naphotography.co.za Open in urlscan Pro
196.25.211.127 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://naphotography.co.za/83d2/journal/citi/
Submission: On October 03 via manual (October 3rd 2019, 6:04:01 pm UTC) from ZA

Summary HTTP 17 Redirects Links 116 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 196.25.211.127, located in South Africa and belongs to SAIX-NET, ZA. The main domain is naphotography.co.za.

This is the only time naphotography.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	196.25.211.127 196.25.211.127	5713 (SAIX-NET) (SAIX-NET)
16 31	104.111.235.119 104.111.235.119	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	104.109.65.248 104.109.65.248	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.123.117 2.16.123.117	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	3

1 196.25.211.127 (South Africa)

ASN5713 (SAIX-NET, ZA)

naphotography.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.111.235.119 (Netherlands) 16 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-235-119.deploy.static.akamaitechnologies.com

online.citibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.65.248 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-65-248.deploy.static.akamaitechnologies.com

ak1s.abmr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.123.117 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-123-117.deploy.static.akamaitechnologies.com

sec-citi.bridgetrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	citibank.com 16 redirects online.citibank.com	2 KB
15	citi.com online.citi.com	174 KB
1	bridgetrack.com sec-citi.bridgetrack.com	12 KB
1	abmr.net 1 redirects ak1s.abmr.net	694 B
1	naphotography.co.za naphotography.co.za	208 KB
17	5

	Domain	Requested by
16	online.citibank.com	16 redirects
15	online.citi.com	naphotography.co.za
1	sec-citi.bridgetrack.com	naphotography.co.za
1	ak1s.abmr.net	1 redirects
1	naphotography.co.za
17	5

This site contains links to these domains. Also see Links.

Domain
online.citibank.com
www.citi.com
www.citicards.com
www.citipricerewind.com
www.benefitbuilder.citi.com
businessaccess.citibank.citigroup.com
www.thankyou.com
citieasydeals.com
www.citiprivatepass.com
creditcards.citicards.com
citi.bridgetrack.com

Subject Issuer	Validity	Valid
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2018-03-14` - `2020-05-14`	2 years	crt.sh
*.bridgetrack.com DigiCert SHA2 Secure Server CA	`2018-11-19` - `2020-02-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://naphotography.co.za/83d2/journal/citi/
Frame ID: 52448B6B7F4E1ED6DC2B6B00426741A4
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

393 kB
Transfer

389 kB
Size

0
Cookies

116 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citibank.com/US/JSO/signon/VIPLocaleUsernameSignon.do?locale=en_US_VIP
Title: CLICK HERE IF YOU ARE USING SCREEN READING SOFTWARE FOR THE VISUALLY IMPAIRED

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/Welcome.c
Title: CITI.COM

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/signon/LocaleUsernameSignon.do?locale=es_US
Title: ESPAÑOL

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=AOProductSelection
Title: OPEN AN ACCOUNT

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/helpcenter/main.do
Title: HELP

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/signon/LocaleUsernameSignon.do?locale=en_US
Title: | GO

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=SecurityCenter
Title: SECURITY

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=BankingOverview
Title: Banking Overview

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=Checking
Title: Checking Accounts

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=Savings
Title: Savings Accounts

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=SvgCDs
Title: Certificates of Deposit (CDs)

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=IRA
Title: IRAs & Rollovers

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CurrentRates
Title: Rates

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=GlobalClientBanking
Title: Global Client Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=StudentAccounts
Title: Citibank Student Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=OnlineBankingOverview
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiMobile
Title: Mobile and Tablet Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=MobileCheckDeposit
Title: Mobile Check Deposit

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=WAlerts
Title: Account Alerts

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiFinancialTools
Title: Citi Financial Tools

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=OnlineState
Title: Online Bank Statements

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/helpcenter/getHelpContent.do?dispFormat=main&contentId=DeterminingABANumberAccount&contentType=help_item
Title: ABA Routing Number

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=Ebill
Title: eBills - View bills on Citi Online

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=BillPay
Title: Online Bill Payments

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=PopMoney
Title: Popmoney®

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=ATMCard
Title: Debit Card

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=ProtectionServices
Title: Protect Your Money

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=FundTransfers
Title: Transfers

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=WomenAndCo
Title: Women & Co.

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitigoldOverview&intc=1~7~62~3~081612~1~Citigold~CitigoldAwareness_BankingMMBlurb
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/creditcards/CitiHome.do
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=view-all-credit-cards
Title: View All Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=low-interest-credit-card
Title: Low Interest Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=intro-purchase-apr
Title: 0% Intro APR Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=balance-transfer-credit-cards
Title: Balance Transfer Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=reward-credit-cards
Title: Rewards Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=no-annual-fee-credit-cards
Title: No Annual Fee Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=savings-and-cash-back-credit-cards
Title: Cash Back & Savings Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=all-small-business-credit-cards
Title: Business Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=all-student-credit-cards
Title: Student Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=travel-reward-credit-cards
Title: Travel Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=Y
Title: Respond to a Mail Offer

Search URL Search Domain Scan URL

URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=N
Title: See If You're Pre-Qualified for a Card

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/template.do?ID=credit-card-services
Title: Citi Online

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/portal/template.do?ID=CitiMobileMicroOverview
Title: Mobile Banking

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/template.do?ID=credit-card-rewards
Title: Rewards Programs

Search URL Search Domain Scan URL

URL: https://www.citipricerewind.com/
Title: Citi Price Rewind

Search URL Search Domain Scan URL

URL: https://www.benefitbuilder.citi.com/
Title: Card Benefits

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=most-popular-credit-cards
Title: Apply Online

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=RELMortgageOverview
Title: Mortgages Overview

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/portal/template.do?ID=mortgage_home_mortgage
Title: Visit Homeownership

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=LinesLoansOverview
Title: Lending Products by Type

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=HELinesLoansAag
Title: Home Equity Lines and Loans

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=PersonalLinesAag
Title: Personal Lines & Loans

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=LinkingAccounts
Title: Link Your Account

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=WAlerts&intc=1~7~51~3~121012~5~Alerts~LendingTabMMblurb
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestingOverview
Title: Ways to Invest with Citi

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestOnYourOwn
Title: Invest On Your Own

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestWithPersonalAdvisor
Title: Invest with a Personal Advisor

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestingProducts
Title: Products & Services

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestingRetirement
Title: Annuities

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestingManagedAccounts
Title: Advisory Accounts

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=Bonds
Title: Bonds

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=Insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=IRAInvesting
Title: IRAs and Rollovers

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestingMutualFunds
Title: Mutual Funds

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InvestingLending
Title: Securities Backed Lending

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=FinancialGuidance
Title: Financial Education on Wealth Management

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/portal/template.do?ID=RetirementPlanning
Title: Retirement Planning Center

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/portal/template.do?ID=CitiMobileMicroOverview&intc=1~7~51~3~121012~5~iPadKindle~InvestingTabMMblurb
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBizOverview
Title: Small Business Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBizByNeed
Title: Solutions by Business Need

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBizByIndustry
Title: Solutions by Industry

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBizProductsServices
Title: Products & Services

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBizOnline
Title: Online Banking Solutions

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBizToolsResources
Title: Small Business Resources

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBusinessBanking
Title: Business Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBBSolutions
Title: Product Solutions

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiBBGlobalPresence
Title: Global Presence

Search URL Search Domain Scan URL

URL: https://businessaccess.citibank.citigroup.com/cbusol/signon.do
Title: CitiBusiness® Online

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiCBIndustries
Title: Industry Specialties

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiCBSolutions
Title: Product Solutions

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/detail.do?ID=all-small-business-credit-cards&intc=1~7~51~3~032113~1~CBFamily~BusinessTabMMblurb
Title: Apply Online

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards Programs

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CBNATYRNRewards
Title: Citi ThankYou® Rewards Overview

Search URL Search Domain Scan URL

URL: https://www.thankyou.com/
Title: Visit ThankYou.com

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi Private Pass®

Search URL Search Domain Scan URL

URL: http://creditcards.citicards.com/usc/ThankYou/multi/2012/Q2/internal/default.htm?screenID=3131&app=UNSOL&siteId=CB&langId=EN&sc=4MMZ1B42&B=B&m=723QSDBAT00&uc=C64&t=t&naInd=V&intc=1~7~62~3~112912~1~ThankYouCards~ThankYouCards_Rewards_Offers
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=AccountAccess
Title: Ways to Bank with Citi

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitiMobileSMS
Title: Text Banking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/portal/template.do?ID=RemoteBanking
Title: Remote Banking Center

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Other Banking Services

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=AutoSave
Title: Auto Save

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=InterInstitution
Title: Inter-Institutions Transfers

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=OverdraftProtection
Title: Overdraft Protection

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=FraudProtection
Title: Online Fraud Protection

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=AmexGiftCard
Title: American Express Gift Card

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=MobileCheckDeposit&intc=1~7~51~3~121012~5~MCD~ServicesTabMMblurb
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Why Citigold?

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitigoldAccessAndServices
Title: Access and Service

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitigoldRecognitionAndBenefits
Title: Recognition and Benefits

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=CitigoldAdviceAndGuidance
Title: Advice and Guidance

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/pands/detail.do?ID=Citigold
Title: Citigold Interest Checking

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/signon/LocaleUsernameSignon.do?locale=en_US#tab1
Title: MAKE MORE TIME Citibank Online

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/signon/LocaleUsernameSignon.do?locale=en_US#tab2
Title: THE CITI MOBILE APP Learn about SnapShot

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/signon/LocaleUsernameSignon.do?locale=en_US#tab3
Title: DIGITAL SERVICES Finances at your fingertips

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/signon/LocaleUsernameSignon.do?locale=en_US#tab4
Title: A CITI CARD FOR YOU You may be pre-qualified

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/reg/Next.do
Title: Get Started

Search URL Search Domain Scan URL

URL: https://online.citibank.com/JSO/reg/Setup.do
Title: REGISTER

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JSO/uidn/RequestUserIDReminder.do
Title: Forgot User ID or Password?

Search URL Search Domain Scan URL

URL: https://citi.bridgetrack.com/a/c/?BT_BCID=291495&BT_SID=124834&masterID=&_jfp=https%3A%2F%2Fonline.citibank.com&rateSheetId=null&target=CBOLAdBanner
Title:

Search URL Search Domain Scan URL

URL: https://online.citibank.com/US/JRS/portal/template.do?ID=ForresterAward
Title:

Search URL Search Domain Scan URL

URL: https://online.citibank.com/JRS/portal/template.do?ID=TermsDisclaimer
Title: TERMS & CONDITIONS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://online.citibank.com/GFC/branding/img/bg-marketing-banner.jpg HTTP 301
https://online.citi.com/GFC/branding/img/bg-marketing-banner.jpg

Request Chain 1

https://online.citibank.com/JRS/images/sprites/horizontal_sprite.png HTTP 301
https://online.citi.com/JRS/images/sprites/horizontal_sprite.png

Request Chain 2

https://online.citibank.com/JFP/images/global_sprite.png HTTP 301
https://online.citi.com/JFP/images/global_sprite.png

Request Chain 3

https://online.citibank.com/GFC/branding/img/citilogo_branding_60x35.png HTTP 301
https://online.citi.com/GFC/branding/img/citilogo_branding_60x35.png

Request Chain 4

https://online.citibank.com/GFC/branding/img/megamenu_v.png HTTP 301
https://online.citi.com/GFC/branding/img/megamenu_v.png

Request Chain 5

https://online.citibank.com/GFC/branding/img/megamenu_tile.gif HTTP 301
https://online.citi.com/GFC/branding/img/megamenu_tile.gif

Request Chain 6

https://online.citibank.com/GFC/branding/img/megamenu_h.png HTTP 301
https://online.citi.com/GFC/branding/img/megamenu_h.png

Request Chain 7

https://online.citibank.com/JRS/images/bottom-shade.png HTTP 301
https://online.citi.com/JRS/images/bottom-shade.png

Request Chain 8

https://online.citibank.com/JRS/images/LargeWhiteCarat.png HTTP 302
https://ak1s.abmr.net/is/online.citibank.com?U=/JRS/images/LargeWhiteCarat.png&V=3-HKOSkVl0k+iA01yGv47Oey9Zyx5frhqKzlotlD5X8+Kr%2fTn%2fYjqqEg%3d%3d&I=929AC263336A9F1&D=citibank.com&01AD=1& HTTP 302
https://online.citibank.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na HTTP 301
https://online.citi.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na

Request Chain 9

https://online.citibank.com/JRS/images/mktbgEN9.jpg HTTP 301
https://online.citi.com/JRS/images/mktbgEN9.jpg

Request Chain 10

https://online.citibank.com/JRS/images/sprites/content_sprite.png HTTP 301
https://online.citi.com/JRS/images/sprites/content_sprite.png

Request Chain 11

https://online.citibank.com/JRS/images/sign-on-bg.png HTTP 301
https://online.citi.com/JRS/images/sign-on-bg.png

Request Chain 13

https://online.citibank.com/JRS/images/marketing/footer.png HTTP 301
https://online.citi.com/JRS/images/marketing/footer.png

Request Chain 14

https://online.citibank.com/GFC/branding/img/footer-citi-logo-small.gif HTTP 301
https://online.citi.com/GFC/branding/img/footer-citi-logo-small.gif

Request Chain 15

https://online.citibank.com/JRS/images/nortonseal.png HTTP 301
https://online.citi.com/JRS/images/nortonseal.png

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
naphotography.co.za/83d2/journal/citi/ 207 KB
208 KB 832ms
288ms Document
text/html 196.25.211.127
SAIX-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://naphotography.co.za/83d2/journal/citi/
Protocol: HTTP/1.1
Server: 196.25.211.127 , South Africa, ASN5713 (SAIX-NET, ZA),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 627479d52cffabd6804db919203d6917e4b4589f69d5ba20105d944cf8773c85

Request headers

Host: naphotography.co.za
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 18:02:56 GMT
Server: Apache
Last-Modified: Thu, 14 Feb 2019 00:54:50 GMT
ETag: "162798f-33dfb-581d01b044a80"
Accept-Ranges: bytes
Content-Length: 212475
X-Powered-By: PleskLin
Connection: close
Content-Type: text/html

GET
H2

200

bg-marketing-banner.jpg
online.citi.com/GFC/branding/img/
Redirect Chain

https://online.citibank.com/GFC/branding/img/bg-marketing-banner.jpg
https://online.citi.com/GFC/branding/img/bg-marketing-banner.jpg

5 KB
5 KB

47ms
35ms

Image
image/jpeg

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/bg-marketing-banner.jpg

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

b47060147f820f4721134724e1a38cab5fcc6960091389f6b4587769c4d2c313

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Thu, 03 Oct 2019 18:03:42 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 4857

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:42 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/GFC/branding/img/bg-marketing-banner.jpg

GET
H2

200

horizontal_sprite.png
online.citi.com/JRS/images/sprites/
Redirect Chain

https://online.citibank.com/JRS/images/sprites/horizontal_sprite.png
https://online.citi.com/JRS/images/sprites/horizontal_sprite.png

2 KB
2 KB

57ms
45ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/sprites/horizontal_sprite.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

ebfc2c05f2e7ed45312d73e19ac568bb5644196bf592af3a54ac7a8d26d7d012

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:42 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1544

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:42 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/sprites/horizontal_sprite.png

GET
H2

200

global_sprite.png
online.citi.com/JFP/images/
Redirect Chain

https://online.citibank.com/JFP/images/global_sprite.png
https://online.citi.com/JFP/images/global_sprite.png

6 KB
6 KB

70ms
70ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JFP/images/global_sprite.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

5afcdfea737deff383e30811d357bf0a93c818b0495cb0e3194b5b87bfda0cb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:32:08 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:42 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 5751

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:42 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JFP/images/global_sprite.png

GET
H2

200

citilogo_branding_60x35.png
online.citi.com/GFC/branding/img/
Redirect Chain

https://online.citibank.com/GFC/branding/img/citilogo_branding_60x35.png
https://online.citi.com/GFC/branding/img/citilogo_branding_60x35.png

3 KB
3 KB

33ms
33ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/citilogo_branding_60x35.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

f1c635c4782fce1eef7290194a81f790b0dc0655c6eafdc43eb1498fd6b10295

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:42 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 2618

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:42 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/GFC/branding/img/citilogo_branding_60x35.png

GET
H2

200

megamenu_v.png
online.citi.com/GFC/branding/img/
Redirect Chain

https://online.citibank.com/GFC/branding/img/megamenu_v.png
https://online.citi.com/GFC/branding/img/megamenu_v.png

311 B
520 B

30ms
30ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/megamenu_v.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

63db960cff2adb16c9e8b460d6b0c359e0d304ec94009e5b250bc2d00179d97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:43 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 311

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:43 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/GFC/branding/img/megamenu_v.png

GET
H2

200

megamenu_tile.gif
online.citi.com/GFC/branding/img/
Redirect Chain

https://online.citibank.com/GFC/branding/img/megamenu_tile.gif
https://online.citi.com/GFC/branding/img/megamenu_tile.gif

99 B
308 B

44ms
44ms

Image
image/gif

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/megamenu_tile.gif

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

d3d0d1cacd6a06a79de03d0697bb8c1f253a72f1d5bd4d87b998e86d8a4323f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:12:07 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 99

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/GFC/branding/img/megamenu_tile.gif

GET
H2

200

megamenu_h.png
online.citi.com/GFC/branding/img/
Redirect Chain

https://online.citibank.com/GFC/branding/img/megamenu_h.png
https://online.citi.com/GFC/branding/img/megamenu_h.png

2 KB
2 KB

65ms
65ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/megamenu_h.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

087f1162917d4e7e37ba1b30bed04dde0a358309932ca4519c26b57f14c9afbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1805

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/GFC/branding/img/megamenu_h.png

GET
H2

200

bottom-shade.png
online.citi.com/JRS/images/
Redirect Chain

https://online.citibank.com/JRS/images/bottom-shade.png
https://online.citi.com/JRS/images/bottom-shade.png

1 KB
1 KB

30ms
29ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/bottom-shade.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e7e2072bba9c55af8da06e0205da3c83d79f14999215b35ecbe374661bbce0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1210

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/bottom-shade.png

GET
H2

200

LargeWhiteCarat.png
online.citi.com/JRS/images/
Redirect Chain

https://online.citibank.com/JRS/images/LargeWhiteCarat.png
https://ak1s.abmr.net/is/online.citibank.com?U=/JRS/images/LargeWhiteCarat.png&V=3-HKOSkVl0k+iA01yGv47Oey9Zyx5frhqKzlotlD5X8+Kr%2fTn%2fYjqqEg%3d%3d&I=929AC263336A9F1&D=citibank.com&01AD=1&
https://online.citibank.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na
https://online.citi.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na

1 KB
1 KB

53ms
53ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

fa6ab1707c10bef9b88e40f1393c30ff825b712e9ab7894aa6436f3a6bca15f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1131

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/LargeWhiteCarat.png?01AD=3pBYTYXmoMk8HIggYu9eTTuRuH7e6N2BbHYA9-K8uE4aEZjPy4UmNhQ&01RI=929AC263336A9F1&01NA=na
p3p: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"

GET
H2

200

mktbgEN9.jpg
online.citi.com/JRS/images/
Redirect Chain

https://online.citibank.com/JRS/images/mktbgEN9.jpg
https://online.citi.com/JRS/images/mktbgEN9.jpg

107 KB
107 KB

50ms
50ms

Image
image/jpeg

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/mktbgEN9.jpg

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e77d37ad2371f1b1c13192c69c795d3b8b2e0a9b463b6e465cfa39aed4933d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 109332

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/mktbgEN9.jpg

GET
H2

200

content_sprite.png
online.citi.com/JRS/images/sprites/
Redirect Chain

https://online.citibank.com/JRS/images/sprites/content_sprite.png
https://online.citi.com/JRS/images/sprites/content_sprite.png

37 KB
37 KB

50ms
50ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/sprites/content_sprite.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

74fa5e6ba7f191dc66a0144588974664da9e45733b48b3181494ce5c9b0089a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 38017

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/sprites/content_sprite.png

GET
H2

200

sign-on-bg.png
online.citi.com/JRS/images/
Redirect Chain

https://online.citibank.com/JRS/images/sign-on-bg.png
https://online.citi.com/JRS/images/sign-on-bg.png

118 B
327 B

51ms
50ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/sign-on-bg.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

44b3ecb9ceeb9a3a4b278f24dacee0a27028004cb22edd57a890ea671ba2d9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 118

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/sign-on-bg.png

GET
H/1.1 200
OK bb129_uso.png
sec-citi.bridgetrack.com/assets/107091/ 11 KB
12 KB 814ms
785ms Image
image/png 2.16.123.117
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sec-citi.bridgetrack.com/assets/107091/bb129_uso.png
Requested by: Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2.16.123.117 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-123-117.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 51251ff12b276b9033f70b6fbcd0623f7f67e964a5ea370dd1d65a2dce82a365

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 18:03:45 GMT
Last-Modified: Thu, 03 Oct 2019 18:03:45 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: W/"2ebcfae5147ad51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11749

GET
H2

200

footer.png
online.citi.com/JRS/images/marketing/
Redirect Chain

https://online.citibank.com/JRS/images/marketing/footer.png
https://online.citi.com/JRS/images/marketing/footer.png

4 KB
4 KB

53ms
53ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/marketing/footer.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

5529dc48664e9bf8d2cd8abbcff523eae17440bdcee950a34925bfcc5ceb65b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 4136

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/marketing/footer.png

GET
H2

200

footer-citi-logo-small.gif
online.citi.com/GFC/branding/img/
Redirect Chain

https://online.citibank.com/GFC/branding/img/footer-citi-logo-small.gif
https://online.citi.com/GFC/branding/img/footer-citi-logo-small.gif

1 KB
2 KB

29ms
29ms

Image
image/gif

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/footer-citi-logo-small.gif

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

ffb533352662a614319789060b946a791fb986232f9bd17c9f9576cda55f08ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 1470

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/GFC/branding/img/footer-citi-logo-small.gif

GET
H2

200

nortonseal.png
online.citi.com/JRS/images/
Redirect Chain

https://online.citibank.com/JRS/images/nortonseal.png
https://online.citi.com/JRS/images/nortonseal.png

2 KB
2 KB

34ms
34ms

Image
image/png

104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/nortonseal.png

Requested by

Host: naphotography.co.za
URL: http://naphotography.co.za/83d2/journal/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

c4e15b8a2632924767d35c75b0569d791266275d1d118d12ade0eadd3c3e04d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://naphotography.co.za/83d2/journal/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Thu, 03 Oct 2019 18:03:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1686

Redirect headers

status: 301
date: Thu, 03 Oct 2019 18:03:44 GMT
server: AkamaiGHost
content-length: 0
location: https://online.citi.com/JRS/images/nortonseal.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| signIn

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak1s.abmr.net
naphotography.co.za
online.citi.com
online.citibank.com
sec-citi.bridgetrack.com
104.109.65.248
104.111.235.119
196.25.211.127
2.16.123.117
087f1162917d4e7e37ba1b30bed04dde0a358309932ca4519c26b57f14c9afbb
44b3ecb9ceeb9a3a4b278f24dacee0a27028004cb22edd57a890ea671ba2d9e7
51251ff12b276b9033f70b6fbcd0623f7f67e964a5ea370dd1d65a2dce82a365
5529dc48664e9bf8d2cd8abbcff523eae17440bdcee950a34925bfcc5ceb65b6
5afcdfea737deff383e30811d357bf0a93c818b0495cb0e3194b5b87bfda0cb4
627479d52cffabd6804db919203d6917e4b4589f69d5ba20105d944cf8773c85
63db960cff2adb16c9e8b460d6b0c359e0d304ec94009e5b250bc2d00179d97e
74fa5e6ba7f191dc66a0144588974664da9e45733b48b3181494ce5c9b0089a3
b47060147f820f4721134724e1a38cab5fcc6960091389f6b4587769c4d2c313
c4e15b8a2632924767d35c75b0569d791266275d1d118d12ade0eadd3c3e04d3
d3d0d1cacd6a06a79de03d0697bb8c1f253a72f1d5bd4d87b998e86d8a4323f8
e77d37ad2371f1b1c13192c69c795d3b8b2e0a9b463b6e465cfa39aed4933d56
e7e2072bba9c55af8da06e0205da3c83d79f14999215b35ecbe374661bbce0a9
ebfc2c05f2e7ed45312d73e19ac568bb5644196bf592af3a54ac7a8d26d7d012
f1c635c4782fce1eef7290194a81f790b0dc0655c6eafdc43eb1498fd6b10295
fa6ab1707c10bef9b88e40f1393c30ff825b712e9ab7894aa6436f3a6bca15f8
ffb533352662a614319789060b946a791fb986232f9bd17c9f9576cda55f08ab

naphotography.co.za Open in urlscan Pro 196.25.211.127 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

3 Countries

393 kBTransfer

389 kBSize

0 Cookies

116 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

naphotography.co.za Open in urlscan Pro
196.25.211.127 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

393 kB
Transfer

389 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!