zigmainfratech.com
Open in
urlscan Pro
116.206.104.141
Malicious Activity!
Public Scan
Submission: On May 24 via manual from IN — Scanned from DE
Summary
This is the only time zigmainfratech.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citibank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 116.206.104.141 116.206.104.141 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
1 | 104.92.75.138 104.92.75.138 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 96.16.129.152 96.16.129.152 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
25 | 3 |
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-in-35.webhostbox.net
zigmainfratech.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-92-75-138.deploy.static.akamaitechnologies.com
online.citi.com |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-129-152.deploy.static.akamaitechnologies.com
www.citi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
zigmainfratech.com
zigmainfratech.com |
671 KB |
2 |
citi.com
online.citi.com — Cisco Umbrella Rank: 23259 www.citi.com — Cisco Umbrella Rank: 29147 |
|
25 | 2 |
Domain | Requested by | |
---|---|---|
23 | zigmainfratech.com |
zigmainfratech.com
|
1 | www.citi.com |
zigmainfratech.com
|
1 | online.citi.com |
zigmainfratech.com
|
25 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
online.citibank.com DigiCert SHA2 Extended Validation Server CA |
2022-05-03 - 2023-05-16 |
a year | crt.sh |
www.citi.com DigiCert SHA2 Extended Validation Server CA |
2021-11-02 - 2022-12-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://zigmainfratech.com/citimeme/online/login
Frame ID: 11117FB848DC7DE8C5D1A57075B5B907
Requests: 25 HTTP requests in this frame
33 Outgoing links
These are links going to different origins than the main page.
Title: Skip to Content
Search URL Search Domain Scan URL
Title: ATM / BRANCH
Search URL Search Domain Scan URL
Title: Our Story
Search URL Search Domain Scan URL
Title: Benefits and Services
Search URL Search Domain Scan URL
Title: Rewards
Search URL Search Domain Scan URL
Title: Citi Easy DealsSM
Search URL Search Domain Scan URL
Title: Citi EntertainmentSM
Search URL Search Domain Scan URL
Title: Special Offers
Search URL Search Domain Scan URL
Title: CitigoldĀ® Private Client
Search URL Search Domain Scan URL
Title: CitigoldĀ®
Search URL Search Domain Scan URL
Title: Citi Priority
Search URL Search Domain Scan URL
Title: Citi Private Bank
Search URL Search Domain Scan URL
Title: Small Business Accounts
Search URL Search Domain Scan URL
Title: Commercial Accounts
Search URL Search Domain Scan URL
Title: Personal Banking
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Mortgage
Search URL Search Domain Scan URL
Title: Home Equity
Search URL Search Domain Scan URL
Title: Lending
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Help & FAQs
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title: Continue
Search URL Search Domain Scan URL
Title: Continue
Search URL Search Domain Scan URL
Title: Continue
Search URL Search Domain Scan URL
Title: Continue
Search URL Search Domain Scan URL
Title: Continue
Search URL Search Domain Scan URL
Title: Continue
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Notice at Collection
Search URL Search Domain Scan URL
Title: CA Privacy Hub
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
zigmainfratech.com/citimeme/online/ |
395 KB 87 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.a4a9307b7b034ca614a7.css
zigmainfratech.com/citimeme/online/assets/ |
1 MB 288 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citilogoredesign.png
zigmainfratech.com/citimeme/online/assets/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
050-location@2x.svg
zigmainfratech.com/citimeme/online/assets/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
zigmainfratech.com/citimeme/online/assets/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qrsignon.png
zigmainfratech.com/citimeme/online/assets/ |
741 B 965 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
laptop-and-phone-pairing.png
zigmainfratech.com/citimeme/online/assets/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
laptop-and-phone-success.png
zigmainfratech.com/citimeme/online/assets/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EqualHousing.png
zigmainfratech.com/citimeme/online/assets/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googlePlay@3x.png
zigmainfratech.com/citimeme/online/assets/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appStore@3x.png
zigmainfratech.com/citimeme/online/assets/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-media_facebook@3x.png
zigmainfratech.com/citimeme/online/assets/ |
445 B 631 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-media_twitter@3x.png
zigmainfratech.com/citimeme/online/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-media_youtube@3x.png
zigmainfratech.com/citimeme/online/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0
zigmainfratech.com/citimeme/online/assets/ |
0 188 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0(1)
zigmainfratech.com/citimeme/online/assets/ |
0 188 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0(2)
zigmainfratech.com/citimeme/online/assets/ |
0 188 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0(3)
zigmainfratech.com/citimeme/online/assets/ |
0 188 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1592741950571_CTA_Feedback(final).png
zigmainfratech.com/citimeme/online/assets/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
zigmainfratech.com/citimeme/online/assets/ |
92 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mask.js
zigmainfratech.com/citimeme/online/assets/ |
146 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LSO_4959.jpg
online.citi.com/nga-lite-signon/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qrsignon-1.png
www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Light.woff
zigmainfratech.com/citimeme/online/assets/ |
74 KB 74 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Bold.woff
zigmainfratech.com/citimeme/online/assets/ |
70 KB 70 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citibank (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| $ function| jQuery function| IMask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
online.citi.com
www.citi.com
zigmainfratech.com
104.92.75.138
116.206.104.141
96.16.129.152
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237
42c0b3eef2e0ad3e2cbe13a1ccaf105bcb12373a533b4b340f8cd2b3a373666d
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
547012f25b735aec336f17b2dad949550709726ab8371a9bef194bef2b854106
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
80574f4c5d1399c25e16d67e748b972ff70ed58a097f8e0016f648ecbd17a771
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296