cityosity.com Open in urlscan Pro
72.52.149.230 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cityosity.com/rnco/nsra.html
Submission: On May 29 via automatic, source phishtank (May 29th 2020, 4:29:53 am UTC)

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 72.52.149.230, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is cityosity.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 4th 2020. Valid for: 3 months.

This is the only time cityosity.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ABSA (Banking)

Domain & IP information

	IP Address		AS Autonomous System
16	72.52.149.230 72.52.149.230		32244 (LIQUIDWEB) (LIQUIDWEB)
16	1

16 72.52.149.230 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.trafficality.com

cityosity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cityosity.com cityosity.com	307 KB
16	1

	Domain	Requested by
16	cityosity.com	cityosity.com
16	1

This site contains links to these domains. Also see Links.

Domain
www.absa.co.za

Subject Issuer	Validity	Valid
cityosity.com Let's Encrypt Authority X3	`2020-05-04` - `2020-08-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cityosity.com/rnco/nsra.html
Frame ID: B44D6C913F345E76CA5D686C8EA5A67A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

307 kB
Transfer

304 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.absa.co.za/
Title: Absa home page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request nsra.html Show response cityosity.com/rnco/	20 KB 20 KB	5268ms 120ms	Document text/html	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `26b23caa9b6647e334b3178c3b232e53867a11a25806560da41ef44271e12d98` Request headers :method GET :authority cityosity.com :scheme https :path /rnco/nsra.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Fri, 29 May 2020 04:29:20 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 last-modified Thu, 07 May 2020 19:35:40 GMT etag "2d69e-4fbf-5a513fc55db00" accept-ranges bytes content-length 20415 content-type text/html
GET H2	200	absa.css cityosity.com/rnco/provea/	153 KB 155 KB	125ms 123ms	Stylesheet text/css	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://cityosity.com/rnco/provea/absa.css Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `a0bea01376317891721ab98aefda0c14b331fffaed604afff00ea803f0d8e69d` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Thu, 30 Apr 2020 03:31:08 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2d6d5-2658f-5a479b2019700" content-type text/css status 200 accept-ranges bytes content-length 157071
GET H2	200	login.css cityosity.com/rnco/provea/	4 KB 4 KB	125ms 123ms	Stylesheet text/css	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://cityosity.com/rnco/provea/login.css Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `062db08a8434447c9e87a62c6e7c07c96186ad481aeae1c62171044d2111dd4f` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:17:52 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2da0a-fe8-5a46c19555800" content-type text/css status 200 accept-ranges bytes content-length 4072
GET H2	200	jcaptcha.css cityosity.com/rnco/provea/	1 KB 2 KB	125ms 123ms	Stylesheet text/css	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://cityosity.com/rnco/provea/jcaptcha.css Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `cfc8d1cac57c28080424e0352c91061277f42b819ac9280ec163095e9ed5d61b` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:17:52 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2d9fc-5c7-5a46c19555800" content-type text/css status 200 accept-ranges bytes content-length 1479
GET H2	200	ajax-loader-2.gif cityosity.com/rnco/provea/	3 KB 3 KB	125ms 123ms	Image image/gif	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/ajax-loader-2.gif Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `b6b693de4c17c014dad29abe5294359606104283674d45ee8348e9dc731ff540` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:06:40 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2d6d7-c88-5a46bf1477000" content-type image/gif status 200 accept-ranges bytes content-length 3208
GET H2	200	logo-red.png cityosity.com/rnco/provea/	2 KB 2 KB	125ms 123ms	Image image/png	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/logo-red.png Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `86c3ec119fc6352ca80ccc5b6e2e8fa76c924adecaf33de65da1b892e7b1aa3e` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:06:42 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2da0b-81f-5a46bf165f480" content-type image/png status 200 accept-ranges bytes content-length 2079
GET H2	200	keypad.jpg cityosity.com/rnco/provea/	19 KB 19 KB	125ms 124ms	Image image/jpeg	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/keypad.jpg Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `19cb62082ac0a8db712222ca0ba62e4c0f5186cd8bb78ad1320b22d158937aca` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Thu, 30 Apr 2020 03:08:44 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2da07-4bab-5a47961e5c700" content-type image/jpeg status 200 accept-ranges bytes content-length 19371
GET H2	200	locale_en.gif cityosity.com/rnco/provea/	70 B 143 B	331ms 330ms	Image image/gif	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/locale_en.gif Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `3c243a2d63452b7a8392cdf93e637ec423b3241149831b2082283063d1e34413` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:18:12 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2da08-46-5a46c1a868500" content-type image/gif status 200 accept-ranges bytes content-length 70
GET H2	200	campaigne_1_ENG.png cityosity.com/rnco/provea/	45 KB 46 KB	391ms 390ms	Image image/png	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/campaigne_1_ENG.png Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `cb45d428c00e88ea0e73eca797ebb0222173c4bb22a86935a4d94137695a42ef` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:18:40 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2d6db-b5c4-5a46c1c31c400" content-type image/png status 200 accept-ranges bytes content-length 46532
GET H2	200	covid19_en.jpg cityosity.com/rnco/provea/	25 KB 26 KB	391ms 390ms	Image image/jpeg	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/covid19_en.jpg Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `2475e5a8484d34ecc67df87f2098bb33604db075833a5179eb164bd5c64ec03f` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:18:44 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2d6dd-6599-5a46c1c6ecd00" content-type image/jpeg status 200 accept-ranges bytes content-length 26009
GET H2	200	DebiCheck_ATM_Eng.jpg cityosity.com/rnco/provea/	24 KB 25 KB	392ms 391ms	Image image/jpeg	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/DebiCheck_ATM_Eng.jpg Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `6de7e0fbfa97a6f107816f83dc7ff68246c4b27804279d1319e39dbeaeac3863` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Thu, 30 Apr 2020 03:22:32 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2d6de-6175-5a47993400e00" content-type image/jpeg status 200 accept-ranges bytes content-length 24949
GET H2	200	campaigne_3b_post_golive_EN.jpg cityosity.com/rnco/provea/	0 71 B	390ms 389ms	Image image/jpeg	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/campaigne_3b_post_golive_EN.jpg Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 29 May 2020 04:29:20 GMT last-modified Wed, 29 Apr 2020 11:18:50 GMT server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 etag "2d6dc-0-5a46c1cca5a80" content-type image/jpeg status 200 accept-ranges bytes content-length 0
GET H2	404	icon-questionmark-grey_2019.png cityosity.com/rnco/static/style/resources/	1 KB 1 KB	390ms 389ms	Image text/html	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/static/style/resources/icon-questionmark-grey_2019.png Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94` Request headers Referer https://cityosity.com/rnco/nsra.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Fri, 29 May 2020 04:29:20 GMT cache-control no-cache, private server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 content-type text/html; charset=UTF-8
GET H2	404	sprite-corners-rounded.png cityosity.com/rnco/provea/resources/	1 KB 1 KB	286ms 286ms	Image text/html	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/resources/sprite-corners-rounded.png Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94` Request headers Referer https://cityosity.com/rnco/provea/absa.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Fri, 29 May 2020 04:29:21 GMT cache-control no-cache, private server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 content-type text/html; charset=UTF-8
GET H2	404	keypad-bg.gif cityosity.com/rnco/provea/www.absa.co.za.2009.ui/keypad/	1 KB 1 KB	308ms 308ms	Image text/html	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/www.absa.co.za.2009.ui/keypad/keypad-bg.gif Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94` Request headers Referer https://cityosity.com/rnco/provea/absa.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Fri, 29 May 2020 04:29:21 GMT cache-control no-cache, private server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 content-type text/html; charset=UTF-8
GET H2	404	sprite-icons-bar-status_2019.png cityosity.com/rnco/provea/resources/	1 KB 1 KB	270ms 270ms	Image text/html	72.52.149.230 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cityosity.com/rnco/provea/resources/sprite-icons-bar-status_2019.png Requested by Host: cityosity.com URL: https://cityosity.com/rnco/nsra.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 72.52.149.230 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host.trafficality.com Software Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 / Resource Hash `2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94` Request headers Referer https://cityosity.com/rnco/provea/login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Fri, 29 May 2020 04:29:21 GMT cache-control no-cache, private server Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 content-type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABSA (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cityosity.com
72.52.149.230
062db08a8434447c9e87a62c6e7c07c96186ad481aeae1c62171044d2111dd4f
19cb62082ac0a8db712222ca0ba62e4c0f5186cd8bb78ad1320b22d158937aca
2475e5a8484d34ecc67df87f2098bb33604db075833a5179eb164bd5c64ec03f
26b23caa9b6647e334b3178c3b232e53867a11a25806560da41ef44271e12d98
2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94
3c243a2d63452b7a8392cdf93e637ec423b3241149831b2082283063d1e34413
6de7e0fbfa97a6f107816f83dc7ff68246c4b27804279d1319e39dbeaeac3863
86c3ec119fc6352ca80ccc5b6e2e8fa76c924adecaf33de65da1b892e7b1aa3e
a0bea01376317891721ab98aefda0c14b331fffaed604afff00ea803f0d8e69d
b6b693de4c17c014dad29abe5294359606104283674d45ee8348e9dc731ff540
cb45d428c00e88ea0e73eca797ebb0222173c4bb22a86935a4d94137695a42ef
cfc8d1cac57c28080424e0352c91061277f42b819ac9280ec163095e9ed5d61b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cityosity.com Open in urlscan Pro 72.52.149.230 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

307 kBTransfer

304 kBSize

0 Cookies

1 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

cityosity.com Open in urlscan Pro
72.52.149.230 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

307 kB
Transfer

304 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!