it-indonesia.net
Open in
urlscan Pro
103.147.32.6
Malicious Activity!
Public Scan
Submission: On September 05 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 25th 2023. Valid for: 3 months.
This is the only time it-indonesia.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citizens Bank (Banking)Domain & IP information
ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID)
PTR: 6.32.147.103.in-addr.arpa
it-indonesia.net |
ASN20940 (AKAMAI-ASN1, NL)
www3.citizensbankonline.com | |
www4.citizensbankonline.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net
cdn.appdynamics.com |
ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net
accdn.lpsnmedia.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com
lpcdn.lpsnmedia.net |
ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net
va.idp.liveperson.net |
ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net |
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-107-242.compute-1.amazonaws.com
report.citizen.glassboxdigital.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-116-205.us-west-2.compute.amazonaws.com
pdx-col.eum-appdynamics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
citizensbankonline.com
www3.citizensbankonline.com — Cisco Umbrella Rank: 491750 www4.citizensbankonline.com — Cisco Umbrella Rank: 444075 |
98 KB |
15 |
it-indonesia.net
it-indonesia.net |
88 KB |
10 |
lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 3632 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3870 |
341 KB |
7 |
liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3685 va.idp.liveperson.net — Cisco Umbrella Rank: 9280 va.v.liveperson.net — Cisco Umbrella Rank: 4073 |
133 KB |
4 |
glassboxdigital.io
report.citizen.glassboxdigital.io — Cisco Umbrella Rank: 57717 |
5 KB |
3 |
kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4645 udc-neb.kampyle.com — Cisco Umbrella Rank: 2383 |
120 KB |
3 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3388 |
20 KB |
2 |
appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4045 |
61 KB |
1 |
eum-appdynamics.com
pdx-col.eum-appdynamics.com — Cisco Umbrella Rank: 4121 |
778 B |
1 |
glassboxcdn.com
cdn.glassboxcdn.com — Cisco Umbrella Rank: 12575 |
138 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368 |
82 KB |
63 | 11 |
Domain | Requested by | |
---|---|---|
15 | it-indonesia.net |
it-indonesia.net
|
14 | www3.citizensbankonline.com |
it-indonesia.net
www3.citizensbankonline.com |
7 | lpcdn.lpsnmedia.net |
lptag.liveperson.net
cdn.appdynamics.com |
4 | report.citizen.glassboxdigital.io |
cdn.appdynamics.com
|
3 | va.v.liveperson.net |
cdn.appdynamics.com
|
3 | accdn.lpsnmedia.net |
lptag.liveperson.net
lpcdn.lpsnmedia.net |
3 | nexus.ensighten.com |
it-indonesia.net
nexus.ensighten.com |
2 | nebula-cdn.kampyle.com |
cdn.appdynamics.com
|
2 | va.idp.liveperson.net |
cdn.appdynamics.com
va.idp.liveperson.net |
2 | cdn.appdynamics.com |
nexus.ensighten.com
cdn.appdynamics.com |
2 | lptag.liveperson.net |
it-indonesia.net
|
1 | pdx-col.eum-appdynamics.com |
cdn.appdynamics.com
|
1 | udc-neb.kampyle.com | |
1 | cdn.glassboxcdn.com |
cdn.appdynamics.com
|
1 | ajax.googleapis.com |
it-indonesia.net
|
1 | www4.citizensbankonline.com |
it-indonesia.net
|
63 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.citizensbank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
it-indonesia.net cPanel, Inc. Certification Authority |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-07 - 2023-10-14 |
a year | crt.sh |
citizensbankonline.com Entrust Certification Authority - L1M |
2023-03-03 - 2024-04-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2023-02-07 - 2024-02-07 |
a year | crt.sh |
*.appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-21 - 2024-07-21 |
a year | crt.sh |
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA |
2023-01-09 - 2024-01-09 |
a year | crt.sh |
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2023-03-30 - 2024-03-29 |
a year | crt.sh |
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-08-30 - 2024-09-30 |
a year | crt.sh |
glassboxcdn.com Cloudflare Inc ECC CA-3 |
2023-03-02 - 2024-03-01 |
a year | crt.sh |
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2023-01-10 - 2024-01-10 |
a year | crt.sh |
citizen.glassboxdigital.io Amazon RSA 2048 M01 |
2023-02-21 - 2023-11-17 |
9 months | crt.sh |
*.eum-appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-14 - 2024-07-14 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Frame ID: 72797DDF5A05CAFCF9391A308C35A7D4
Requests: 59 HTTP requests in this frame
Frame:
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fit-indonesia.net&site=89632304&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 5DFF72B14950F19167FAF28CDDE39DFB
Requests: 2 HTTP requests in this frame
Frame:
https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1693908414155&loc=https%3A%2F%2Fit-indonesia.net
Frame ID: 55E036A05498F0A80CF7AC8B7D2E7360
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Online Login | CitizensDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppDynamics (Analytics) Expand
Detected patterns
- adrum
Ensighten (Tag Managers) Expand
Detected patterns
- //nexus\.ensighten\.com/
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Resource Center
Search URL Search Domain Scan URL
Title: Check out everything it can do and see information on how to get it.
Search URL Search Domain Scan URL
Title: Cancel
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
it-indonesia.net/ie/ |
25 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/citizensbank/olbprod/ |
60 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pm_fp.js
it-indonesia.net/efs/efs/jsp-ns/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.10.3.custom.min.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
it-indonesia.net/ie/ass/ |
61 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flows.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad-containers.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-2.6.2.min.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ |
199 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ |
19 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
placeholders.min.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7c3ed55c
www4.citizensbankonline.com/akam/11/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ |
82 KB 82 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tealeaf.js
www3.citizensbankonline.com/efs/efs/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CTZ_Green-01.png
www3.citizensbankonline.com/efs/hhf/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/citizensbank/olbprod/ |
305 B 637 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizen_roman.woff
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.9.1.min.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ |
90 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
930e113327rn2365aa3b7b98b0447e8d
it-indonesia.net/content/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
it-indonesia.net/efs/efs/jsp-ns/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizen_roman.ttf
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acd2d9049bb548dd9e9347909f72f93b.js
nexus.ensighten.com/citizensbank/olbprod/code/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-latest.js
cdn.appdynamics.com/adrum/ |
111 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/ |
326 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ |
91 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ |
92 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zones
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ |
999 KB 242 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 5DFF |
39 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
refererrestrictions
accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/ Frame 5DFF |
818 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-secure.png
www3.citizensbankonline.com/efs/efs/grafx/ |
292 B 671 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flows-tooltip.png
www3.citizensbankonline.com/efs/efs/grafx/ |
364 B 745 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-button-white.png
www3.citizensbankonline.com/efs/efs/grafx/ |
1017 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-down-blue.png
it-indonesia.net/efs/efs/grafx/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-right-orange.png
it-indonesia.net/efs/efs/grafx/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citiolb_icons.woff
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizen_extrabold.woff
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizen_book.woff
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame 55E0 |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citiolb_icons.ttf
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizen_extrabold.ttf
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizen_book.ttf
it-indonesia.net/ie/ass/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
authorize
va.idp.liveperson.net/api/account/89632304/anonymous/ Frame 55E0 |
678 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
nebula-cdn.kampyle.com/wu/356861/onsite/ |
1 KB 967 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detector-dom.min.js
cdn.glassboxcdn.com/citizen/OLB/p/ |
453 KB 138 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-ext.89188edf1c7df38b8e63edb7368e911e.js
cdn.appdynamics.com/ |
53 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic1693335330762.js
nebula-cdn.kampyle.com/us/wu/356861/onsite/ |
839 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
89632304
va.v.liveperson.net/api/js/ |
174 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 318 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ |
783 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
5e4bfa2e-9480-48d7-8c1b-17c673f68a39
https://it-indonesia.net/ |
75 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ |
783 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/ |
0 778 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
89632304
va.v.liveperson.net/api/js/ |
240 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
89632304
va.v.liveperson.net/api/js/ |
111 B 900 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ |
191 B 947 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ |
191 B 947 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citizens Bank (Banking)71 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture string| timeStamp string| pageURL string| pageName object| digitalData object| ensBootstraps object| Bootstrapper number| _delay boolean| isProductionEnvironment string| lpAccountNumber object| lpTag object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| CITIZENSOLB object| Placeholders string| bazadebezolkohpepadr object| thebody number| adrum-start-time object| adrum-config function| _typeof function| _extends object| lpTaglogListeners object| proxyless object| lpMTagConfig object| ADRUM function| createFrameworkGlobals object| liveperson function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals object| _cf number| formId function| showSurvey object| KAMPYLE_EMBED object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata string| key object| _cls_config object| _detector object| eventListenerMap object| webVitals object| convertize14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD | Name: _cls_cfgver Value: 27baeec |
|
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD | Name: _cls_s Value: 9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7:0 |
|
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD | Name: _cls_v Value: 9e373fc0-5f2f-46d7-bb85-68eee15b786f |
|
it-indonesia.net/ | Name: PHPSESSID Value: c767c35526e2848cd1a0648ea779b869 |
|
it-indonesia.net/ | Name: mdLogger Value: false |
|
it-indonesia.net/ | Name: kampyle_userid Value: 7d4b-86ac-f183-27c9-f860-d067-1353-2600 |
|
it-indonesia.net/ | Name: kampyleUserSession Value: 1693908415290 |
|
it-indonesia.net/ | Name: kampyleUserSessionsCount Value: 1 |
|
it-indonesia.net/ | Name: kampyleSessionPageCounter Value: 1 |
|
.it-indonesia.net/ | Name: _cls_v Value: 9e373fc0-5f2f-46d7-bb85-68eee15b786f |
|
.it-indonesia.net/ | Name: _cls_s Value: 9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7:0 |
|
.it-indonesia.net/ | Name: LPVID Value: FjZjcyYTc1OThjNDcyZjk2 |
|
report.citizen.glassboxdigital.io/ | Name: AWSALBCORS Value: EyaCPfxbO8LD2AaZ4tprWcN/h6HoyL4vukFR1CoV2GvoDGaeum2cD6HXYCp0rwGM5iNf85T/FLjEml14tw/7UsuvGHpE4SKDk8Pm5B8bXK9GYWpUtXwSF/54aOS7 |
|
.it-indonesia.net/ | Name: LPSID-89632304 Value: Qf_sp8OvRfOOyZymzyhgqA |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accdn.lpsnmedia.net
ajax.googleapis.com
cdn.appdynamics.com
cdn.glassboxcdn.com
it-indonesia.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
nebula-cdn.kampyle.com
nexus.ensighten.com
pdx-col.eum-appdynamics.com
report.citizen.glassboxdigital.io
udc-neb.kampyle.com
va.idp.liveperson.net
va.v.liveperson.net
www3.citizensbankonline.com
www4.citizensbankonline.com
103.147.32.6
143.204.98.31
151.101.65.175
178.249.97.23
178.249.97.99
208.89.12.87
208.89.15.170
2600:9000:206f:a00:2:8f43:5780:93a1
2606:4700::6812:e16
2a00:1450:4001:82a::200a
2a02:26f0:3500:882::17c7
3.214.107.242
34.120.154.120
35.166.116.205
35.241.45.82
05b53932e9b22dd68cc9509f6a86b15499b6ccf67146818481409c54810facca
070f74d576e0ad5f6a56407246cb7a67748ac019bee851d0435751a006950ab2
07c2ef0fac89b65b6f0877cb66f64a74469b2ad8759bf41097a8c76b8ff782bc
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0d255931fa3a2bde3ab381898d534fbf48ae29dc1e18c62c0f9760c48e61314d
237b2db49b96a65d2f7a998b73664c81526e784449874ba6a32bf6d93b3657b9
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
2f562b7005e627720bec2177117f4492e61179a2d4b4426e61153895c16eeda3
392d367eebbc2b193466fd5811fbe94771aa77eae9d7f9c1c4ba645a220c4fc5
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
554f1f403b42a71c882ab854ab8471e34185fd56c5314ae968c340a70049645e
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441
6aebfb263a85ab472eb1879687a9e7e45192f9b3ba834818e33016d11d8f2d82
6f949ae118121071bdff55bcf8166a92afc62d62fcc4aa220bdcd4da10ff2fe2
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
920c952fd5b8aade310df0cf8459fc55f998e90036ebf679d1f7be500925e354
99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8
9d1d181050c9cb12391bc3115f18293197512146532a836aacef051710d38cf5
a4b40296660dde21866c20b63b83f2a36c7347c7e6c41ccac7b3c14f234f9419
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
c17848916b072cee558b852e6d24dea34f27ff3ca3844fe5dc19209b021090ff
c78d1cae062e1fbe6f4bb3c4d3e734a0b346040c5e20df47f6a6d9c3e7638a7f
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9
cb0c1285010cfed321c65933438660b1b61c3b2a9a36795a1a3b815d0bfeb366
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d4519118cc3c1f3d003282e4401446f0b698e3f6db7e2393714aa752e517cbdf
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
e06f7140273b0fe1887c41528b4343ccb90e4f65f722869edd5fd8ec8e991459
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b2639e2218239facb2e19f7e66f9c65511791b7792442fc1e6933a21c7700e
eab0e28465a25a550afd63d4de33dcf83fd173fbcd7d1ad53d952e1c1538f5ec
ee01d15ad37daf31ddfb93ff91c06dbb583e5b9c58d6a3d868ec8d66c889bc39
ef4cd3741315de78ac313b50177729e3c62ed36d6216a1230d2b6ab80af2e9f6
f8540b077628748c708e54122c6ac623fb8f2f490ae1fd6f99ef2ccc97a6ac9b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e