www.ib.citidirectportal.com
Open in
urlscan Pro
66.147.238.108
Malicious Activity!
Public Scan
Submission: On April 02 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 2nd 2020. Valid for: 3 months.
This is the only time www.ib.citidirectportal.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citibank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
39 | 66.147.238.108 66.147.238.108 | 23535 (HOSTROCKET) (HOSTROCKET) | |
44 | 2 |
ASN23535 (HOSTROCKET, US)
PTR: hibiscus.hostnownow.com
www.ib.citidirectportal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
citidirectportal.com
www.ib.citidirectportal.com |
2 MB |
0 |
citibank.co.uk
Failed
www.citibank.co.uk Failed |
|
44 | 2 |
Domain | Requested by | |
---|---|---|
39 | www.ib.citidirectportal.com |
www.ib.citidirectportal.com
|
0 | www.citibank.co.uk Failed |
www.ib.citidirectportal.com
|
44 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
play.google.com |
itunes.apple.com |
www.facebook.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ib.citidirectportal.com Let's Encrypt Authority X3 |
2020-04-02 - 2020-07-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.ib.citidirectportal.com/
Frame ID: CB6CFFA88D57A63806D33D7BEAAF2A4E
Requests: 44 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Download Citi Mobile app
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.ib.citidirectportal.com/ |
51 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
www.ib.citidirectportal.com/static/css/bootstrap/ |
114 KB 114 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sub.css
www.ib.citidirectportal.com/static/css/ |
25 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nprogress.css
www.ib.citidirectportal.com/static/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.css
www.ib.citidirectportal.com/static/css/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-logo.png
www.ib.citidirectportal.com/static/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cpc-watch.jpg
www.ib.citidirectportal.com/static/img/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FX-order-watch-min.jpg
www.ib.citidirectportal.com/static/img/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-debit-card-three-currencies-onecard-min.jpg
www.ib.citidirectportal.com/static/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
start-managing-your-wealth-min.jpg
www.ib.citidirectportal.com/static/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-mobile-app-min.jpg
www.ib.citidirectportal.com/static/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ukc_rewards.gif
www.ib.citidirectportal.com/static/img/ |
125 KB 125 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UKC_home_avios.jpg
www.ib.citidirectportal.com/static/img/ |
158 KB 158 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ukc_expat_banner1.jpg
www.ib.citidirectportal.com/static/img/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
live_here_UKC.jpg
www.ib.citidirectportal.com/static/img/ |
76 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
avios_baec_logo.png
www.ib.citidirectportal.com/static/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mgm_home_UKC.jpg
www.ib.citidirectportal.com/static/img/ |
112 KB 112 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citiuk-awards-small-new-min.jpg
www.ib.citidirectportal.com/static/img/collection/benefits/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play.png
www.ib.citidirectportal.com/static/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-store-new.png
www.ib.citidirectportal.com/static/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arch_landing_banner.jpg
www.ib.citidirectportal.com/static/img/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook-icon-new.png
www.ib.citidirectportal.com/static/img/collection/benefits/ |
853 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin.png
www.ib.citidirectportal.com/static/img/collection/benefits/ |
680 B 921 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-citi-logo-small-min.png
www.ib.citidirectportal.com/static/img/ |
619 B 860 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
www.ib.citidirectportal.com/static/js/vendor/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.touchSwipe.min.js
www.ib.citidirectportal.com/static/js/vendor/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.ib.citidirectportal.com/static/js/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nprogress.js
www.ib.citidirectportal.com/static/js/vendor/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grasshopper-plugins.js
www.ib.citidirectportal.com/static/js/ |
54 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onepage.js
www.ib.citidirectportal.com/static/js/ |
38 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.ib.citidirectportal.com/static/js/ |
14 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies.js
www.ib.citidirectportal.com/static/projects/cookies/js/ |
10 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
class.css
www.ib.citidirectportal.com/static/css/ |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.css
www.ib.citidirectportal.com/static/css/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
subpage.css
www.ib.citidirectportal.com/static/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components.css
www.ib.citidirectportal.com/static/css/modules/ |
76 KB 76 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.png
www.ib.citidirectportal.com/static/img/ |
534 KB 534 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff2
www.citibank.co.uk/static/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Interstate-Light.woff
www.citibank.co.uk/static/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies.css
www.ib.citidirectportal.com/static/projects/cookies/css/ |
38 KB 38 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff
www.citibank.co.uk/static/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Interstate-Light.ttf
www.citibank.co.uk/static/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.ttf
www.citibank.co.uk/static/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrows.png
www.ib.citidirectportal.com/static/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.citibank.co.uk
- URL
- https://www.citibank.co.uk/static/fonts/glyphicons-halflings-regular.woff2
- Domain
- www.citibank.co.uk
- URL
- https://www.citibank.co.uk/static/fonts/Interstate-Light.woff
- Domain
- www.citibank.co.uk
- URL
- https://www.citibank.co.uk/static/fonts/glyphicons-halflings-regular.woff
- Domain
- www.citibank.co.uk
- URL
- https://www.citibank.co.uk/static/fonts/Interstate-Light.ttf
- Domain
- www.citibank.co.uk
- URL
- https://www.citibank.co.uk/static/fonts/glyphicons-halflings-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citibank (Banking)35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery111106079627294000745 object| NProgress string| CKEDITOR_BASEPATH function| getParameter string| axel number| randomnum string| location_val undefined| appid undefined| scode_val undefined| pcode_val undefined| step_val undefined| u7_val undefined| u8_val undefined| u20_val undefined| u10_val undefined| u19_val undefined| pagename_val undefined| icid_val undefined| ecid_val object| cookiesGDPR object| SliderTime undefined| g_Map function| loadGoogleMapScript function| patternF function| initialScript function| SinglePage object| SPA function| MarketingMenu object| UK_menu object| LazyLoad object| notAllowed1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.ib.citidirectportal.com/ | Name: abf3eb759fc101926e10e4791992caed Value: 9a9kb68d900djjpt40acitn3v2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.citibank.co.uk
www.ib.citidirectportal.com
www.citibank.co.uk
66.147.238.108
00b82776a5339d8ccf4b922116c67b1e9e325711803343437ae63ee654af235a
011a0c6e3f697f28158940f6ec9aa8cea2413eee5dc0fa8e6c9a167499b06625
0c982697595b3294fea8fe05ad5e4a56ae1050e860c4db7744f8653572ed541d
15554bc4ff75b7ddcafed4bb78d1ec33d34d3eb278117a02c6b344cefec7b8d9
1812986a54113eb7f72886f1c8913e90cdb20b23d7985b02eb535703872108c1
1867b39e105eebfb6f0d5cde7c2eacea1e82693a388b3b73f05ae78310e5a870
1fc5b8132a088c69d26da4a198037600cb4ffba25163a400107d29ab039de27a
27c76b8478e0f995b082bc4f83f2c1492b3ae5086bf223a22119c69a8b5d8424
2adbf7c363ef8158dcfbb0c02bc81fd79bafc2d6a461e120f9333d13f9b2f571
32325631f505ec85919603a64c7ede7538cf2ead171547b621aa2494dd0d6836
37db722f6618cd65ef4c3ec0cf8e244ba89f36bc4ea447893841b3911904c4c6
388f18ae4a2ab2b72cdc765e7bfc1eac776d4258ac0ad85edb90f6b85a31f31f
41968221976fac7ff58f878d5caca3f826b570dbda81ceaebcb89479954e8810
4f460ec1485f1950571b0810db15c4215621ace4267a51a9c0c89f4323c87c69
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
547015b82c1e6cdb4fb4a2f65e91b88388a932f8d1de10ad53ffb24275b4bb47
664d38597de3b5e667a8520a1c34f0c1b72087aaa95ae252d49981ccd4110a74
66d55eff8e568d5eeff6c4f00db753ec6e675ff213435af55fc90a82827c9b48
689df6277a778ac6b50dcbd6e2ecd7590b6d50a43a23b62b6fcd76f66c70620a
6b40de75c251fcf4bae367cdd503ef04c737b5956b2fa56ea89698284cdd55dc
6c5536c3e514d9451c322e7a37c0565c8ada64d7046f80379dbc1927c22466e1
726f8955abe4cca1464636f3ed77e785e9a02a874f92c8e0dbe91c5f0820486a
72fcda3f5a63efaa17a7bad79d79e7f2f1eaf535633e3f430c22bc96b248fa2b
7968321bde2780ad23636a4d9d0601658fcfbb859581bcc885ab887cdac7df42
87943692e6168788362755d54e969a8cd9d99baab5d0db6aee3f7633906159a9
8b29a664b4bd85f1b912a3f2948658ac530280e33e7495b7dc2780f13ff33bbe
950c769a73f722bbe01d783c82fc01cfb02317caaf039b5579f0bf0531501bfa
9eba68ec6ef58574e06f3625cfbcc34c6c7037c5f12b07d32dec6c955d5d09da
a72dbb2d10ee347a11cd9de29f33e535ff6a262d8573f30623a563b9d55e0f72
b171f270173af615e3818070551604dda2dec5fe8ec53ac90427986c11ce42bc
b5f6e40c25d6ee9f98efa459263f6624d507797e4ba1fe4fe95ec662cefad614
c4734c7ef86d710c3059836256035ebfcb643c7a3a4f4e9cd5a009f50f51aaa9
c8b79eff81594ccb6ee64c1d12c94647923d359e2d2cefc616dd81edad7c2b9c
cefdbe8e567c48b1d06246556f28af48a92cd1e009c959726e212d396ab0e4a7
d7d840012cff6fb09d01f23cc6f8ccc44124dd0a6dcf0a97b19eea50386f7e39
daa3c739a15d15aeabd4389af71976ff78c18c2b369173af913476d2fb140482
e32188e52c80ccc0567d2ffe83f0b5a2efd6964dcc3d4ff765a5f0e4b66c4dc9
e665342c3c67f16a898f2216644444cd5078cfa8c6d97bb00791afc4c1c70e25
f00c1d649e0d32271f8f68339ed4a69268b5285e3c3870d8e9774122f9530107