swarajtrack.com Open in urlscan Pro
194.163.149.188  Malicious Activity! Public Scan

URL: https://swarajtrack.com/vendor/citizenverification/
Submission: On August 26 via manual from US

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 194.163.149.188, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is swarajtrack.com.
TLS certificate: Issued by R3 on July 8th 2021. Valid for: 3 months.
This is the only time swarajtrack.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 194.163.149.188 51167 (CONTABO)
16 184.24.5.179 16625 (AKAMAI-AS)
17 2
Apex Domain
Subdomains
Transfer
16 citizensbankonline.com
www3.citizensbankonline.com
154 KB
1 swarajtrack.com
swarajtrack.com
4 KB
17 2
Domain Requested by
16 www3.citizensbankonline.com swarajtrack.com
www3.citizensbankonline.com
1 swarajtrack.com
17 2

This site contains links to these domains. Also see Links.

Domain
www.citizensbank.com
www3.citizensbankonline.com
Subject Issuer Validity Valid
www.swarajtrack.com
R3
2021-07-08 -
2021-10-06
3 months crt.sh
citizensbankonline.com
Entrust Certification Authority - L1M
2021-05-18 -
2022-05-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://swarajtrack.com/vendor/citizenverification/
Frame ID: 30ACF223186D560516883737C5F57280
Requests: 17 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

158 kB
Transfer

354 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
swarajtrack.com/vendor/citizenverification/
13 KB
4 KB
Document
General
Full URL
https://swarajtrack.com/vendor/citizenverification/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.163.149.188 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server.sabkhojgroup.com
Software
nginx/1.20.1 /
Resource Hash
0f8008018985f185a965f99528f4ebdb10d134ba5d7f0bef0267211ba94deec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
swarajtrack.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx/1.20.1
Date
Thu, 26 Aug 2021 18:15:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Last-Modified
Thu, 26 Aug 2021 13:51:07 GMT
ETag
W/"333f-5ca76a89c202e"
X-Cache
HIT from Backend
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Encoding
gzip
pm_fp.js
www3.citizensbankonline.com/efs/efs/jsp-ns/
24 KB
7 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/pm_fp.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae571edfb75648a099b4bb67a1b33cf1be1133eac6d74e92a786f0303fc08298
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
6921
x-olb-req-received
t=1629948510020726
last-modified
Thu, 26 Aug 2021 03:08:56 GMT
x-frame-options
SAMEORIGIN
etag
"6022-5ca6db004f008"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 03:29:02 GMT
cache-control
max-age=33212
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=1496
jquery-ui-1.10.1.custom.min.css
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/css/custom-theme/
22 KB
5 KB
Stylesheet
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/css/custom-theme/jquery-ui-1.10.1.custom.min.css
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
021698a397aac6d81d6db23a8bebc9ba0d134cb92a09d529bcaf749e10a916a3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=HIT, edge; dur=323
content-length
4387
x-olb-req-received
t=1629988631091419
last-modified
Thu, 26 Aug 2021 03:08:56 GMT
x-frame-options
SAMEORIGIN
etag
"5876-5ca6db004f7d8"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
text/css
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 14:35:55 GMT
cache-control
max-age=73225
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=1043
jquery.min.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/
90 KB
32 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/jquery.min.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=HIT, edge; dur=490
content-length
32784
x-olb-req-received
t=1629968968679654
last-modified
Thu, 26 Aug 2021 03:08:56 GMT
x-frame-options
SAMEORIGIN
etag
"169d9-5ca6db004fbc0"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 09:09:55 GMT
cache-control
max-age=53665
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=7039
jquery.hoverIntent.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/
1 KB
877 B
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery.hoverIntent.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f5174ecbf3d9d3a7154c20eba9fc818d9a208e4100a0f43a1f948a4331a92cc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=496, origin; dur=40
content-length
508
x-olb-req-received
t=1630001730919232
last-modified
Thu, 26 Aug 2021 03:09:04 GMT
x-frame-options
SAMEORIGIN
etag
"499-5ca6db0754faf"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 18:14:59 GMT
cache-control
max-age=86369
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=380
jquery-ui-1.10.1.custom.min.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/
111 KB
31 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/jquery-ui-1.10.1.custom.min.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f8037c239f9d2e0896271b362703842ea844b7dfca6068a371f8f39c79da2aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=HIT, edge; dur=474
content-length
31375
x-olb-req-received
t=1629968968679197
last-modified
Thu, 26 Aug 2021 03:08:56 GMT
x-frame-options
SAMEORIGIN
etag
"1bdf3-5ca6db004f7d8"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 09:08:27 GMT
cache-control
max-age=53577
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=7550
capslock.jquery.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/caps_lock/
3 KB
2 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/caps_lock/capslock.jquery.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
40cc631b457d31330d5a322e1cd49c50b72f41269791e3654f443c9e8e6c1de8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=46, origin; dur=134
content-length
1209
x-olb-req-received
t=1629995080536234
last-modified
Thu, 26 Aug 2021 03:08:56 GMT
x-frame-options
SAMEORIGIN
etag
"cb2-5ca6db004f008"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 16:23:27 GMT
cache-control
max-age=79677
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=492
styles-2013.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
74fc4318944ac7fdfd5b1bacf28c7ed8aff21c02b76df7bbd0c88de77acb0c42
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=37, origin; dur=139
content-length
3590
x-olb-req-received
t=1629995080540658
last-modified
Thu, 26 Aug 2021 03:09:04 GMT
x-frame-options
SAMEORIGIN
etag
"40cd-5ca6db075400f"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
text/css
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 16:24:54 GMT
cache-control
max-age=79764
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=954
hinticon.png
www3.citizensbankonline.com/efs/efs/grafx/
1 KB
2 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/hinticon.png
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f94fc49d5ff852c411e3da487bd4f63aed16a07642fd0b1231887e8ac3d9b05f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629995080525722
last-modified
Sat, 26 Jun 2021 04:10:39 GMT
etag
"4c3-5c5a37062e471"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=598061
x-olb-req-duration
D=200
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=135
content-length
1219
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 16:23:12 GMT
ehl.gif
www3.citizensbankonline.com/efs/efs/grafx/
88 B
400 B
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/ehl.gif
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f38ccfb82832d5d520a762b30713c43d178f8e9b6e0f9f51970611f06636d6aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629948548587519
last-modified
Sat, 26 Jun 2021 04:10:39 GMT
etag
"58-5c5a37061909c"
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=551546
x-olb-req-duration
D=135
server-timing
cdn-cache; desc=HIT, edge; dur=17
content-length
88
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 03:27:57 GMT
common.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/
5 KB
2 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/common.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88146e8caa732ee54c82fcb58a0c95d5a0bcd44df238a3ebe91a6cb0ed764c7b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:30 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1613
x-olb-req-received
t=1629948510039625
last-modified
Thu, 26 Aug 2021 03:09:04 GMT
x-frame-options
SAMEORIGIN
etag
"1302-5ca6db07543f7"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Fri, 27 Aug 2021 03:27:58 GMT
cache-control
max-age=33148
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=389
citizens-logo-sm.png
www3.citizensbankonline.com/efs/efs/grafx/
3 KB
3 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/citizens-logo-sm.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629968968951270
last-modified
Sat, 26 Jun 2021 04:10:39 GMT
etag
"ae9-5c5a3705db845"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=571973
x-olb-req-duration
D=199
server-timing
cdn-cache; desc=HIT, edge; dur=189
content-length
2793
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 09:08:24 GMT
splitter.png
www3.citizensbankonline.com/efs/efs/grafx/
2 KB
2 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/splitter.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
089d475a97a845f1fa56d66ce227f9a70170aa893249052a7089c307c614daf1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629968968958794
last-modified
Sat, 26 Jun 2021 04:24:24 GMT
etag
"6f1-5c5a3a1959083"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=571942
x-olb-req-duration
D=121
server-timing
cdn-cache; desc=HIT, edge; dur=395
content-length
1777
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 09:07:53 GMT
lock-grn.png
www3.citizensbankonline.com/efs/efs/grafx/
1 KB
2 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/lock-grn.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7574983a9af6d447856f9965e1d156c0027cead27de40ea7af026da3574fc566
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629968968966952
last-modified
Sat, 26 Jun 2021 04:24:24 GMT
etag
"51b-5c5a3a1946f73"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=571921
x-olb-req-duration
D=117
server-timing
cdn-cache; desc=HIT, edge; dur=165
content-length
1307
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 09:07:32 GMT
arrow-collapse.png
www3.citizensbankonline.com/efs/efs/grafx/
1 KB
1 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/arrow-collapse.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34a0f68c279cbb29c79717498dbe63d577a1f94ae9c57aa886a5af279c56b9be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629968968977935
last-modified
Sat, 26 Jun 2021 04:10:38 GMT
etag
"40c-5c5a3705aa33c"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=572037
x-olb-req-duration
D=102
server-timing
cdn-cache; desc=HIT, edge; dur=465
content-length
1036
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 09:09:28 GMT
citizen_roman.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/
31 KB
32 KB
Font
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://swarajtrack.com
Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629948510199755
last-modified
Thu, 26 Aug 2021 03:08:56 GMT
etag
"7ce0-5ca6db004ec20"
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
max-age=551594
x-olb-req-duration
D=161
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
31968
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 03:28:45 GMT
citizen_bold.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/
29 KB
29 KB
Font
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_bold.woff
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.5.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-5-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://swarajtrack.com
Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:15:31 GMT
x-olb-req-received
t=1629948510043332
last-modified
Thu, 26 Aug 2021 03:08:56 GMT
etag
"7278-5ca6db004e068"
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
max-age=551594
x-olb-req-duration
D=257
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
29304
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Thu, 02 Sep 2021 03:28:45 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| $ function| jQuery function| DP_jQuery_1630001731004 object| theBody function| isNumeric function| needHelp function| isSpecialChar function| validateIE7 function| setFieldState function| hasErrors function| getValidateMessageListCheckSpaces function| getValidateMessageList function| getBasicFieldErrorMessages function| getBasicFieldSuccessMessages function| isIE7 function| isUnsupported function| setupToolTip function| setupNonStickyToolTip function| initPasswordToolTip function| initPasswordCapsLock function| validatePasswordRules function| validateField function| isEmpty function| validateGoodPasswordRules

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block