fstctznb.com
Open in
urlscan Pro
199.168.185.106
Malicious Activity!
Public Scan
Submission: On December 09 via api from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 9th 2019. Valid for: a month.
This is the only time fstctznb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: First Citizens Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 199.168.185.106 199.168.185.106 | 33182 (DIMENOC) (DIMENOC - HostDime.com) | |
39 | 69.89.129.19 69.89.129.19 | 22976 (FIRST-CIT...) (FIRST-CITIZENS-01 - First Citizens Bank) | |
1 8 | 2a00:1450:400... 2a00:1450:4001:817::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 169.55.61.17 169.55.61.17 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 152.199.21.2 152.199.21.2 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 104.17.208.240 104.17.208.240 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
62 | 11 |
ASN33182 (DIMENOC - HostDime.com, Inc., US)
PTR: 199-168-185-106.static.hostdime.com
fstctznb.com |
ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US)
PTR: dnssectest.first-citizens-bank.bank
www.firstcitizens.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 11.3d.37a9.ip4.static.sl-reverse.com
www.sc.pages08.net | |
www.pages08.net |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
hello.myfonts.net |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
cse.google.com |
ASN15169 (GOOGLE - Google LLC, US)
clients1.google.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
firstcitizens.com
www.firstcitizens.com |
590 KB |
11 |
google.com
1 redirects
www.google.com cse.google.com clients1.google.com |
161 KB |
3 |
fstctznb.com
fstctznb.com |
148 KB |
2 |
pages08.net
www.sc.pages08.net www.pages08.net |
6 KB |
1 |
qualtrics.com
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com |
17 KB |
1 |
gstatic.com
www.gstatic.com |
91 KB |
1 |
myfonts.net
hello.myfonts.net |
170 B |
1 |
googleapis.com
ajax.googleapis.com |
32 KB |
0 |
google-analytics.com
Failed
www.google-analytics.com Failed |
|
0 |
googletagmanager.com
Failed
www.googletagmanager.com Failed |
|
62 | 10 |
Domain | Requested by | |
---|---|---|
39 | www.firstcitizens.com |
fstctznb.com
www.firstcitizens.com |
8 | www.google.com |
1 redirects
fstctznb.com
cse.google.com www.firstcitizens.com |
3 | fstctznb.com |
www.firstcitizens.com
|
2 | cse.google.com |
fstctznb.com
www.google.com |
1 | zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com |
fstctznb.com
|
1 | www.pages08.net | |
1 | clients1.google.com |
fstctznb.com
|
1 | www.gstatic.com |
www.google.com
|
1 | hello.myfonts.net |
fstctznb.com
|
1 | ajax.googleapis.com |
fstctznb.com
|
1 | www.sc.pages08.net |
fstctznb.com
|
0 | www.google-analytics.com Failed |
fstctznb.com
|
0 | www.googletagmanager.com Failed |
fstctznb.com
|
62 | 13 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fstctznb.com Sectigo RSA Domain Validation Secure Server CA |
2019-12-09 - 2020-01-14 |
a month | crt.sh |
www.firstcitizens.com DigiCert SHA2 Extended Validation Server CA |
2018-02-16 - 2020-02-17 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.engage8.silverpop.com DigiCert SHA2 Secure Server CA |
2019-04-29 - 2020-05-08 |
a year | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
hello.myfonts.net DigiCert SHA2 Secure Server CA |
2019-06-03 - 2021-06-07 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.qualtrics.com DigiCert SHA2 Secure Server CA |
2018-10-08 - 2021-01-06 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://fstctznb.com/f/personal/banking/checking/index.html
Frame ID: 660FBF88402FA54501E801DC569EBC8A
Requests: 62 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Ruxit (Analytics) Expand
Detected patterns
- script /ruxitagentjs/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
120 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: ATMs & Locations
Search URL Search Domain Scan URL
Title: About First Citizens
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact Customer Support or Call us: 1.888.FC DIRECT
Search URL Search Domain Scan URL
Title: Personal
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Wealth
Search URL Search Domain Scan URL
Title: Forgot ID
Search URL Search Domain Scan URL
Title: Forgot Password
Search URL Search Domain Scan URL
Title: Sign Up >
Search URL Search Domain Scan URL
Title: Log In Help >, Opens in a new tab
Search URL Search Domain Scan URL
Title: Learn More >
Search URL Search Domain Scan URL
Title: View Demo >, Opens in a new tab
Search URL Search Domain Scan URL
Title: Banking
Search URL Search Domain Scan URL
Title: Checking Accounts
Search URL Search Domain Scan URL
Title: Your Family First®
Search URL Search Domain Scan URL
Title: Savings Accounts & CDs
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Debit Card
Search URL Search Domain Scan URL
Title: Digital Banking
Search URL Search Domain Scan URL
Title: All Banking Products & Services »
Search URL Search Domain Scan URL
Title: Switch to First Citizens
Search URL Search Domain Scan URL
Title: Set up Direct Deposit
Search URL Search Domain Scan URL
Title: Get the Mobile Banking App
Search URL Search Domain Scan URL
Title: Get Overdraft Protection
Search URL Search Domain Scan URL
Title: Order Checks
Search URL Search Domain Scan URL
Title: Access First Citizens Rewards®*
Search URL Search Domain Scan URL
Title: Learn about Budgeting
Search URL Search Domain Scan URL
Title: Save for College, Opens in a new tab
Search URL Search Domain Scan URL
Title: Learn about Online Banking Fees
Search URL Search Domain Scan URL
Title: Find Bank Routing Number
Search URL Search Domain Scan URL
Title: Loans & Credit
Search URL Search Domain Scan URL
Title: Home Equity Loans & Lines of Credit
Search URL Search Domain Scan URL
Title: Mortgage Loans
Search URL Search Domain Scan URL
Title: Refinancing
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Other Personal Loans & Lines of Credit
Search URL Search Domain Scan URL
Title: Check Mortgage Rates
Search URL Search Domain Scan URL
Title: Check Home Equity Loan Rates
Search URL Search Domain Scan URL
Title: Start a Mortgage Application
Search URL Search Domain Scan URL
Title: Finance a Major Purchase or Project, Opens in a new tab
Search URL Search Domain Scan URL
Title: Calculate a Mortgage Payment, Opens in a new tab
Search URL Search Domain Scan URL
Title: Learn about College Financing
Search URL Search Domain Scan URL
Title: Start an Auto Loan Application
Search URL Search Domain Scan URL
Title: Digital Banking
Search URL Search Domain Scan URL
Title: Payments & Transfers
Search URL Search Domain Scan URL
Title: Alerts
Search URL Search Domain Scan URL
Title: Online & Mobile Security
Search URL Search Domain Scan URL
Title: Log in to Digital Banking
Search URL Search Domain Scan URL
Title: Log in to Digital Banking
Search URL Search Domain Scan URL
Title: Open a New Checking Account
Search URL Search Domain Scan URL
Title: Access Online Brokerage
Search URL Search Domain Scan URL
Title: Get the Mobile & Tablet Banking App
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Auto
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Umbrella Policies
Search URL Search Domain Scan URL
Title: Renters
Search URL Search Domain Scan URL
Title: Auto, RV & Watercraft Insurance
Search URL Search Domain Scan URL
Title: Log In to My Insurance Center*
Search URL Search Domain Scan URL
Title: Access Private Risk Advisory Services
Search URL Search Domain Scan URL
Title: Talk to an Insurance Advisor
Search URL Search Domain Scan URL
Title: Investments & Retirement
Search URL Search Domain Scan URL
Title: IRAs
Search URL Search Domain Scan URL
Title: Retirement Planning
Search URL Search Domain Scan URL
Title: Saving for Education
Search URL Search Domain Scan URL
Title: Advice & Planning
Search URL Search Domain Scan URL
Title: Family Finances
Search URL Search Domain Scan URL
Title: Budgeting & Saving
Search URL Search Domain Scan URL
Title: Managing Credit
Search URL Search Domain Scan URL
Title: Home Ownership
Search URL Search Domain Scan URL
Title: Retirement Planning
Search URL Search Domain Scan URL
Title: Free Checking
Search URL Search Domain Scan URL
Title: Select Checking
Search URL Search Domain Scan URL
Title: Premier Checking
Search URL Search Domain Scan URL
Title: Prestige Checking
Search URL Search Domain Scan URL
Title: Premier Executive Checking
Search URL Search Domain Scan URL
Title: Together Card®
Search URL Search Domain Scan URL
Title: Together Card FAQs
Search URL Search Domain Scan URL
Title: Checking FAQs
Search URL Search Domain Scan URL
Title: e.savings
Search URL Search Domain Scan URL
Title: Regular Savings
Search URL Search Domain Scan URL
Title: Money Market Savings
Search URL Search Domain Scan URL
Title: CDs
Search URL Search Domain Scan URL
Title: Savings FAQs
Search URL Search Domain Scan URL
Title: Military Banking
Search URL Search Domain Scan URL
Title: Military Checking
Search URL Search Domain Scan URL
Title: Military Savings
Search URL Search Domain Scan URL
Title: Card Alerts
Search URL Search Domain Scan URL
Title: Digital Wallet
Search URL Search Domain Scan URL
Title: Apple Pay®
Search URL Search Domain Scan URL
Title: Google PayTM
Search URL Search Domain Scan URL
Title: Samsung Pay
Search URL Search Domain Scan URL
Title: Visa® Gift Card
Search URL Search Domain Scan URL
Title: Intelligent ATM Banking
Search URL Search Domain Scan URL
Title: Foreign Currency
Search URL Search Domain Scan URL
Title: Open your free checking account Now
Search URL Search Domain Scan URL
Title: paperless
Search URL Search Domain Scan URL
Title: Open your select checking account Now
Search URL Search Domain Scan URL
Title: EquityLines
Search URL Search Domain Scan URL
Title: Open your premier checking account Now
Search URL Search Domain Scan URL
Title: Open your prestige checking account Now
Search URL Search Domain Scan URL
Title: FINRA
Search URL Search Domain Scan URL
Title: SIPC
Search URL Search Domain Scan URL
Title: Learn more about Digital Banking Secure account access to keep your finances streamlined and organized  Learn More
Search URL Search Domain Scan URL
Title: Transaction Posting Order
Search URL Search Domain Scan URL
Title: Reorder checks
Search URL Search Domain Scan URL
Title: Privacy & Security
Search URL Search Domain Scan URL
Title: Legal Information
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Internet Explorer1
Search URL Search Domain Scan URL
Title: Firefox1
Search URL Search Domain Scan URL
Title: Chrome1
Search URL Search Domain Scan URL
Title: Safari1
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://www.google.com/cse/cse.js?cx=000988411177674020417:x3hvisg_gtc HTTP 302
- https://cse.google.com/cse/cse.js?cx=000988411177674020417:x3hvisg_gtc
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
fstctznb.com/f/personal/banking/checking/ |
147 KB 147 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ruxitagentjs_ICA2SVfjqru_10177191024092634.js
www.firstcitizens.com/ |
140 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MyFontsWebfontsKit.css
www.firstcitizens.com/fonts/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.firstcitizens.com/css/ |
84 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fcb-style.css
www.firstcitizens.com/css/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fcb-header.css
www.firstcitizens.com/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fcb-footer.css
www.firstcitizens.com/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fcb-main.css
www.firstcitizens.com/css/ |
235 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fcb-responsive.css
www.firstcitizens.com/css/ |
289 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comparison-table.css
www.firstcitizens.com/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
729 B 557 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iMAWebCookie.js
www.sc.pages08.net/lp/static/js/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_fcb.jpg
www.firstcitizens.com/img/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gcs_sm.png
www.firstcitizens.com/img/ |
430 B 705 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_alt.jpg
www.firstcitizens.com/img/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_check_green.png
www.firstcitizens.com/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_color_facebook.png
www.firstcitizens.com/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_color_twitter.png
www.firstcitizens.com/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_color_linkedin.png
www.firstcitizens.com/img/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_color_youtube.png
www.firstcitizens.com/img/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_memberfdic.png
www.firstcitizens.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_equalhousing.png
www.firstcitizens.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_foreverfirst.png
www.firstcitizens.com/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
securimage_show.php
www.firstcitizens.com/includes-new/securimage/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_reloadcaptcha.png
www.firstcitizens.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ |
91 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.fancybox.pack.js
www.firstcitizens.com/js/ |
23 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.firstcitizens.com/js/ |
20 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js
www.firstcitizens.com/js/ |
129 KB 129 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fcb-site.js
www.firstcitizens.com/js/ |
19 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cslider.js
www.firstcitizens.com/js/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2b4703
hello.myfonts.net/count/ |
0 170 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gtm.js
www.googletagmanager.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/PRkVene3wKrZUWATSylf69ja/ |
253 KB 91 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse.js
cse.google.com/cse/ Redirect Chain
|
7 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_divider.png
www.firstcitizens.com/img/ |
987 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_planning.png
www.firstcitizens.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_open.png
www.firstcitizens.com/img/ |
971 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_online_banking.png
www.firstcitizens.com/img/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_mobile_banking.png
www.firstcitizens.com/img/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_listbullet.png
www.firstcitizens.com/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2B4703_0_0.woff
www.firstcitizens.com/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_expand_arrow_dk_blue.png
www.firstcitizens.com/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_product_arrow.png
www.firstcitizens.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_tablefold_bottom.png
www.firstcitizens.com/img/ |
1019 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_closemodal.png
www.firstcitizens.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_printdirections.png
www.firstcitizens.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_tooltip.png
www.firstcitizens.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse_element__en.js
www.google.com/cse/static/element/8b2252448421acb3/ |
257 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default+en.css
www.google.com/cse/static/element/8b2252448421acb3/ |
40 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
www.google.com/cse/static/style/look/v3/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
analytics.js
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async-ads.js
cse.google.com/adsense/search/ |
164 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ |
919 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generate_204
clients1.google.com/ |
0 187 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2B4703_0_0.ttf
www.firstcitizens.com/fonts/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event.jpeg
www.pages08.net/WTS/ |
0 433 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
70 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.png
www.google.com/cse/static/css/v2/ |
1018 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ |
551 B 665 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rb_bf48372wzr
fstctznb.com/ |
315 B 479 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rb_bf48372wzr
fstctznb.com/ |
315 B 479 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.googletagmanager.com
- URL
- http://www.googletagmanager.com/gtm.js?id=GTM-MKJVXX
- Domain
- www.firstcitizens.com
- URL
- https://www.firstcitizens.com/fonts/webfonts/2B4703_0_0.woff
- Domain
- www.google-analytics.com
- URL
- http://www.google-analytics.com/analytics.js
- Domain
- www.firstcitizens.com
- URL
- https://www.firstcitizens.com/fonts/webfonts/2B4703_0_0.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: First Citizens Bank (Banking)64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| aClj object| dT_ object| dtrum function| captchaSubmit object| ewt object| dataLayer object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| $ object| jQuery1101008762514869951277 object| recaptcha object| __gcse object| google object| closure_lm_311829 boolean| listOpen boolean| isDev boolean| isQA string| ActivePage object| Nav function| missingPassword object| Hero object| Tabs function| faq_toggle function| show_product object| Validate object| Forms object| GoogleMap object| Loc object| Modal object| Geo object| Dropdown object| Misc boolean| ismobile function| trackLink object| recommendation function| displayRouting function| NavSelect function| ContentToggle function| dropContext function| platformLogin function| displayMessage function| OpenMedia object| Dental function| toggleAccordion object| FCB function| formError function| openActiveProduct function| toggleDetails object| CSlider string| GoogleAnalyticsObject function| ga function| _googCsa number| nextSearchboxId number| googleNDT_ number| _googCsaAlwaysHttps number| _googCsaFetchExpIds string| _googCsaExpIds number| googleAltLoader string| ewt_host string| ewt_page_key object| QSI5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fstctznb.com/ | Name: com.silverpop.iMA.page_visit Value: -1153154852: |
|
.fstctznb.com/ | Name: com.silverpop.iMAWebCookie Value: a8e6944d-9704-226d-c637-9269150c89a2 |
|
fstctznb.com/ | Name: dtPC Value: -10$318228712_474h2vXQLQIWNGGPITDCTBMLXPZVBYRNOBMZUK |
|
.fstctznb.com/ | Name: com.silverpop.iMA.session Value: cc101162-142a-ea3b-dd25-3a93204170be |
|
fstctznb.com/ | Name: rxvt Value: 1575920029663|1575918228719 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
clients1.google.com
cse.google.com
fstctznb.com
hello.myfonts.net
www.firstcitizens.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.pages08.net
www.sc.pages08.net
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com
www.firstcitizens.com
www.google-analytics.com
www.googletagmanager.com
104.17.208.240
152.199.21.2
169.55.61.17
199.168.185.106
2a00:1450:4001:800::200e
2a00:1450:4001:809::200e
2a00:1450:4001:817::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:81f::2003
69.89.129.19
01c7f15d0462e4a00bc0a64fe1f8eca95fc5d0718f9bc2df7baa2db36c3f670d
02c39275000c1280f9cde808ebe731ec1924477305678759c1140ecaac49eba0
0c4985f8da0e76a2faa8a744d227a7dbd463b52d2c9d59e92230d23d6b35923f
1359d0ea92d8586dbda5a3904d798f04145a9bedbded053170e1254e58020431
15ff77856ba5002002aa7b6153d33a950bcd3bce880c9954b779765a0bfa7b8c
1948de93e030507e76c7906070bf4c8c8e6ce4cb3b0523c63c3b9cd6c5e70e75
214a0e116cca5f1af965b942fe7addff9ea251cd2546b2082329be46a2393c3e
25dacd29b5c16a99e504eba2b2f80d5ef8c2430b8d5479440dc93fc328300a9d
2760257bbacab133bae4da717bf919fba321871d28f396bb6df0a92ecad60013
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
2e5aa0625518bfda7ef4647d8d5a2a7d256a5791b2ccd9831284f8239afad998
2f233e39fe1abd557a821cefc3c761ba846c8c0c1130dea087ffb87a83820cd7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
35edee51dcd47b7b0781ea0fe9c294f12e4b3031f2208a2b7d228d1715b19b8a
37ac1724ad3a011f53511cce973e4e76444fa46ba341ae08f76f8e874ca0de08
3f2644fa504faca7f76ee9f7496bf1cf217a8a4ca269526486878f7b958aa439
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
43c4bf728b17806ac3ae1b25c448a39a700235fa27669fa8d82e24b4318b2049
47c0ad73629fc3babdfa98a6925dcfc797901cea954714c9e7daff5ace41e046
4ad8b1261cb071210486bca7c49983d0598759e7dbd7236179e37f04246b6978
4b210ff0b6dff8cc7b66ae9bb0d6144b1c3a37269992d2082fec67496c4e5ad5
4c1f1cc194b45d60eae9060a8c6e105b102813c822c9634739506d29d966a537
5d12949341c945efe40bce248581f0df7d51512ed35e830910b817ddcefb6d4a
613add0b633fe985b8598ee3f3cc16368f35c46df3afb00b767b3e00f3bd2741
6a051d654e1d5fb0f3695603dcba88826027f2ad50bd5256e479a28c15c1095b
6b21631edb467ad2ce3887be0cd62c22a228eb02180764975e841fd37dc52bb8
7169aadac0a0b35113a67e6a71ded4836a4486160838d61e427c438b98473fec
7285ae6888dc58090592292d6980a062bd7694ca5a856602236dfcc6b6b2d8cd
7c400aea2b0afc79c800c5fd3de877358366d9e643e84ada5ee294756ff170ed
801f4abef3410ec515b1821cc0dcf6f458ce222130d21016a6d19bef16bfb8e3
811c5af6f82c69662dfbf331296f8deb9de762f35f37beccec6381272ebc297d
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
8c560fa82477e1a484846fd37e8b607c059395ace6462db957a38256dac55288
8ec384c7d34a1372d621fe6bc69f73f53e7ab3b3c124341ede5f63c8e42f5d73
92a87786cd850d0859ed5afa4313d85cb7f30f600848a1ebe1130de72b69c62e
94f73db6c87e1b6f045ea0ae25368cfbb86672058eb0687db987ec1c5194c017
96300eefbc881b4336aa1f17bd91ea6aec9f1e0117c6d749a8e79bd5b7d2309a
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
9d8f76ec3fdf7612430689c2dff469577ca94c09a9dc22200681d91dbaa2746a
a0b199c7a715136d57223bb5a3cbb03f16229337a16310e45de3256d61d5f59d
a5bf2103eeeb4297952f732b2babd2c88ccfa4e422477586cae8fd33d5132317
a754e1c87282d56103dd86f271f0883a28d662759fba565d7ab53c9358973580
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
b038e46ae394f7aa89304922adf8aeb9c82501da5b0a57f9a03d717ebdf884f6
b73cfcc5776a301fe1ec14aecfdeda3917a490859c80b10d3c3841d4ce2599f8
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcc7e6a3c11584d09906c663453be7a2226aec0357fa9ec5dc63f1e473b10710
c56b6ea4a91bed7cd1eb61a003c392a1157e5a15f3f742fc5b264117cf8844b9
ce06c39578dab4c69b173f706b845412b4978270bab8cfaf47ac10c06e554add
ce767a08dc0e4b8c0aa81d7598a524879fe7c6c21c7170f8b2c76bdeb04fa377
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0d285a1c1fb73874bef1bc21c97f3b41b19ef47d25ab7921f95491229cbc48c
fc050a39af454ee096e1bc4c63aa6ec0e08f1d6d85827a5b1a01b3cdc34e981e