naphotography.co.za
Open in
urlscan Pro
196.25.211.127
Malicious Activity!
Public Scan
Submission: On October 03 via manual from ZA
Summary
This is the only time naphotography.co.za was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citibank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 196.25.211.127 196.25.211.127 | 5713 (SAIX-NET) (SAIX-NET) | |
16 31 | 104.111.235.119 104.111.235.119 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 1 | 104.109.65.248 104.109.65.248 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2.16.123.117 2.16.123.117 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
17 | 3 |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-235-119.deploy.static.akamaitechnologies.com
online.citibank.com | |
online.citi.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-65-248.deploy.static.akamaitechnologies.com
ak1s.abmr.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-123-117.deploy.static.akamaitechnologies.com
sec-citi.bridgetrack.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
citibank.com
16 redirects
online.citibank.com |
2 KB |
15 |
citi.com
online.citi.com |
174 KB |
1 |
bridgetrack.com
sec-citi.bridgetrack.com |
12 KB |
1 |
abmr.net
1 redirects
ak1s.abmr.net |
694 B |
1 |
naphotography.co.za
naphotography.co.za |
208 KB |
17 | 5 |
Domain | Requested by | |
---|---|---|
16 | online.citibank.com | 16 redirects |
15 | online.citi.com |
naphotography.co.za
|
1 | sec-citi.bridgetrack.com |
naphotography.co.za
|
1 | ak1s.abmr.net | 1 redirects |
1 | naphotography.co.za | |
17 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
online.citibank.com DigiCert SHA2 Extended Validation Server CA |
2018-03-14 - 2020-05-14 |
2 years | crt.sh |
*.bridgetrack.com DigiCert SHA2 Secure Server CA |
2018-11-19 - 2020-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://naphotography.co.za/83d2/journal/citi/
Frame ID: 52448B6B7F4E1ED6DC2B6B00426741A4
Requests: 17 HTTP requests in this frame
116 Outgoing links
These are links going to different origins than the main page.
Title: CLICK HERE IF YOU ARE USING SCREEN READING SOFTWARE FOR THE VISUALLY IMPAIRED
Search URL Search Domain Scan URL
Title: CITI.COM
Search URL Search Domain Scan URL
Title: ESPAÑOL
Search URL Search Domain Scan URL
Title: OPEN AN ACCOUNT
Search URL Search Domain Scan URL
Title: HELP
Search URL Search Domain Scan URL
Title: | GO
Search URL Search Domain Scan URL
Title: SECURITY
Search URL Search Domain Scan URL
Title: Banking Overview
Search URL Search Domain Scan URL
Title: Checking Accounts
Search URL Search Domain Scan URL
Title: Savings Accounts
Search URL Search Domain Scan URL
Title: Certificates of Deposit (CDs)
Search URL Search Domain Scan URL
Title: IRAs & Rollovers
Search URL Search Domain Scan URL
Title: Rates
Search URL Search Domain Scan URL
Title: Global Client Banking
Search URL Search Domain Scan URL
Title: Citibank Student Banking
Search URL Search Domain Scan URL
Title: Online Banking
Search URL Search Domain Scan URL
Title: Mobile and Tablet Banking
Search URL Search Domain Scan URL
Title: Mobile Check Deposit
Search URL Search Domain Scan URL
Title: Account Alerts
Search URL Search Domain Scan URL
Title: Citi Financial Tools
Search URL Search Domain Scan URL
Title: Online Bank Statements
Search URL Search Domain Scan URL
Title: ABA Routing Number
Search URL Search Domain Scan URL
Title: eBills - View bills on Citi Online
Search URL Search Domain Scan URL
Title: Online Bill Payments
Search URL Search Domain Scan URL
Title: Popmoney®
Search URL Search Domain Scan URL
Title: Debit Card
Search URL Search Domain Scan URL
Title: Protect Your Money
Search URL Search Domain Scan URL
Title: Transfers
Search URL Search Domain Scan URL
Title: Women & Co.
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: View All Credit Cards
Search URL Search Domain Scan URL
Title: Low Interest Credit Cards
Search URL Search Domain Scan URL
Title: 0% Intro APR Credit Cards
Search URL Search Domain Scan URL
Title: Balance Transfer Credit Cards
Search URL Search Domain Scan URL
Title: Rewards Credit Cards
Search URL Search Domain Scan URL
Title: No Annual Fee Credit Cards
Search URL Search Domain Scan URL
Title: Cash Back & Savings Cards
Search URL Search Domain Scan URL
Title: Business Credit Cards
Search URL Search Domain Scan URL
Title: Student Credit Cards
Search URL Search Domain Scan URL
Title: Travel Credit Cards
Search URL Search Domain Scan URL
Title: Respond to a Mail Offer
Search URL Search Domain Scan URL
Title: See If You're Pre-Qualified for a Card
Search URL Search Domain Scan URL
Title: Citi Online
Search URL Search Domain Scan URL
Title: Mobile Banking
Search URL Search Domain Scan URL
Title: Rewards Programs
Search URL Search Domain Scan URL
Title: Citi Price Rewind
Search URL Search Domain Scan URL
Title: Card Benefits
Search URL Search Domain Scan URL
Title: Apply Online
Search URL Search Domain Scan URL
Title: Mortgages Overview
Search URL Search Domain Scan URL
Title: Visit Homeownership
Search URL Search Domain Scan URL
Title: Lending Products by Type
Search URL Search Domain Scan URL
Title: Home Equity Lines and Loans
Search URL Search Domain Scan URL
Title: Personal Lines & Loans
Search URL Search Domain Scan URL
Title: Link Your Account
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Ways to Invest with Citi
Search URL Search Domain Scan URL
Title: Invest On Your Own
Search URL Search Domain Scan URL
Title: Invest with a Personal Advisor
Search URL Search Domain Scan URL
Title: Products & Services
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Advisory Accounts
Search URL Search Domain Scan URL
Title: Bonds
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: IRAs and Rollovers
Search URL Search Domain Scan URL
Title: Mutual Funds
Search URL Search Domain Scan URL
Title: Securities Backed Lending
Search URL Search Domain Scan URL
Title: Financial Education on Wealth Management
Search URL Search Domain Scan URL
Title: Retirement Planning Center
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Small Business Banking
Search URL Search Domain Scan URL
Title: Solutions by Business Need
Search URL Search Domain Scan URL
Title: Solutions by Industry
Search URL Search Domain Scan URL
Title: Products & Services
Search URL Search Domain Scan URL
Title: Online Banking Solutions
Search URL Search Domain Scan URL
Title: Small Business Resources
Search URL Search Domain Scan URL
Title: Business Banking
Search URL Search Domain Scan URL
Title: Product Solutions
Search URL Search Domain Scan URL
Title: Global Presence
Search URL Search Domain Scan URL
Title: CitiBusiness® Online
Search URL Search Domain Scan URL
Title: Commercial Banking
Search URL Search Domain Scan URL
Title: Industry Specialties
Search URL Search Domain Scan URL
Title: Product Solutions
Search URL Search Domain Scan URL
Title: Apply Online
Search URL Search Domain Scan URL
Title: Rewards Programs
Search URL Search Domain Scan URL
Title: Citi ThankYou® Rewards Overview
Search URL Search Domain Scan URL
Title: Visit ThankYou.com
Search URL Search Domain Scan URL
Title: Citi Easy DealsSM
Search URL Search Domain Scan URL
Title: Special Offers
Search URL Search Domain Scan URL
Title: Citi Private Pass®
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Ways to Bank with Citi
Search URL Search Domain Scan URL
Title: Text Banking
Search URL Search Domain Scan URL
Title: Remote Banking Center
Search URL Search Domain Scan URL
Title: Other Banking Services
Search URL Search Domain Scan URL
Title: Auto Save
Search URL Search Domain Scan URL
Title: Inter-Institutions Transfers
Search URL Search Domain Scan URL
Title: Overdraft Protection
Search URL Search Domain Scan URL
Title: Online Fraud Protection
Search URL Search Domain Scan URL
Title: American Express Gift Card
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Why Citigold?
Search URL Search Domain Scan URL
Title: Access and Service
Search URL Search Domain Scan URL
Title: Recognition and Benefits
Search URL Search Domain Scan URL
Title: Advice and Guidance
Search URL Search Domain Scan URL
Title: Citigold Interest Checking
Search URL Search Domain Scan URL
Title: MAKE MORE TIME Citibank Online
Search URL Search Domain Scan URL
Title: THE CITI MOBILE APP Learn about SnapShot
Search URL Search Domain Scan URL
Title: DIGITAL SERVICES Finances at your fingertips
Search URL Search Domain Scan URL
Title: A CITI CARD FOR YOU You may be pre-qualified
Search URL Search Domain Scan URL
Title: Get Started
Search URL Search Domain Scan URL
Title: REGISTER
Search URL Search Domain Scan URL
Title: Forgot User ID or Password?
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: TERMS & CONDITIONS
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://online.citibank.com/GFC/branding/img/bg-marketing-banner.jpg HTTP 301
- https://online.citi.com/GFC/branding/img/bg-marketing-banner.jpg
- https://online.citibank.com/JRS/images/sprites/horizontal_sprite.png HTTP 301
- https://online.citi.com/JRS/images/sprites/horizontal_sprite.png
- https://online.citibank.com/JFP/images/global_sprite.png HTTP 301
- https://online.citi.com/JFP/images/global_sprite.png
- https://online.citibank.com/GFC/branding/img/citilogo_branding_60x35.png HTTP 301
- https://online.citi.com/GFC/branding/img/citilogo_branding_60x35.png
- https://online.citibank.com/GFC/branding/img/megamenu_v.png HTTP 301
- https://online.citi.com/GFC/branding/img/megamenu_v.png
- https://online.citibank.com/GFC/branding/img/megamenu_tile.gif HTTP 301
- https://online.citi.com/GFC/branding/img/megamenu_tile.gif
- https://online.citibank.com/GFC/branding/img/megamenu_h.png HTTP 301
- https://online.citi.com/GFC/branding/img/megamenu_h.png
- https://online.citibank.com/JRS/images/bottom-shade.png HTTP 301
- https://online.citi.com/JRS/images/bottom-shade.png
- https://online.citibank.com/JRS/images/LargeWhiteCarat.png HTTP 302
- https://ak1s.abmr.net/is/online.citibank.com?U=/JRS/images/LargeWhiteCarat.png&V=3-HKOSkVl0k+iA01yGv47Oey9Zyx5frhqKzlotlD5X8+Kr%2fTn%2fYjqqEg%3d%3d&I=929AC263336A9F1&D=citibank.com&01AD=1& HTTP 302
- https://online.citibank.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na HTTP 301
- https://online.citi.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na
- https://online.citibank.com/JRS/images/mktbgEN9.jpg HTTP 301
- https://online.citi.com/JRS/images/mktbgEN9.jpg
- https://online.citibank.com/JRS/images/sprites/content_sprite.png HTTP 301
- https://online.citi.com/JRS/images/sprites/content_sprite.png
- https://online.citibank.com/JRS/images/sign-on-bg.png HTTP 301
- https://online.citi.com/JRS/images/sign-on-bg.png
- https://online.citibank.com/JRS/images/marketing/footer.png HTTP 301
- https://online.citi.com/JRS/images/marketing/footer.png
- https://online.citibank.com/GFC/branding/img/footer-citi-logo-small.gif HTTP 301
- https://online.citi.com/GFC/branding/img/footer-citi-logo-small.gif
- https://online.citibank.com/JRS/images/nortonseal.png HTTP 301
- https://online.citi.com/JRS/images/nortonseal.png
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
naphotography.co.za/83d2/journal/citi/ |
207 KB 208 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-marketing-banner.jpg
online.citi.com/GFC/branding/img/ Redirect Chain
|
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
horizontal_sprite.png
online.citi.com/JRS/images/sprites/ Redirect Chain
|
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global_sprite.png
online.citi.com/JFP/images/ Redirect Chain
|
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citilogo_branding_60x35.png
online.citi.com/GFC/branding/img/ Redirect Chain
|
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
megamenu_v.png
online.citi.com/GFC/branding/img/ Redirect Chain
|
311 B 520 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
megamenu_tile.gif
online.citi.com/GFC/branding/img/ Redirect Chain
|
99 B 308 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
megamenu_h.png
online.citi.com/GFC/branding/img/ Redirect Chain
|
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottom-shade.png
online.citi.com/JRS/images/ Redirect Chain
|
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LargeWhiteCarat.png
online.citi.com/JRS/images/ Redirect Chain
|
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mktbgEN9.jpg
online.citi.com/JRS/images/ Redirect Chain
|
107 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
content_sprite.png
online.citi.com/JRS/images/sprites/ Redirect Chain
|
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sign-on-bg.png
online.citi.com/JRS/images/ Redirect Chain
|
118 B 327 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bb129_uso.png
sec-citi.bridgetrack.com/assets/107091/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.png
online.citi.com/JRS/images/marketing/ Redirect Chain
|
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-citi-logo-small.gif
online.citi.com/GFC/branding/img/ Redirect Chain
|
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nortonseal.png
online.citi.com/JRS/images/ Redirect Chain
|
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citibank (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| signIn0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ak1s.abmr.net
naphotography.co.za
online.citi.com
online.citibank.com
sec-citi.bridgetrack.com
104.109.65.248
104.111.235.119
196.25.211.127
2.16.123.117
087f1162917d4e7e37ba1b30bed04dde0a358309932ca4519c26b57f14c9afbb
44b3ecb9ceeb9a3a4b278f24dacee0a27028004cb22edd57a890ea671ba2d9e7
51251ff12b276b9033f70b6fbcd0623f7f67e964a5ea370dd1d65a2dce82a365
5529dc48664e9bf8d2cd8abbcff523eae17440bdcee950a34925bfcc5ceb65b6
5afcdfea737deff383e30811d357bf0a93c818b0495cb0e3194b5b87bfda0cb4
627479d52cffabd6804db919203d6917e4b4589f69d5ba20105d944cf8773c85
63db960cff2adb16c9e8b460d6b0c359e0d304ec94009e5b250bc2d00179d97e
74fa5e6ba7f191dc66a0144588974664da9e45733b48b3181494ce5c9b0089a3
b47060147f820f4721134724e1a38cab5fcc6960091389f6b4587769c4d2c313
c4e15b8a2632924767d35c75b0569d791266275d1d118d12ade0eadd3c3e04d3
d3d0d1cacd6a06a79de03d0697bb8c1f253a72f1d5bd4d87b998e86d8a4323f8
e77d37ad2371f1b1c13192c69c795d3b8b2e0a9b463b6e465cfa39aed4933d56
e7e2072bba9c55af8da06e0205da3c83d79f14999215b35ecbe374661bbce0a9
ebfc2c05f2e7ed45312d73e19ac568bb5644196bf592af3a54ac7a8d26d7d012
f1c635c4782fce1eef7290194a81f790b0dc0655c6eafdc43eb1498fd6b10295
fa6ab1707c10bef9b88e40f1393c30ff825b712e9ab7894aa6436f3a6bca15f8
ffb533352662a614319789060b946a791fb986232f9bd17c9f9576cda55f08ab