-card-cluster-4.jpg
citiserve.duia.us/US/assets/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP7244_M.jpg
citiserve.duia.us/US/assets/ |
88 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8150_M.jpg
citiserve.duia.us/US/assets/ |
72 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citi-logo.png
citiserve.duia.us/US/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2020CertifiedMobileApp.png
citiserve.duia.us/US/assets/ |
232 KB 233 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
googlePlay_1px.png
citiserve.duia.us/US/assets/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appStore_1px.png
citiserve.duia.us/US/assets/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oo_engine.js
citiserve.duia.us/US/assets/ |
42 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ddl.js
citiserve.duia.us/US/assets/ |
64 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
citiserve.duia.us/US/assets/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citilive-search.js
citiserve.duia.us/US/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cbol-smartSearch-inject.js
citiserve.duia.us/US/assets/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
siteseal2p.js
citiserve.duia.us/US/assets/ |
685 B 721 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cobrowse_overlay.css
citiserve.duia.us/US/assets/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.woff
citiserve.duia.us/US/assets/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow-btn-next-blue-sm-bold.svg
citiserve.duia.us/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Branding-Sprite.png
citiserve.duia.us/US/assets/assets/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Branding-Sprite.png
citiserve.duia.us/GFC/branding/img/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appStore_1px.png
citiserve.duia.us/GFC/branding/responsivebranding/img/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
googlePlay_1px.png
citiserve.duia.us/GFC/branding/responsivebranding/img/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow-btn-next-white-sm-bold.svg
citiserve.duia.us/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oo_icon_retina.gif
citiserve.duia.us/GFC/branding/olab/images/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Bold.woff
citiserve.duia.us/US/assets/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.ttf
citiserve.duia.us/US/assets/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse.js
cse.google.com/cse/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse_element__de.js
www.google.com/cse/static/element/26b8d00a7c7a0812/ |
261 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default+de.css
www.google.com/cse/static/element/26b8d00a7c7a0812/ |
40 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.css
www.google.com/cse/static/style/look/v4/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Bold.ttf
citiserve.duia.us/US/assets/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cyss.js
cyseal.cyveillance.com/SiteSeal/ |
0 226 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citibank (Banking)171 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery object| jQuery19105913748005218902 object| respond number| signonInitialHeight undefined| signonModalHeight boolean| signonBlock function| populateEFDParams function| populateClientData function| submitRSADevicePrint function| submitmobilegeolocation function| doSubmit function| signOnUnamePwdError function| clearFieldErrorValidation function| onSelectUser function| insertAfter function| mask function| focusOn function| blurOn function| doMask function| OpenInNewTab function| displayLable function| launchPopup function| tv function| initMLC function| displayServerName function| isTestDomain function| getCookie function| setCookie function| calLinkCharLength function| truncateOtherAlert function| truncateBrowserAlert function| passTmplObj function| closeAlertBox function| showFullMsg function| hideFullMsg function| truncateMsg function| showAlerts function| hideAlerts function| handleOutageAlert function| handleSignonLink function| adjustHeroHeight function| adjustHeroOnRotation function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| getRequestParams string| immediateReferrer boolean| isJavaEnabled string| screenResolution object| peworkflow object| commonUtils function| peintg object| OOo function| commaSeperatedList function| arraysEqual object| CM function| onYouTubeIframeAPIReady boolean| iOS string| titleAttr function| hasClass function| setSearchBarLabel function| changeViewport function| setPageTimeout function| delayPageTimeout function| resetPageTimeout function| sessionRecovery function| callSessionCheck function| sessionCheckReturn function| beforeYouGo function| getBrandingData function| getFinalURL function| lnk function| isSubappBusy function| confirmGo function| ConfirmGo function| myFunction function| closeActiveFlyoutMenu function| hideSearchBar object| globalNavigation function| gssCallback object| requestURL object| params undefined| element undefined| h1Element undefined| fullSearchURL undefined| newElement function| gsearch2 function| scEventL function| scEvent boolean| flag function| gsearch function| searchComplete function| renderSearchControls object| pageTimer object| delayTimer undefined| branding_sc_p3 string| displayPhrase string| displayPhrase2 undefined| subMenuMargin object| year function| getParameterByName object| ids_menu object| ids_hasdrop object| ids_dropbtn function| mobileDropdown function| mobileSubDropdown function| hideMobileDrop function| getSpanishHref function| showSpanishDisclaimer function| closeSpanishDisclaimer function| redirectToSpanishPage function| getEnglishHref function| redirectToEnglishPage object| __gcse object| $desktopSearchWrap object| $desktopSearchBar object| $desktopSearchBtn object| CitiSearchConfig function| NexusPlatformDelegateToCBOL function| NexusPlatformChatEscalationCBOL function| _focusFirstHeader function| _focusPreviousHeader function| _focusNextHeader object| google object| closure_lm_85941 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| citiserve.duia.us/ | Name: bk_login_tries Value: 3 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
citiserve.duia.us
cse.google.com
cyseal.cyveillance.com
stackpath.bootstrapcdn.com
www.google.com
107.22.16.63
165.227.25.217
2001:4de0:ac19::1:b:1a
2a00:1450:4001:819::2004
2a00:1450:4001:81d::200e
0690a4485453c0be441deee586e2a116b22428f40bfc494ec04af97a5cbc0720
06d733b09a9fccaa6b2c7ee0e8c9002f782366cbd16f1204e14c43e803d61051
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
18dd14391c927abdc4816f8aa2f22ff434b138b7495fbbcbdfed944f1d77a567
19714fe97157218012265c566007fa0f44093675c1b31668f0812135baba7756
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
286efd8efeed62503c397f72d7d1414b7b72118ee0b083b0d4dfe0955ce62e5d
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
80813f64f1296c3ef9d1bac5919dba48a674037da93110861b68ef1bba4c92d3
88708a84bb580269610696ced084192bf187d25c786c91804614e1cc61dd4d57
8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a
8cad2492e705a54e5c4a634509b1d6c836dfb5bd179c2e58063653cc8635d6df
9b6b088fca09ddacae59b9a27c581dce6746dea026c93adb6c3ca30e586ac8de
9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
ac5765dee0ca74b3ffb169f12880229be905b412bdcc9c87649b3040f5aa688a
b81c40d26fc71a79f47e28b43f4f3818f871c8d0ad99f52e35bcab45b8514a33
b95fb980f8f91f1c113d3411d3fbf608e143bf4d10fe0706bb6d2231f13bd228
d58f4a3eb5de34a29338fbba4444dae9c7b93d04556cd7200247c974613fbf03
dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45f6d6801dfd651aa989fec89b43ef6fca91c9b48d4cfd701505ad007e86d37
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470
f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8
f35167f960fb0ce996db66bdfc5723771a4acc8e7206b282e7dfaa8c2ca81e3b
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2
fb42046c6feabb3126634752069391d76d8ded5770a936eb1ce0cdd6aa7358b9
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b