Domain > open.citibank.co.kr

More information on this domain is in AlienVault OTX

Files that talk to open.citibank.co.kr

MD5	A/V
74c7fd7485b506227b48c8d7a753598f	[Suspicious.Cloud.5] [BackDoor.Tdss.11228] [Artemis] [TrojanSpy:Win32/Wedots.A] [Artemis!74C7FD7485B5] [BScope.P2P-Worm.Palevo] [Win32.SuspectCrc] [PSW.Banker7.AQY.dropper]
54ef9c6081750e1edc56c1acda43a22f	[HW32.Packed.815C] [Artemis!54EF9C608175] [Win32.Trojan.Startpage.Sxox] [BehavesLike.Win32.BadFile.cc] [TrojanSpy:Win32/Wedots.A]
4d478143711cbd2c7f26c3a5ed354bad	[HW32.Packed.2437] [Artemis!4D478143711C] [TSPY_WEDOTS.B] [TSPY_WEDOTS.B] [BehavesLike.Win32.BadFile.cc] [TrojanSpy:Win32/Wedots.A] [Win32/Heur] [Win32/Trojan.97a]
ce57ff193cbe410b1b9561c33e0da6a2
11b9401daec4c85cddd9fba66fae75ba	[Backdoor.Trojan] [BackDoor.Tdss.11228] [TrojanSpy:Win32/Wedots.A] [BScope.P2P-Worm.Palevo] [Win32/DH{Jw9YZ1I}] [Win32/Trojan.97a]
f201e087e3c3a827497798939b891acb
6937609df01ac327b02a41d780aefbd8	[Suspicious.Cloud.5] [Mal/EncPk-CK] [BackDoor.Tdss.11228] [BehavesLike.Win32.BadFile.cc] [W32/Banker.ABEA!tr.spy] [Artemis!6937609DF01A] [BScope.P2P-Worm.Palevo] [PSW.Banker7.BWA] [Trojan.Win32.Banker.ABEA]
efcb0636e429e3f099400ef276db96b0
7cdc187a56e483a6aa0a519a8c2c3c62

Whois

Property	Value
Name	Citibank NA
Email	domain.admin@citi.com
Address	Citigroup 4F, #1127, Guwol-dong, Namdong-gu
Zip Code	405220
NameServer	ns2.citicorp.com
Created	1997-06-28 00:00:00
Changed	2015-08-01 00:00:00
Expires	2016-10-15 00:00:00
Registrar	Gabia, Inc.

DNS Resolutions

Date	IP Address
2014-01-09	192.193.83.182 (ClassC)
2014-11-19	192.193.81.182 (ClassC)
2019-06-30	192.193.83.203 (ClassC)
2019-07-19	192.193.81.203 (ClassC)
2019-09-06	104.109.113.217 (ClassC)
2023-12-18	104.112.189.210 (ClassC)
2024-07-30	184.25.199.213 (ClassC)
2024-09-03	23.44.247.167 (ClassC)
2024-09-10	23.6.107.161 (ClassC)
2024-09-13	23.195.239.185 (ClassC)
2024-12-31	23.55.167.25 (ClassC)
2025-03-22	23.55.111.161 (ClassC)
2025-04-11	23.192.230.142 (ClassC)
2025-05-11	23.192.230.138 (ClassC)

HTTP/1.1 200 OKDate: Sun, 23 Jun 2019 11:36:41 GMTLast-Modified: Mon, 03 Jun 2019 00:00:26 GMTETag: b61941-af0-58a600d2d3344Accept-Ranges: bytesContent-Length: 2800Vary: Accept-EncodingContent-Type: t

html>head>	meta http-equivContent-Type contenttext/html; charsetutf-8 />    meta http-equivexpires content0>    meta http-equivCache-Control contentno-cache />    meta http-equivPragma   contentno-cache />       meta http-equivX-UA-Compatible contentIEedge,chrome1>   meta namegoogle-site-verification contentG_eOPLNQrNkGo8J1O0ikoHrVbBRENMe64x3a3VDpQdg />  !-- meta http-equivrefresh content0;urlhttps://cbolrnd.apac.nsroot.net:8443/ComMainCnts0100.act> -->	title>한국씨티은행/title>	meta nameviewport contentwidthdevice-width,initial-scale1.0,minimum-scale1.0,maximum-scale1.0,user-scalableno>	meta nameformat-detection contenttelephoneno>		meta content nametitle>	meta content씨티은행 인터넷 뱅킹, 씨티은행, 씨티뱅크, CITI BANK, 씨티카드, 씨티 namekeywords>	meta contentCopyrightⓒ2016 Citigroup Inc. namecopyright>		link relShortcut Icon href../../img/favicon.ico>		link relstylesheet typetext/css href../../css/reset.css>!-- css링크 -->	link relstylesheet typetext/css href../../css/common.css>!-- css링크 -->script>    var host  location.host.toLowerCase();    var isCiti  true;    var isGold  false;    var isCard  false;        var referrer  ?ref + document.referrer;        if( host.indexOf(cbolrnd) > -1 || host.indexOf(citibank.co.kr) > -1) {    	isCiti  true;    } else if( host.indexOf(cgolrnd) > -1 || host.indexOf(citigold.co.kr) > -1) {    	isGold  true;	} else if( host.indexOf(cardrnd) > -1 || host.indexOf(citicard.co.kr) > -1) {    			isCard  true;    }    if (isCiti) {    	if( host.indexOf(uat) > -1 || host.indexOf(cbolrnd) > -1 ){    		top.location.href  https://+host+/ComMainCnts0100.act + referrer;        }else{        	top.location.href  https://www.citibank.co.kr/ComMainCnts0100.act + referrer;        }    }    if (isGold) {    	if( host.indexOf(uat) > -1 || host.indexOf(cgolrnd) > -1 ){    		top.location.href  https://+host+/CgsCtglMain0100.act;        }else{        	top.location.href  https://www.citigold.co.kr/CgsCtglMain0100.act;        }    }        if (isCard) {    	if( ho

Port 443

HTTP/1.1 200 OKDate: Sun, 23 Jun 2019 11:36:42 GMTLast-Modified: Mon, 03 Jun 2019 00:00:26 GMTETag: b61941-af0-58a600d2d3344Accept-Ranges: bytesContent-Length: 2800Vary: Accept-EncodingContent-Type: t

Subdomains

Date	Domain	IP
mobile.citibank.co.kr	2023-08-25	104.90.249.16
open.citibank.co.kr	2014-11-19	192.193.81.182
echat.citibank.co.kr	2025-04-04	192.193.83.202
mobileuat.citibank.co.kr	2023-08-25	23.222.151.222
homeuat.citibank.co.kr	2023-08-25	23.195.237.236
echatuat.citibank.co.kr	2025-04-16	192.193.81.210
mobilesit.citibank.co.kr	2024-03-23	23.44.250.82
echatsit.citibank.co.kr	2025-05-13	192.193.81.221
www.citibank.co.kr	2024-07-30	23.213.21.144

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]