urlscan.io logo urlscan.io
SecurityTrails logo

citizens-veri-asps.herokuapp.com Open in urlscan Pro
174.129.128.48  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ccdssfwf.github.io/csdhkwe
Effective URL: https://citizens-veri-asps.herokuapp.com/
Submission: On September 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 4 HTTP transactions. The main IP is 174.129.128.48, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is citizens-veri-asps.herokuapp.com.
TLS certificate: Issued by Amazon on June 1st 2021. Valid for: a year.
This is the only time citizens-veri-asps.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2 185.199.108.153 54113 (FASTLY)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 174.129.128.48 14618 (AMAZON-AES)
1 142.250.186.74 15169 (GOOGLE)
1 54.235.247.117 14618 (AMAZON-AES)
4 5
2    185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com
ccdssfwf.github.io
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    174.129.128.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-128-48.compute-1.amazonaws.com
citizens-veri-asps.herokuapp.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
ajax.googleapis.com
1    54.235.247.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-247-117.compute-1.amazonaws.com
api.ipify.org
Apex Domain
Subdomains		 Transfer
2 github.io
ccdssfwf.github.io
790 B
1 ipify.org
api.ipify.org
273 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 herokuapp.com
citizens-veri-asps.herokuapp.com
417 KB
1 bit.ly
bit.ly
260 B
4 5
Domain Requested by
2 ccdssfwf.github.io 1 redirects
1 api.ipify.org ajax.googleapis.com
1 ajax.googleapis.com citizens-veri-asps.herokuapp.com
1 citizens-veri-asps.herokuapp.com
1 bit.ly 1 redirects
4 5

This site contains links to these domains. Also see Links.

Domain
www.citizensbank.com
investor.citizensbank.com
Subject Issuer Validity Valid
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
*.herokuapp.com
Amazon		 2021-06-01 -
2022-06-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://citizens-veri-asps.herokuapp.com/
Frame ID: 90A5F514F674B0AB4649AE875B81CFDA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Login | Citizens Bank

Page URL History Show full URLs

  1. https://ccdssfwf.github.io/csdhkwe HTTP 301
    https://ccdssfwf.github.io/csdhkwe/ Page URL
  2. https://bit.ly/3u4p1Oj HTTP 301
    https://citizens-veri-asps.herokuapp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.herokuapp\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

585 kB
Transfer

659 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ccdssfwf.github.io/csdhkwe HTTP 301
    https://ccdssfwf.github.io/csdhkwe/ Page URL
  2. https://bit.ly/3u4p1Oj HTTP 301
    https://citizens-veri-asps.herokuapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ccdssfwf.github.io/csdhkwe HTTP 301
  • https://ccdssfwf.github.io/csdhkwe/

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ccdssfwf.github.io/csdhkwe/
Redirect Chain
  • https://ccdssfwf.github.io/csdhkwe
  • https://ccdssfwf.github.io/csdhkwe/
226 B
471 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ccdssfwf.github.io/csdhkwe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
30303417c34426eff047e159c3bc2fe2d4a4529dbe580ddef207130d3d1b5953
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:method
GET
:authority
ccdssfwf.github.io
:scheme
https
:path
/csdhkwe/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
GitHub.com
content-type
text/html; charset=utf-8
permissions-policy
interest-cohort=()
strict-transport-security
max-age=31556952
last-modified
Thu, 23 Sep 2021 23:26:48 GMT
access-control-allow-origin
*
etag
"614d0d38-e2"
expires
Thu, 23 Sep 2021 23:56:47 GMT
cache-control
max-age=600
x-proxy-cache
MISS
x-github-request-id
BDBE:8B19:1954193:19EF335:614D11E7
accept-ranges
bytes
date
Thu, 23 Sep 2021 23:46:47 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4081-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1632440808.828944,VS0,VE88
vary
Accept-Encoding
x-fastly-request-id
0ccbfb946d6ff7c81acbe8248a916e19c45a4c0a
content-length
226

Redirect headers

server
GitHub.com
content-type
text/html
permissions-policy
interest-cohort=()
location
https://ccdssfwf.github.io/csdhkwe/
x-github-request-id
3012:13001:E40BE9:EC5A51:614D11E7
accept-ranges
bytes
date
Thu, 23 Sep 2021 23:46:47 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4081-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1632440808.734601,VS0,VE88
vary
Accept-Encoding
x-fastly-request-id
38e6d4aa73a4e5cc300c57497072dca87d7b8067
content-length
162
Primary Request /
citizens-veri-asps.herokuapp.com/
Redirect Chain
  • https://bit.ly/3u4p1Oj
  • https://citizens-veri-asps.herokuapp.com/
417 KB
417 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citizens-veri-asps.herokuapp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.128.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-128-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a16b403836e2b8fa26b06258240ea19ac132cab6397b5efcc4b5a17fece979b1

Request headers

Host
citizens-veri-asps.herokuapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://ccdssfwf.github.io/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ccdssfwf.github.io/csdhkwe/

Response headers

Connection
keep-alive
Date
Thu, 23 Sep 2021 23:46:48 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Via
1.1 vegur

Redirect headers

server
nginx
date
Thu, 23 Sep 2021 23:46:48 GMT
content-type
text/html; charset=utf-8
content-length
128
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://citizens-veri-asps.herokuapp.com/
referrer-policy
unsafe-url
set-cookie
_bit=l8nnKM-878aad5551efda3b8b-00o; Domain=bit.ly; Expires=Tue, 22 Mar 2022 23:46:48 GMT
via
1.1 google
alt-svc
clear
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: citizens-veri-asps.herokuapp.com
URL: https://citizens-veri-asps.herokuapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citizens-veri-asps.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 20 Sep 2022 09:10:26 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		824 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		292 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1017 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115

Request headers

Referer
Origin
https://citizens-veri-asps.herokuapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42

Request headers

Referer
Origin
https://citizens-veri-asps.herokuapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277

Request headers

Referer
Origin
https://citizens-veri-asps.herokuapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6

Request headers

Referer
Origin
https://citizens-veri-asps.herokuapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759

Request headers

Referer
Origin
https://citizens-veri-asps.herokuapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff
/
api.ipify.org/ 		24 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.247.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-247-117.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
73dfcc339fba0e8845093b559e57b50033fea8d983be91d7d131b27fab80b1d5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citizens-veri-asps.herokuapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 23:46:49 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://citizens-veri-asps.herokuapp.com
Connection
keep-alive
Content-Length
24

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| savepage_ShadowLoader function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: l8nnKM-878aad5551efda3b8b-00o

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
bit.ly
ccdssfwf.github.io
citizens-veri-asps.herokuapp.com
142.250.186.74
174.129.128.48
185.199.108.153
54.235.247.117
67.199.248.11
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
30303417c34426eff047e159c3bc2fe2d4a4529dbe580ddef207130d3d1b5953
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
73dfcc339fba0e8845093b559e57b50033fea8d983be91d7d131b27fab80b1d5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
a16b403836e2b8fa26b06258240ea19ac132cab6397b5efcc4b5a17fece979b1
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e