www-userlinkauth.serveirc.com Open in urlscan Pro
35.172.194.60 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www-userlinkauth.serveirc.com/
Submission: On August 08 via automatic, source certstream-suspicious (August 8th 2022, 3:14:30 pm UTC) — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 43 HTTP transactions. The main IP is 35.172.194.60, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www-userlinkauth.serveirc.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 8th 2022. Valid for: 3 months.

This is the only time www-userlinkauth.serveirc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
42	35.172.194.60 35.172.194.60	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
43	2

42 35.172.194.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-194-60.compute-1.amazonaws.com

www-userlinkauth.serveirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	serveirc.com www-userlinkauth.serveirc.com	2 MB
1	citi.com online.citi.com — Cisco Umbrella Rank: 18628	12 KB
43	2

	Domain	Requested by
42	www-userlinkauth.serveirc.com	www-userlinkauth.serveirc.com
1	online.citi.com	www-userlinkauth.serveirc.com
43	2

This site contains no links.

Subject Issuer	Validity	Valid
www-userlinkauth.serveirc.com cPanel, Inc. Certification Authority	`2022-08-08` - `2022-11-06`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2022-05-03` - `2023-05-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www-userlinkauth.serveirc.com/
Frame ID: EFA974903F49F48325874DD981DE1178
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking, Mortgages, Personal Loans, Investing | Citi.com

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2197 kB
Transfer

2191 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www-userlinkauth.serveirc.com/ 541 KB
542 KB 352ms
106ms Document
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c59fb9efae18419ebd3744a35fe7bfa0fff4ee44cc3bc7383e8239d1c6ffd66a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 554272
Content-Type: text/html
Date: Mon, 08 Aug 2022 15:14:26 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 06 May 2022 16:02:52 GMT
Server: Apache

GET
H/1.1 200
OK styles.ff303bea8d7ff6872243.css
www-userlinkauth.serveirc.com/css/ 1 MB
1 MB 321ms
107ms Stylesheet
text/css 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 35b719d3b141895730cb82a9af7a9da1fbd07351d8381aae6209353545bbf4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1347137

GET
H/1.1 200
OK citilogoredesign.png
www-userlinkauth.serveirc.com/images/ 2 KB
2 KB 197ms
107ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/citilogoredesign.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1799

GET
H/1.1 200
OK 050-location2x.svg
www-userlinkauth.serveirc.com/images/ 2 KB
2 KB 302ms
106ms Image
image/svg+xml 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/050-location2x.svg
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1752

GET
H/1.1 200
OK icon_globe_med-grey2x.svg
www-userlinkauth.serveirc.com/images/ 3 KB
4 KB 316ms
106ms Image
image/svg+xml 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/icon_globe_med-grey2x.svg
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3523

GET
H/1.1 200
OK Hero_Credit_Cards_Offer.png
www-userlinkauth.serveirc.com/images/ 50 KB
51 KB 320ms
110ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/Hero_Credit_Cards_Offer.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b989462b5bf7e58b9162ede531dbffe7411f1f9eca5bdeb4c0f299314dabc839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51580

GET
H/1.1 200
OK phone.png
www-userlinkauth.serveirc.com/images/ 5 KB
5 KB 316ms
107ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/phone.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 784244902827473c16e61c0d93cabf64cfd3c788e470fdc1c7cc9de992330ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5168

GET
H/1.1 200
OK laptop-and-phone-pairing.png
www-userlinkauth.serveirc.com/images/ 11 KB
11 KB 131ms
110ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/laptop-and-phone-pairing.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 280255d34c881ca94627b2a1bfe5a44b068487c6bd9da9d55a01f8763a3c7914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10946

GET
H/1.1 200
OK laptop-and-phone-success.png
www-userlinkauth.serveirc.com/images/ 13 KB
13 KB 107ms
107ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/laptop-and-phone-success.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 82b78ed4a68d13bb927ce09291b82255ae0f8d9b28afc70083a328a8977b7713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 13259

GET
H/1.1 200
OK qrsignon.png
www-userlinkauth.serveirc.com/images/ 741 B
982 B 112ms
111ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/qrsignon.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 741

GET
H/1.1 200
OK 8150_M.jpg
www-userlinkauth.serveirc.com/images/ 57 KB
58 KB 109ms
108ms Image
image/jpeg 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/8150_M.jpg
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e5ae1f17aec843ae719082dc7acad74bc95baefb9955e2919cfe21f28f35806f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 58668

GET
H/1.1 200
OK HP3054_M.jpg
www-userlinkauth.serveirc.com/images/ 50 KB
50 KB 107ms
107ms Image
image/jpeg 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/HP3054_M.jpg
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ce8a594c5d8e50a90980fc53a9920dedad889bdcfc846621dc569b24958fc5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:34 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 50895

GET
H/1.1 200
OK HP_2464_3_Up_M1M7_Lifestyle.jpg
www-userlinkauth.serveirc.com/images/ 38 KB
38 KB 107ms
107ms Image
image/jpeg 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/HP_2464_3_Up_M1M7_Lifestyle.jpg
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d9464c82dcaa00bdab510a9efb940298c3d41f24ac174cf9bddd078c78e2fdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 38761

GET
H/1.1 200
OK memberfdic.png
www-userlinkauth.serveirc.com/images/ 4 KB
4 KB 112ms
112ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/memberfdic.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: dd785f8f2c8aedd3c6e165633948ba26d178485f2cf2d0d8f747005472e7cf90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3594

GET
H/1.1 200
OK EqualHousing.png
www-userlinkauth.serveirc.com/images/ 2 KB
2 KB 108ms
108ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/EqualHousing.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1606

GET
H/1.1 200
OK googlePlay3x.png
www-userlinkauth.serveirc.com/images/ 24 KB
25 KB 113ms
111ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/googlePlay3x.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25077

GET
H/1.1 200
OK appStore3x.png
www-userlinkauth.serveirc.com/images/ 20 KB
20 KB 107ms
106ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/appStore3x.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20047

GET
H/1.1 200
OK social-media_facebook3x.png
www-userlinkauth.serveirc.com/images/ 445 B
686 B 111ms
110ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/social-media_facebook3x.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 445

GET
H/1.1 200
OK social-media_twitter3x.png
www-userlinkauth.serveirc.com/images/ 1 KB
1 KB 110ms
109ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/social-media_twitter3x.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1277

GET
H/1.1 200
OK social-media_youtube3x.png
www-userlinkauth.serveirc.com/images/ 1 KB
1 KB 107ms
106ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/social-media_youtube3x.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1175

GET
H/1.1 200
OK 320_Citi-PLT3x.png
www-userlinkauth.serveirc.com/images/ 11 KB
12 KB 107ms
106ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/320_Citi-PLT3x.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:27 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11562

GET
H/1.1 200
OK 1440_Citi-PLT3x.png
www-userlinkauth.serveirc.com/images/ 27 KB
28 KB 106ms
106ms Image
image/png 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/images/1440_Citi-PLT3x.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Last-Modified: Fri, 06 May 2022 15:36:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 28149

GET
H/1.1 404
Not Found right-white-chevi.svg
www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 106ms
106ms Image
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/citi-branding-assets/images/right-white-chevi.svg
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 Citi-futuristic-angles-bg-compressed.jpg
online.citi.com/JRS/banners/hero_background/ 11 KB
12 KB 229ms
44ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/hero_background/Citi-futuristic-angles-bg-compressed.jpg

Requested by

Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

8eb4143c752b3ab868b3cc79fe6b3786c43ca465e0528a2c46683f2bff979f34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 15:14:28 GMT
last-modified: Wed, 06 Oct 2021 21:34:27 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 11476
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found QR%20icon.png
www-userlinkauth.serveirc.com/css/cds-assets/images/ 315 B
315 B 106ms
105ms Image
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-userlinkauth.serveirc.com/css/cds-assets/images/QR%20icon.png
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 141ms
109ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Regular.woff
www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 146ms
109ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 161ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/ 0
0 162ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.ttf
www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 109ms
109ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Regular.ttf
www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 113ms
111ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 119ms
117ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/ 0
0 112ms
111ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/ 0
0 106ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Regular.woff
www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/ 0
0 106ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Regular.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/ 0
0 110ms
110ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.ttf
www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/ 0
0 106ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Regular.ttf
www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/ 0
0 107ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Regular.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/ 0
0 106ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/ 0
0 106ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Regular.woff
www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/ 0
0 106ms
106ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Regular.woff
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.ttf
www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/ 0
0 106ms
105ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Regular.ttf
www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/ 0
0 107ms
107ms Font
text/html 35.172.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Regular.ttf
Requested by: Host: www-userlinkauth.serveirc.com
URL: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.172.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-194-60.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www-userlinkauth.serveirc.com/css/styles.ff303bea8d7ff6872243.css
Origin: https://www-userlinkauth.serveirc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 15:14:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/citi-branding-assets/images/right-white-chevi.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/cds-assets/images/QR%20icon.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/cds-assets/fonts/interstate/Interstate-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-userlinkauth.serveirc.com/css/commonui-assets/fonts/interstate/Interstate-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.citi.com
www-userlinkauth.serveirc.com
104.111.238.178
35.172.194.60
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
280255d34c881ca94627b2a1bfe5a44b068487c6bd9da9d55a01f8763a3c7914
35b719d3b141895730cb82a9af7a9da1fbd07351d8381aae6209353545bbf4db
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
784244902827473c16e61c0d93cabf64cfd3c788e470fdc1c7cc9de992330ce5
82b78ed4a68d13bb927ce09291b82255ae0f8d9b28afc70083a328a8977b7713
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
8eb4143c752b3ab868b3cc79fe6b3786c43ca465e0528a2c46683f2bff979f34
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
b989462b5bf7e58b9162ede531dbffe7411f1f9eca5bdeb4c0f299314dabc839
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
c59fb9efae18419ebd3744a35fe7bfa0fff4ee44cc3bc7383e8239d1c6ffd66a
ce8a594c5d8e50a90980fc53a9920dedad889bdcfc846621dc569b24958fc5d4
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d9464c82dcaa00bdab510a9efb940298c3d41f24ac174cf9bddd078c78e2fdc8
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
dd785f8f2c8aedd3c6e165633948ba26d178485f2cf2d0d8f747005472e7cf90
e5ae1f17aec843ae719082dc7acad74bc95baefb9955e2919cfe21f28f35806f
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

www-userlinkauth.serveirc.com Open in urlscan Pro 35.172.194.60 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

43 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

2197 kBTransfer

2191 kBSize

0 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www-userlinkauth.serveirc.com Open in urlscan Pro
35.172.194.60 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2197 kB
Transfer

2191 kB
Size

0
Cookies

43 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!