swarajtrack.com Open in urlscan Pro
194.163.149.188  Malicious Activity! Public Scan

URL: https://swarajtrack.com/vendor/citizenverification/
Submission: On September 01 via manual from US

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 194.163.149.188, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is swarajtrack.com.
TLS certificate: Issued by R3 on July 8th 2021. Valid for: 3 months.
This is the only time swarajtrack.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 194.163.149.188 51167 (CONTABO)
16 23.79.132.221 16625 (AKAMAI-AS)
17 2
Apex Domain
Subdomains
Transfer
16 citizensbankonline.com
www3.citizensbankonline.com
154 KB
1 swarajtrack.com
swarajtrack.com
4 KB
17 2
Domain Requested by
16 www3.citizensbankonline.com swarajtrack.com
www3.citizensbankonline.com
1 swarajtrack.com
17 2

This site contains links to these domains. Also see Links.

Domain
www.citizensbank.com
www3.citizensbankonline.com
Subject Issuer Validity Valid
www.swarajtrack.com
R3
2021-07-08 -
2021-10-06
3 months crt.sh
citizensbankonline.com
Entrust Certification Authority - L1M
2021-05-18 -
2022-05-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://swarajtrack.com/vendor/citizenverification/
Frame ID: 1DD1F974468BCA1C3A35EC24BAFCE060
Requests: 17 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

158 kB
Transfer

354 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
swarajtrack.com/vendor/citizenverification/
13 KB
4 KB
Document
General
Full URL
https://swarajtrack.com/vendor/citizenverification/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.163.149.188 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server.sabkhojgroup.com
Software
nginx/1.20.1 /
Resource Hash
0f8008018985f185a965f99528f4ebdb10d134ba5d7f0bef0267211ba94deec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
swarajtrack.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx/1.20.1
Date
Wed, 01 Sep 2021 15:45:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Last-Modified
Thu, 26 Aug 2021 13:51:07 GMT
ETag
W/"333f-5ca76a89c202e"
X-Cache
HIT from Backend
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Encoding
gzip
pm_fp.js
www3.citizensbankonline.com/efs/efs/jsp-ns/
24 KB
7 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/pm_fp.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae571edfb75648a099b4bb67a1b33cf1be1133eac6d74e92a786f0303fc08298
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:53 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=HIT, edge; dur=25
content-length
6921
x-olb-req-received
t=1630407180334408
last-modified
Sat, 28 Aug 2021 02:14:34 GMT
x-frame-options
SAMEORIGIN
etag
"6022-5ca95293d73a1"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 09:10:25 GMT
cache-control
max-age=62672
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=1357
jquery-ui-1.10.1.custom.min.css
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/css/custom-theme/
22 KB
5 KB
Stylesheet
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/css/custom-theme/jquery-ui-1.10.1.custom.min.css
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
021698a397aac6d81d6db23a8bebc9ba0d134cb92a09d529bcaf749e10a916a3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=566, origin; dur=33
content-length
4387
x-olb-req-received
t=1630511154082740
last-modified
Sat, 28 Aug 2021 02:14:33 GMT
x-frame-options
SAMEORIGIN
etag
"5876-5ca952933696d"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
text/css
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 15:45:01 GMT
cache-control
max-age=86347
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=1818
jquery.min.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/
90 KB
32 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/jquery.min.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:53 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=302, origin; dur=14
content-length
32784
x-olb-req-received
t=1630511153810272
last-modified
Sat, 28 Aug 2021 02:14:34 GMT
x-frame-options
SAMEORIGIN
etag
"169d9-5ca95293dd162"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 15:44:52 GMT
cache-control
max-age=86339
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=7833
jquery.hoverIntent.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/
1 KB
882 B
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery.hoverIntent.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f5174ecbf3d9d3a7154c20eba9fc818d9a208e4100a0f43a1f948a4331a92cc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:53 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=126, origin; dur=19
content-length
508
x-olb-req-received
t=1630408917056884
last-modified
Sat, 28 Aug 2021 02:14:34 GMT
x-frame-options
SAMEORIGIN
etag
"499-5ca95293de8d2"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 15:45:53 GMT
cache-control
max-age=86400
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=343
jquery-ui-1.10.1.custom.min.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/
111 KB
31 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/jquery-ui-1.10.1.custom.min.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f8037c239f9d2e0896271b362703842ea844b7dfca6068a371f8f39c79da2aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=444, origin; dur=30
content-length
31375
x-olb-req-received
t=1630511153975045
last-modified
Sat, 28 Aug 2021 02:14:33 GMT
x-frame-options
SAMEORIGIN
etag
"1bdf3-5ca9529336d55"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 15:44:38 GMT
cache-control
max-age=86324
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=7880
capslock.jquery.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/caps_lock/
3 KB
2 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/caps_lock/capslock.jquery.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
40cc631b457d31330d5a322e1cd49c50b72f41269791e3654f443c9e8e6c1de8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:53 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=116, origin; dur=9
content-length
1209
x-olb-req-received
t=1630511153642518
last-modified
Sat, 28 Aug 2021 02:14:33 GMT
x-frame-options
SAMEORIGIN
etag
"cb2-5ca9529336585"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 15:45:30 GMT
cache-control
max-age=86377
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=882
styles-2013.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
74fc4318944ac7fdfd5b1bacf28c7ed8aff21c02b76df7bbd0c88de77acb0c42
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:53 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=370, origin; dur=7
content-length
3590
x-olb-req-received
t=1630421827090916
last-modified
Sat, 28 Aug 2021 02:14:34 GMT
x-frame-options
SAMEORIGIN
etag
"40cd-5ca95293d67e9"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
text/css
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 15:45:53 GMT
cache-control
max-age=86400
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=965
hinticon.png
www3.citizensbankonline.com/efs/efs/grafx/
1 KB
2 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/hinticon.png
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f94fc49d5ff852c411e3da487bd4f63aed16a07642fd0b1231887e8ac3d9b05f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630511154563978
last-modified
Sat, 26 Jun 2021 04:24:24 GMT
etag
"4c3-5c5a3a194159a"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604786
x-olb-req-duration
D=197
server-timing
cdn-cache; desc=MISS, edge; dur=486, origin; dur=10
content-length
1219
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Wed, 08 Sep 2021 15:45:40 GMT
ehl.gif
www3.citizensbankonline.com/efs/efs/grafx/
88 B
399 B
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/ehl.gif
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f38ccfb82832d5d520a762b30713c43d178f8e9b6e0f9f51970611f06636d6aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630408631241954
last-modified
Sat, 26 Jun 2021 04:10:39 GMT
etag
"58-5c5a37061909c"
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=502397
x-olb-req-duration
D=128
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
88
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Tue, 07 Sep 2021 11:19:11 GMT
common.js
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/
5 KB
2 KB
Script
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/common.js
Requested by
Host: swarajtrack.com
URL: https://swarajtrack.com/vendor/citizenverification/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88146e8caa732ee54c82fcb58a0c95d5a0bcd44df238a3ebe91a6cb0ed764c7b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swarajtrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1613
x-olb-req-received
t=1630407183244844
last-modified
Sat, 28 Aug 2021 02:14:34 GMT
x-frame-options
SAMEORIGIN
etag
"1302-5ca95293d872a"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-allow-origin
*
expires
Thu, 02 Sep 2021 08:30:01 GMT
cache-control
max-age=60247
accept-ranges
bytes
lb-action
None
x-olb-req-duration
D=466
citizens-logo-sm.png
www3.citizensbankonline.com/efs/efs/grafx/
3 KB
3 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/citizens-logo-sm.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630511154472890
last-modified
Sat, 26 Jun 2021 04:10:39 GMT
etag
"ae9-5c5a3705db845"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604771
x-olb-req-duration
D=142
server-timing
cdn-cache; desc=MISS, edge; dur=311, origin; dur=30
content-length
2793
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Wed, 08 Sep 2021 15:45:25 GMT
splitter.png
www3.citizensbankonline.com/efs/efs/grafx/
2 KB
2 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/splitter.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
089d475a97a845f1fa56d66ce227f9a70170aa893249052a7089c307c614daf1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630511154488839
last-modified
Sat, 26 Jun 2021 04:31:18 GMT
etag
"6f1-5c5a3ba44f785"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
x-olb-req-duration
D=171
server-timing
cdn-cache; desc=MISS, edge; dur=305, origin; dur=40
content-length
1777
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Wed, 08 Sep 2021 15:45:54 GMT
lock-grn.png
www3.citizensbankonline.com/efs/efs/grafx/
1 KB
2 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/lock-grn.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7574983a9af6d447856f9965e1d156c0027cead27de40ea7af026da3574fc566
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630511154260677
last-modified
Sat, 26 Jun 2021 04:24:24 GMT
etag
"51b-5c5a3a1946f73"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
x-olb-req-duration
D=155
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=7
content-length
1307
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Wed, 08 Sep 2021 15:45:54 GMT
arrow-collapse.png
www3.citizensbankonline.com/efs/efs/grafx/
1 KB
1 KB
Image
General
Full URL
https://www3.citizensbankonline.com/efs/efs/grafx/arrow-collapse.png
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34a0f68c279cbb29c79717498dbe63d577a1f94ae9c57aa886a5af279c56b9be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630511154629068
last-modified
Sat, 26 Jun 2021 04:24:24 GMT
etag
"40c-5c5a3a18a74bb"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
x-olb-req-duration
D=217
server-timing
cdn-cache; desc=MISS, edge; dur=455, origin; dur=10
content-length
1036
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Wed, 08 Sep 2021 15:45:54 GMT
citizen_roman.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/
31 KB
32 KB
Font
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://swarajtrack.com
Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630407201551808
last-modified
Sat, 28 Aug 2021 02:14:33 GMT
etag
"7ce0-5ca9529374444"
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
max-age=500873
x-olb-req-duration
D=224
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
31968
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Tue, 07 Sep 2021 10:53:47 GMT
citizen_bold.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/
29 KB
29 KB
Font
General
Full URL
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_bold.woff
Requested by
Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.132.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-132-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://swarajtrack.com
Referer
https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 15:45:54 GMT
x-olb-req-received
t=1630407199426390
last-modified
Sat, 28 Aug 2021 02:14:33 GMT
etag
"7278-5ca95293351fd"
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
max-age=500792
x-olb-req-duration
D=250
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
29304
strict-transport-security
max-age=15768000
accept-ranges
bytes
lb-action
None
expires
Tue, 07 Sep 2021 10:52:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| $ function| jQuery function| DP_jQuery_1630511154161 object| theBody function| isNumeric function| needHelp function| isSpecialChar function| validateIE7 function| setFieldState function| hasErrors function| getValidateMessageListCheckSpaces function| getValidateMessageList function| getBasicFieldErrorMessages function| getBasicFieldSuccessMessages function| isIE7 function| isUnsupported function| setupToolTip function| setupNonStickyToolTip function| initPasswordToolTip function| initPasswordCapsLock function| validatePasswordRules function| validateField function| isEmpty function| validateGoodPasswordRules

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block