z5h64q92x9.net
Open in
urlscan Pro
2a02:6b8::1:193
Malicious Activity!
Public Scan
Submission: On May 18 via manual from LV — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 17th 2022. Valid for: 6 months.
This is the only time z5h64q92x9.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banka Citadele (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2a02:6b8::1:193 2a02:6b8::1:193 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
7 | 2a02:6b8:20::215 2a02:6b8:20::215 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
2 | 193.178.178.229 193.178.178.229 | 16279 (AS16279_C...) (AS16279_CITADELE AS will be used to provide connectivity) | |
13 | 91.235.133.182 91.235.133.182 | 30286 (THM) (THM) | |
3 | 2a02:6b8:a::a 2a02:6b8:a::a | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
2 | 2a02:6b8::194 2a02:6b8::194 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 4 | 91.235.132.130 91.235.132.130 | 30286 (THM) (THM) | |
1 | 91.235.134.131 91.235.134.131 | 30286 (THM) (THM) | |
44 | 9 |
ASN16279 (AS16279_CITADELE AS will be used to provide connectivity, LV)
PTR: online.citadele.lv
online.citadele.lv |
ASN30286 (THM, US)
aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
citadele.lv
online.citadele.lv content.citadele.lv |
255 KB |
7 |
yastatic.net
yastatic.net — Cisco Umbrella Rank: 6107 |
68 KB |
6 |
z5h64q92x9.net
z5h64q92x9.net — Cisco Umbrella Rank: 57365 |
227 KB |
5 |
online-metrix.net
1 redirects
h.online-metrix.net — Cisco Umbrella Rank: 3496 aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net |
17 KB |
3 |
yandex.ru
yandex.ru — Cisco Umbrella Rank: 1392 |
1 KB |
2 |
yandex.net
translate.yandex.net — Cisco Umbrella Rank: 31548 |
2 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
44 | 7 |
Domain | Requested by | |
---|---|---|
13 | content.citadele.lv |
z5h64q92x9.net
content.citadele.lv |
7 | yastatic.net |
z5h64q92x9.net
|
6 | z5h64q92x9.net |
z5h64q92x9.net
|
4 | h.online-metrix.net |
1 redirects
content.citadele.lv
|
3 | yandex.ru |
z5h64q92x9.net
|
2 | translate.yandex.net |
yastatic.net
|
2 | online.citadele.lv |
z5h64q92x9.net
online.citadele.lv |
1 | aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net | |
0 | ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed |
content.citadele.lv
|
44 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
translate.yandex.com |
yandex.com |
online.citadele.lv |
Subject Issuer | Validity | Valid | |
---|---|---|---|
z5h64q92x9.net GlobalSign RSA OV SSL CA 2018 |
2022-04-17 - 2022-10-16 |
6 months | crt.sh |
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018 |
2022-04-01 - 2022-09-29 |
6 months | crt.sh |
online.citadele.lv DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-15 - 2022-07-16 |
a year | crt.sh |
content.citadele.lv Sectigo RSA Domain Validation Secure Server CA |
2022-02-14 - 2023-03-17 |
a year | crt.sh |
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018 |
2022-03-04 - 2022-09-01 |
6 months | crt.sh |
translate.yandex.net GlobalSign RSA OV SSL CA 2018 |
2022-05-03 - 2022-10-07 |
5 months | crt.sh |
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2021-12-28 - 2023-01-23 |
a year | crt.sh |
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2021-07-30 - 2022-08-01 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
Frame ID: 9E3F9DD6DD155DBC1B3180424B873249
Requests: 31 HTTP requests in this frame
Frame:
https://content.citadele.lv/5NNcWzHoF35aCtSc?dae7c6cc0a9869d3=jttvp7-ILW6UXoyvLtSfmXF5UUkId4mXFpnJaz3N9OpbiH6k7fcI2qRcaEnyRCGC_hb3lJOsWfAfdy0CyDr_euh9_Yl3Jq2tMO3-pxiBtdi3FFvjzH9WEpRBFnJnDFcFWWHB1gCgwj3lUMkQ4lBJbFQrnYR7hawa_ukvpt55J2Y6W8b_ZoZVsM26-HP5V78EHExTEeuC7KgfqjUt&jb=353826266a7b6f75354c696c7d7026627b6f354e6b6e77702468736a773d4b6a706f6d6d266273623d4b6872676d65273a38313839
Frame ID: DF1A5CAB566B2A9DA25C5B6CB9960038
Requests: 12 HTTP requests in this frame
Frame:
https://content.citadele.lv/tRaJq6Zji8rVFDkr?e0ffc1e40381f65b=xzFM2e8I0zWHDk304nqrRRmpjniW-YPUFaPUMQFt564mQkW8NfHrQCdt_IzRj9Nr9zw7OAv1UlJvF8f0yvllQGB-RNL2XGJlZODSiCXp34_Bk26mB23fCywsnf6DCteB5Yq0JtS6CXgpDgNa6NIQ1SBqQ0W51StPbnsqNbv1I3GxgeuLHCsyQJlL4AEwJuK81PMDCMH9DdZqP0sLAWk
Frame ID: 20346CF4896AB3A745D9EAC833376DC6
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/uEvjvxiKhp3xF-1w?039f77cdc38c4ba0=8hKRGphlF7J1hfXSq5O2aIPaxyw_qcYqYk5O3RySZ-wz3atE2i6bc7c_M_CCPXdyM1meqU2Ypjnoixm7byHdGWaENVRqbi5_QutsxsPZiE4aFbtjBcnElWNAv0jYx7U0qF23ol2UXvPHnKR5HZiURMqcF4K7MrTMNEtRw9myIra3TCRMJ2a0LsDQ7IV0Jj4qM-zkvtCVMzokoo4SpsG6
Frame ID: 051FC9FEDFE587BB0243B8E4F9518D96
Requests: 2 HTTP requests in this frame
Frame:
https://content.citadele.lv/PhbWlCWFhv77-7Fz?7f75aaaec4ac590b=WtSDqn7xcnj9iEFA1XT3KswwnR_Nc4JIuHaKELl2xWao_HPZhjLuoSKFs1n7mnEjcn13ydbrMmoNQzdJWk23tLK1eAdwdNyM8fq9P3pQNj-yYVszpAtY9jDGm0lCIVLiBelXfEQ103MFwFxM0OdW2P0v10qiWjagg2mFkyXRJ_VHx60AIR0R81dBbmTxAu1QyXch6gPJPwZhWZaOPa8h
Frame ID: 7DFDB4871C3FD8A522EB20DA44AF9144
Requests: 1 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: online.citadele.lv
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://h.online-metrix.net/rwczmeUJjhU2hdxJ?0b13be527ec572ee=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bz-78vtluBhXTVVK0cROg7TIjHHRoq6xK1GX0fVZucnM HTTP 302
- https://h.online-metrix.net/rwczmeUJjhU2hdxJ?8f241b03a57b43f8=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bzw9WGZMGog5c4d_PNHsgBnE&k=2
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
lt_lt
z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/ |
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
turbo.js
yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_popup.css
yastatic.net/s3/translate/v21.51.3/dist/styles/misc/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_stripe.css
yastatic.net/s3/translate/v21.51.3/dist/styles/misc/ |
31 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page.js
yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/ |
120 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_popup.js
yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_worker.js
yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibbf-verrel-102_2_1.css
online.citadele.lv/ibbf/css/ |
153 KB 154 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inline-verrel-102_2_1.js
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dependencies-verrel-102_2_1.js
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/ |
90 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibbf-verrel-102_2_1.js
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/ |
110 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-verrel-102_2_1.js
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/views/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wwQtPMzdY-verrel-102_2_1.js
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/tags/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-verrel-102_2_1.svg
online.citadele.lv/ibbf/images/citadele/logo/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mrzi5z08btxx2eki.js
content.citadele.lv/ |
92 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Bold.otf
online.citadele.lv/ibbf/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Regular.otf
online.citadele.lv/ibbf/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Material-Design-Iconic-Font.woff2
online.citadele.lv/ibbf/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenSans-Semibold.otf
online.citadele.lv/ibbf/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
turbo.js
yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=2322/ytr_host=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_lang=lt-ru/ytr_url=https%3A%... |
43 B 323 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
418 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
602 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=2331/ytr_host=https://online.citadele.lv/ibbf/lt_lt/ytr_lang=en-ru/ytr_url=https://online.citadele.lv/ibbf/lt_... |
43 B 577 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate
translate.yandex.net/api/v1/tr.json/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate
translate.yandex.net/api/v1/tr.json/ |
260 B 539 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Material-Design-Iconic-Font.woff
online.citadele.lv/ibbf/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Material-Design-Iconic-Font.ttf
online.citadele.lv/ibbf/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_response/ytr_time=2578/ytr_host=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_lang=lt-ru/ytr_url=https%3A... |
43 B 168 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5NNcWzHoF35aCtSc
content.citadele.lv/ Frame DF1A |
299 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oP_XQU2qxLnceRXp
content.citadele.lv/ Frame DF1A |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Q2ieMOXPYjmgsGjZ
content.citadele.lv/ Frame DF1A |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content.citadele.lv/fp/ Frame DF1A |
81 B 530 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rwczmeUJjhU2hdxJ
h.online-metrix.net/ Frame DF1A Redirect Chain
|
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tRaJq6Zji8rVFDkr
content.citadele.lv/ Frame 2034 |
89 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4R3tymB9zcWMTI62
content.citadele.lv/ Frame DF1A |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uEvjvxiKhp3xF-1w
h.online-metrix.net/ Frame 051F |
102 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4R3tymB9zcWMTI62
content.citadele.lv/ Frame DF1A |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame DF1A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PhbWlCWFhv77-7Fz
content.citadele.lv/ Frame 7DFD |
89 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4R3tymB9zcWMTI62
content.citadele.lv/ Frame DF1A |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FHSuEP8VrlxkLQg6
aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net/ Frame DF1A |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2suahH8-LSm_OTmz
content.citadele.lv/ Frame 2034 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Nl4XJ1uzE5SbfR75
content.citadele.lv/ Frame DF1A |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rkWK7ThETl7MzC7N
h.online-metrix.net/ Frame 051F |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4R3tymB9zcWMTI62
content.citadele.lv/ Frame DF1A |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- online.citadele.lv
- URL
- https://online.citadele.lv/ibbf/fonts/OpenSans-Bold.otf
- Domain
- online.citadele.lv
- URL
- https://online.citadele.lv/ibbf/fonts/OpenSans-Regular.otf
- Domain
- online.citadele.lv
- URL
- https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff2
- Domain
- online.citadele.lv
- URL
- https://online.citadele.lv/ibbf/fonts/OpenSans-Semibold.otf
- Domain
- online.citadele.lv
- URL
- https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff
- Domain
- online.citadele.lv
- URL
- https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.ttf
- Domain
- ghbmnnjooekpmoecnnnilnnbdlolhkhi
- URL
- chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banka Citadele (Banking)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| __core-js_shared__ object| core object| yt function| jQuery function| $ object| wwQtPMzdY object| hp_frame object| tmx_frame object| tmx_script object| webpackJsonp function| OnSubmitForm object| td_5m function| td_Y function| td_W function| td_n function| td_A function| td_4D function| td_4A function| td_I function| td_x function| td_k function| td_L function| td_1A function| td_0I function| td_5p function| td_1f function| td_a function| td_v function| td_5T function| td_B function| td_1w function| tmx_run_page_fingerprinting function| tmx_post_session_params_fixed number| td_M number| td_R number| td_J number| td_g number| td_d object| td_3R boolean| tmx_profiling_started function| initTurboPageApp4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.z5h64q92x9.net/ | Name: _yasc Value: A/nshP4V6uhv87DoppOjhF+N4Y35b0FxpSCiw453ugmRkw== |
|
content.citadele.lv/ | Name: thx_guid Value: ffc57cb02ebb4acaa44edf60b1065936 |
|
.yandex.ru/ | Name: i Value: gtBQWSEemZsLsUF8aza4J+gtSSofhAJ194Pp848tvgMCIqGu0H1w1AMMotIYSJbvyWWtDYMuHWUARl0l45JsBkqrB+U= |
|
h.online-metrix.net/ | Name: thx_global_guid Value: f0a404ec88774a0e8bf2126fd9a1dbb8 |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net
content.citadele.lv
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
online.citadele.lv
translate.yandex.net
yandex.ru
yastatic.net
z5h64q92x9.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
online.citadele.lv
193.178.178.229
2a02:6b8:20::215
2a02:6b8::194
2a02:6b8::1:193
2a02:6b8:a::a
91.235.132.130
91.235.133.182
91.235.134.131
0ee549745fe7f5001d7331f7d08743c84aa6818052f1d7198f2d4bec45d09437
1667cdaa7bb56db2fd67096cf20b4db20ee25be9162bb35805c893e4b3716ff7
17debd4cf9b88dd58ced17e48348bc9ca5e1d28abda99f5c675190a6c1beb35f
1b9edefe2d832941acc9935f4af9e9b7d0b92282af28f9b7cd02533b1597cd1e
1fd90b09e01b9b2b77029305c77159fa085b775a8656a03f064a03e8fe988dfe
2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe
26477d659bc592c591b7a7bc67de31389d78777eaae776e9e8cb0c12d5159adb
3936037e0a15c71321f53c1e5b055c504f5369031b067bbffdf3edf1e11ad80e
39c97b2ecbd30926a825c670febdbe49de317410569ad3a95d16e1263a0d37d9
3d78d12bf35e0677616be381885b977219d13a23e5600f3e23c9b95c099107f4
3ed0fc906b79d7d514a362092c963bd5f7f513756149c1f1779e5da53b4fb037
4373ef86c2dcaa9679cd5080175f740fc838aedb136cc5a5ddda3f2683e1d7d7
48cd2e1b7a93d2a4ac98dd5e9ba30967390434b9f40658cea90471b0a27e6230
4b58dfa9c08da7011544d09166e6de38c3998e09193872cea7061d0e03c08055
5c7a99b43c1be7d66d5bdad96ba3d8eb997b46b525d6c68180d37ef641faa4cd
6cb74a85b777fb7cbe607a0bf502440ec32bffc40b65922988cb607811a9687a
729e0880ff4152b94d05f5e2aaa78d124877b87a9ab93756a4ba476c3d370844
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
8b2f5033a1e1ae4ec3999d9b5772457435a198d8377b03382e49c4e8b79da51f
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
bd5a685828cfb2e15f004e38db63c2a9cf8b069a90e01925cf3cd8d9bac8c04e
c87c165d3d7589b0f278507e42f3dad032c3ae9b77bcd212d56c467daa882719
d08e96260a29dee1eef4103086cbd6a8fdaa738c9ae96d7af9a489e1b0bf6ff4
d5794ec5af63437a244a70be18d8f9c8cfe16b0bef99494f33a26d90c8b0532d
dc22751b4af1a349fb9e84f9bf177f30f9a1a45f08f9c3e9cf654dadcf9f734c
e14ce723c0dd3263c0a3af0aa89b0b4c7dc2755ebe9199932e8f3680aa89601e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf1f6eef92442a1e9d9c55031e9bbfa0a05026f60093e9d78c6cc9c8999824e