myegdfgsad.com Open in urlscan Pro
190.97.167.147 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sendflowersdenmark.com/zdhwlazxnxshgrn
Effective URL:
http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true
Submission: On December 27 via manual (December 27th 2018, 4:49:48 pm UTC) from US

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 190.97.167.147, located in Panama and belongs to Cyber Cast International, S.A., PA. The main domain is myegdfgsad.com.

This is the only time myegdfgsad.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.141.58.88 209.141.58.88	53667 (PONYNET) (PONYNET - FranTech Solutions)
1 1	209.141.46.142 209.141.46.142	53667 (PONYNET) (PONYNET - FranTech Solutions)
2 31	190.97.167.147 190.97.167.147	27956 (Cyber Cas...) (Cyber Cast International)
29	1

1 209.141.58.88 (Las Vegas, United States) 1 redirects

ASN53667 (PONYNET - FranTech Solutions, US)

sendflowersdenmark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.141.46.142 (Las Vegas, United States) 1 redirects

ASN53667 (PONYNET - FranTech Solutions, US)

americanexpressemailprocess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 190.97.167.147 (Panama) 2 redirects

ASN27956 (Cyber Cast International, S.A., PA)
PTR: host-190-97-167-147.ccipanama.com

myegdfgsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	myegdfgsad.com 2 redirects myegdfgsad.com	922 KB
1	americanexpressemailprocess.com 1 redirects americanexpressemailprocess.com	326 B
1	sendflowersdenmark.com 1 redirects sendflowersdenmark.com	321 B
29	3

	Domain	Requested by
31	myegdfgsad.com	2 redirects myegdfgsad.com
1	americanexpressemailprocess.com	1 redirects
1	sendflowersdenmark.com	1 redirects
29	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true
Frame ID: 2A105F2DDF76A9B9BBFBB4D9D975CA8E
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sendflowersdenmark.com/zdhwlazxnxshgrn HTTP 301
http://americanexpressemailprocess.com/ HTTP 302
http://myegdfgsad.com/citibank/citi/ HTTP 302
http://myegdfgsad.com/citibank/citi/data/ HTTP 302
http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&sec... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

29
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

922 kB
Transfer

915 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sendflowersdenmark.com/zdhwlazxnxshgrn HTTP 301
http://americanexpressemailprocess.com/ HTTP 302
http://myegdfgsad.com/citibank/citi/ HTTP 302
http://myegdfgsad.com/citibank/citi/data/ HTTP 302
http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response myegdfgsad.com/citibank/citi/data/ Redirect Chain http://sendflowersdenmark.com/zdhwlazxnxshgrn http://americanexpressemailprocess.com/ http://myegdfgsad.com/citibank/citi/ http://myegdfgsad.com/citibank/citi/data/ http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true	27 KB 27 KB	221ms 217ms	Document text/html	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `243c4408b4e4ed7bead88f06c36ad8f3d6499146cd8b4840a9d4916cae68c7a3` Request headers Host myegdfgsad.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:33 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Keep-Alive timeout=5, max=98 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Thu, 27 Dec 2018 16:38:33 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Location login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	spp.gif myegdfgsad.com/citibank/citi/data/login_files/	43 B 284 B	195ms 192ms	Image image/gif	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/spp.gif Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:28 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 43
GET H/1.1	200 OK	img.gif myegdfgsad.com/citibank/citi/data/login_files/	42 B 282 B	929ms 187ms	Image image/gif	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/img.gif Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:28 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 42
GET H/1.1	200 OK	iui3.gif myegdfgsad.com/citibank/citi/data/login_files/	43 B 283 B	730ms 184ms	Image image/gif	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/iui3.gif Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 43
GET H/1.1	200 OK	JPPTemp.css myegdfgsad.com/citibank/citi/data/login_files/	245 KB 245 KB	346ms 183ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/JPPTemp.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `dfcd0576021bbd72b97fcfe545d40d1abb1218ffc61a5dd44790a343c57ed898` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 15:01:30 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 250681
GET H/1.1	200 OK	US-Regional.css myegdfgsad.com/citibank/citi/data/login_files/	48 KB 48 KB	369ms 184ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/US-Regional.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `888682b6f8961bc407df2027baf9ea22da7be5f298d037845c1724f7004c4338` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 48906
GET H/1.1	200 OK	branding_main_citi.css myegdfgsad.com/citibank/citi/data/login_files/	42 KB 42 KB	384ms 186ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `c6f8b875ea8e4f9a6ff34062bc07668b597034424c1d6a51059c6694b3214863` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 15:00:40 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 43108
GET H/1.1	200 OK	modal.js Show response myegdfgsad.com/citibank/citi/data/login_files/	14 KB 14 KB	183ms 183ms	Script application/javascript	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/modal.js Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `32b36446addb94d673bbd7002bec24ab831565061344abec70a36c8e367978da` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Thu, 09 Mar 2017 21:41:36 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 14148
GET H/1.1	200 OK	default_en.css myegdfgsad.com/citibank/citi/data/login_files/	45 KB 45 KB	382ms 186ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/default_en.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `72d4175bacbbc61b9b282dc40b8e796bc60575e2b743a27a01968a50a7612a76` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 46037
GET H/1.1	200 OK	default.css myegdfgsad.com/citibank/citi/data/login_files/	14 KB 14 KB	382ms 187ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/default.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `57271db21f2726de70c45af59bf71488a3aa71a668ef59a16c9992eb0feeda88` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 14307
GET H/1.1	200 OK	Citi-BB.png myegdfgsad.com/citibank/citi/data/login_files/	3 KB 4 KB	185ms 184ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/Citi-BB.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `955e287d905855f65031a3f7f98912cdb98e04690df255daaad2270421f4d047` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3388
GET H/1.1	200 OK	search-white.png myegdfgsad.com/citibank/citi/data/login_files/	800 B 1 KB	185ms 184ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/search-white.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `daec312d129cfc3ddfe90327b023a12aa308cce7e403dcda3b5c9f179c4458ca` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 800
GET H/1.1	200 OK	BrowserUpgrade.css myegdfgsad.com/citibank/citi/data/login_files/	2 KB 2 KB	234ms 187ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/BrowserUpgrade.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `37a7f5d27a8634efc6d4e08faa367156ed646a75331bed2dacbab671df8b9525` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 15:03:10 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1727
GET H/1.1	200 OK	signon.css myegdfgsad.com/citibank/citi/data/login_files/	50 KB 51 KB	420ms 186ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/signon.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `aebca3aa38f128c7c049c8357799da2188eca12220508c2a208d0e1e1faa0dba` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 15:00:00 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 51566
GET H/1.1	200 OK	pixel.gif myegdfgsad.com/citibank/citi/data/login_files/	42 B 282 B	187ms 187ms	Image image/gif	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/pixel.gif Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 42
GET H/1.1	200 OK	citi-logo-footer.png myegdfgsad.com/citibank/citi/data/login_files/	2 KB 2 KB	183ms 183ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/citi-logo-footer.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1705
GET H/1.1	200 OK	memberfdic.png myegdfgsad.com/citibank/citi/data/login_files/	4 KB 4 KB	184ms 183ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/memberfdic.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `dd785f8f2c8aedd3c6e165633948ba26d178485f2cf2d0d8f747005472e7cf90` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 3594
GET H/1.1	200 OK	EqualHousing.png myegdfgsad.com/citibank/citi/data/login_files/	3 KB 3 KB	183ms 183ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/EqualHousing.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `d0a6bfa8a515c98d53563371e588089668b4484ad26dfd971d74d5f7be01e260` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:34 GMT Last-Modified Sun, 11 Jun 2017 11:45:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2628
GET H/1.1	200 OK	branding_main.css myegdfgsad.com/citibank/citi/data/login_files/	109 KB 109 KB	184ms 184ms	Stylesheet text/css	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/branding_main.css Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `d7f53e3c36995e68ad08b2813b4c79b64eab203fa29b923592de70fc77571e44` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:57:08 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 111450
GET H/1.1	200 OK	bg-branding-banner.jpg myegdfgsad.com/citibank/citi/data/login_files/	5 KB 5 KB	192ms 191ms	Image image/jpeg	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/bg-branding-banner.jpg Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `b47060147f820f4721134724e1a38cab5fcc6960091389f6b4587769c4d2c313` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login_files/branding_main.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:56:54 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 4857
GET H/1.1	200 OK	bottom-shade.png myegdfgsad.com/citibank/citi/data/login_files/	1 KB 1 KB	190ms 189ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/bottom-shade.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `e7e2072bba9c55af8da06e0205da3c83d79f14999215b35ecbe374661bbce0a9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login_files/signon.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login_files/signon.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:53:04 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1210
GET H/1.1	200 OK	sign-on-bg.png myegdfgsad.com/citibank/citi/data/login_files/	118 B 359 B	189ms 189ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/sign-on-bg.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `44b3ecb9ceeb9a3a4b278f24dacee0a27028004cb22edd57a890ea671ba2d9e7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login_files/signon.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login_files/signon.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:53:34 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 118
GET H/1.1	200 OK	interstate.woff myegdfgsad.com/citibank/citi/data/login_files/	17 KB 17 KB	188ms 188ms	Font font/woff	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/interstate.woff?v=4.0.3 Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `280252aa3047ce2d55dcb1ea863da875574502d37509365b2936b06ac12adfa6` Request headers Pragma no-cache Origin http://myegdfgsad.com Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://myegdfgsad.com/citibank/citi/data/login_files/signon.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://myegdfgsad.com/citibank/citi/data/login_files/signon.css Origin http://myegdfgsad.com Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:52:32 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 17608
GET H/1.1	200 OK	Interstate-Light.woff myegdfgsad.com/citibank/citi/data/login_files/	74 KB 74 KB	187ms 186ms	Font font/woff	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/Interstate-Light.woff Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296` Request headers Pragma no-cache Origin http://myegdfgsad.com Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css Origin http://myegdfgsad.com Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:55:08 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 75538
GET H/1.1	200 OK	global_sprite.png myegdfgsad.com/citibank/citi/data/login_files/	31 KB 31 KB	185ms 185ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/global_sprite.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `6eca5b240e4eefa5a7abe1a358ca0f6214c54672c9c013073c689401c0899de5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login_files/branding_main.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:56:18 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 31331
GET H/1.1	200 OK	mktbgEN9.jpg myegdfgsad.com/citibank/citi/data/login_files/	107 KB 107 KB	328ms 187ms	Image image/jpeg	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/mktbgEN9.jpg Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `e77d37ad2371f1b1c13192c69c795d3b8b2e0a9b463b6e465cfa39aed4933d56` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 12:40:00 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 109332
GET H/1.1	200 OK	sprite_social_icons.png myegdfgsad.com/citibank/citi/data/login_files/	755 B 996 B	329ms 186ms	Image image/png	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/sprite_social_icons.png Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `f57eca81fa7bd5de23577e96490b53f37f22bb183bf7342a3894542f422306da` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:55:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 755
GET H/1.1	200 OK	oo_icon_retina.gif myegdfgsad.com/citibank/citi/data/login_files/	2 KB 2 KB	185ms 184ms	Image image/gif	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Show image Full URL http://myegdfgsad.com/citibank/citi/data/login_files/oo_icon_retina.gif Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:58:08 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 2204
GET H/1.1	200 OK	Interstate-Bold.woff myegdfgsad.com/citibank/citi/data/login_files/	70 KB 70 KB	349ms 187ms	Font font/woff	190.97.167.147 Cyber Cast Intern...
General Check archive.org Show headers Download Go to Full URL http://myegdfgsad.com/citibank/citi/data/login_files/Interstate-Bold.woff Requested by Host: myegdfgsad.com URL: http://myegdfgsad.com/citibank/citi/data/login.php?&sessionid=2f4ab37e52ff6b4e38c141f3bb350fdd&securessl=true Protocol HTTP/1.1 Server 190.97.167.147 , Panama, ASN27956 (Cyber Cast International, S.A., PA), Reverse DNS host-190-97-167-147.ccipanama.com Software Apache / Resource Hash `e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7` Request headers Pragma no-cache Origin http://myegdfgsad.com Accept-Encoding gzip, deflate Host myegdfgsad.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css Cookie PHPSESSID=3eul1to863orn41f7v2mnad5g0 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://myegdfgsad.com/citibank/citi/data/login_files/branding_main_citi.css Origin http://myegdfgsad.com Response headers Date Thu, 27 Dec 2018 16:38:35 GMT Last-Modified Sun, 11 Jun 2017 14:57:30 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 71874

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

americanexpressemailprocess.com
myegdfgsad.com
sendflowersdenmark.com
190.97.167.147
209.141.46.142
209.141.58.88
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
243c4408b4e4ed7bead88f06c36ad8f3d6499146cd8b4840a9d4916cae68c7a3
280252aa3047ce2d55dcb1ea863da875574502d37509365b2936b06ac12adfa6
32b36446addb94d673bbd7002bec24ab831565061344abec70a36c8e367978da
37a7f5d27a8634efc6d4e08faa367156ed646a75331bed2dacbab671df8b9525
44b3ecb9ceeb9a3a4b278f24dacee0a27028004cb22edd57a890ea671ba2d9e7
57271db21f2726de70c45af59bf71488a3aa71a668ef59a16c9992eb0feeda88
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
6eca5b240e4eefa5a7abe1a358ca0f6214c54672c9c013073c689401c0899de5
701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484
72d4175bacbbc61b9b282dc40b8e796bc60575e2b743a27a01968a50a7612a76
888682b6f8961bc407df2027baf9ea22da7be5f298d037845c1724f7004c4338
955e287d905855f65031a3f7f98912cdb98e04690df255daaad2270421f4d047
aebca3aa38f128c7c049c8357799da2188eca12220508c2a208d0e1e1faa0dba
b47060147f820f4721134724e1a38cab5fcc6960091389f6b4587769c4d2c313
c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6f8b875ea8e4f9a6ff34062bc07668b597034424c1d6a51059c6694b3214863
d0a6bfa8a515c98d53563371e588089668b4484ad26dfd971d74d5f7be01e260
d7f53e3c36995e68ad08b2813b4c79b64eab203fa29b923592de70fc77571e44
daec312d129cfc3ddfe90327b023a12aa308cce7e403dcda3b5c9f179c4458ca
dd785f8f2c8aedd3c6e165633948ba26d178485f2cf2d0d8f747005472e7cf90
dfcd0576021bbd72b97fcfe545d40d1abb1218ffc61a5dd44790a343c57ed898
e77d37ad2371f1b1c13192c69c795d3b8b2e0a9b463b6e465cfa39aed4933d56
e7e2072bba9c55af8da06e0205da3c83d79f14999215b35ecbe374661bbce0a9
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f57eca81fa7bd5de23577e96490b53f37f22bb183bf7342a3894542f422306da

myegdfgsad.com Open in urlscan Pro 190.97.167.147 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

922 kBTransfer

915 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myegdfgsad.com Open in urlscan Pro
190.97.167.147 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

922 kB
Transfer

915 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!