zigmainfratech.com Open in urlscan Pro
116.206.104.141  Malicious Activity! Public Scan

33 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response zigmainfratech.com/citimeme/online/	395 KB 87 KB	2213ms 1743ms	Document text/html	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software nginx/1.17.6 / Resource Hash 80574f4c5d1399c25e16d67e748b972ff70ed58a097f8e0016f648ecbd17a771 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 24 May 2022 08:23:56 GMT Server nginx/1.17.6 Transfer-Encoding chunked Vary Accept-Encoding X-Server-Cache false
GET H/1.1	200 OK	styles.a4a9307b7b034ca614a7.css zigmainfratech.com/citimeme/online/assets/	1 MB 288 KB	283ms 282ms	Stylesheet text/css	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL http://zigmainfratech.com/citimeme/online/assets/styles.a4a9307b7b034ca614a7.css Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 547012f25b735aec336f17b2dad949550709726ab8371a9bef194bef2b854106 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:57 GMT Content-Encoding gzip Last-Modified Fri, 04 Mar 2022 12:24:22 GMT Server Apache Vary Accept-Encoding Upgrade h2,h2c Transfer-Encoding chunked Connection Upgrade Accept-Ranges bytes Content-Type text/css
GET H/1.1	200 OK	citilogoredesign.png zigmainfratech.com/citimeme/online/assets/	2 KB 2 KB	533ms 274ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/citilogoredesign.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:57 GMT Last-Modified Fri, 04 Mar 2022 11:56:16 GMT Server Apache Accept-Ranges bytes Content-Length 1799 Content-Type image/png
GET H/1.1	200 OK	050-location@2x.svg zigmainfratech.com/citimeme/online/assets/	2 KB 2 KB	548ms 276ms	Image image/svg+xml	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/050-location@2x.svg Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:57 GMT Last-Modified Fri, 04 Mar 2022 11:56:16 GMT Server Apache Upgrade h2,h2c Connection Upgrade Accept-Ranges bytes Content-Type image/svg+xml Content-Length 1752
GET H/1.1	200 OK	phone.png zigmainfratech.com/citimeme/online/assets/	10 KB 10 KB	544ms 276ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/phone.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:57 GMT Last-Modified Fri, 04 Mar 2022 11:56:16 GMT Server Apache Upgrade h2,h2c Connection Upgrade Accept-Ranges bytes Content-Type image/png Content-Length 9873
GET H/1.1	200 OK	qrsignon.png zigmainfratech.com/citimeme/online/assets/	741 B 965 B	554ms 285ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/qrsignon.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:16 GMT Server Apache Upgrade h2,h2c Connection Upgrade Accept-Ranges bytes Content-Type image/png Content-Length 741
GET H/1.1	200 OK	laptop-and-phone-pairing.png zigmainfratech.com/citimeme/online/assets/	3 KB 3 KB	802ms 275ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/laptop-and-phone-pairing.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:18 GMT Server Apache Accept-Ranges bytes Content-Length 3044 Content-Type image/png
GET H/1.1	200 OK	laptop-and-phone-success.png zigmainfratech.com/citimeme/online/assets/	2 KB 3 KB	275ms 275ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/laptop-and-phone-success.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:18 GMT Server Apache Accept-Ranges bytes Content-Length 2544 Content-Type image/png
GET H/1.1	200 OK	EqualHousing.png zigmainfratech.com/citimeme/online/assets/	2 KB 2 KB	284ms 283ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/EqualHousing.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:18 GMT Server Apache Accept-Ranges bytes Content-Length 1606 Content-Type image/png
GET H/1.1	200 OK	googlePlay@3x.png zigmainfratech.com/citimeme/online/assets/	24 KB 25 KB	268ms 268ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/googlePlay@3x.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:18 GMT Server Apache Accept-Ranges bytes Content-Length 25077 Content-Type image/png
GET H/1.1	200 OK	appStore@3x.png zigmainfratech.com/citimeme/online/assets/	20 KB 20 KB	272ms 272ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/appStore@3x.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:18 GMT Server Apache Accept-Ranges bytes Content-Length 20047 Content-Type image/png
GET H/1.1	200 OK	social-media_facebook@3x.png zigmainfratech.com/citimeme/online/assets/	445 B 631 B	276ms 276ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/social-media_facebook@3x.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:18 GMT Server Apache Accept-Ranges bytes Content-Length 445 Content-Type image/png
GET H/1.1	200 OK	social-media_twitter@3x.png zigmainfratech.com/citimeme/online/assets/	1 KB 1 KB	275ms 275ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/social-media_twitter@3x.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:20 GMT Server Apache Accept-Ranges bytes Content-Length 1277 Content-Type image/png
GET H/1.1	200 OK	social-media_youtube@3x.png zigmainfratech.com/citimeme/online/assets/	1 KB 1 KB	497ms 271ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/social-media_youtube@3x.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:20 GMT Server Apache Accept-Ranges bytes Content-Length 1175 Content-Type image/png
GET H/1.1	200 OK	0 zigmainfratech.com/citimeme/online/assets/	0 188 B	290ms 290ms	Image text/plain	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/0 Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:42 GMT Server nginx/1.17.6 Accept-Ranges bytes Content-Length 0 X-Server-Cache false
GET H/1.1	200 OK	0(1) zigmainfratech.com/citimeme/online/assets/	0 188 B	443ms 442ms	Image text/plain	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/0(1) Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:42 GMT Server nginx/1.17.6 Accept-Ranges bytes Content-Length 0 X-Server-Cache false
GET H/1.1	200 OK	0(2) zigmainfratech.com/citimeme/online/assets/	0 188 B	428ms 428ms	Image text/plain	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/0(2) Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:42 GMT Server nginx/1.17.6 Accept-Ranges bytes Content-Length 0 X-Server-Cache false
GET H/1.1	200 OK	0(3) zigmainfratech.com/citimeme/online/assets/	0 188 B	288ms 288ms	Image text/plain	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/0(3) Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:44 GMT Server nginx/1.17.6 Accept-Ranges bytes Content-Length 0 X-Server-Cache false
GET H/1.1	200 OK	1592741950571_CTA_Feedback(final).png zigmainfratech.com/citimeme/online/assets/	2 KB 2 KB	518ms 281ms	Image image/png	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL http://zigmainfratech.com/citimeme/online/assets/1592741950571_CTA_Feedback(final).png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 11:56:44 GMT Server Apache Accept-Ranges bytes Content-Length 2196 Content-Type image/png
GET H/1.1	200 OK	jquery.js Show response zigmainfratech.com/citimeme/online/assets/	92 KB 35 KB	280ms 274ms	Script application/javascript	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL http://zigmainfratech.com/citimeme/online/assets/jquery.js Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 42c0b3eef2e0ad3e2cbe13a1ccaf105bcb12373a533b4b340f8cd2b3a373666d Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:57 GMT Content-Encoding gzip Last-Modified Fri, 04 Mar 2022 08:19:08 GMT Server Apache Vary Accept-Encoding Upgrade h2,h2c Transfer-Encoding chunked Connection Upgrade Accept-Ranges bytes Content-Type application/javascript
GET H/1.1	200 OK	mask.js Show response zigmainfratech.com/citimeme/online/assets/	146 KB 44 KB	278ms 277ms	Script application/javascript	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL http://zigmainfratech.com/citimeme/online/assets/mask.js Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash 3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/citimeme/online/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Content-Encoding gzip Last-Modified Sat, 05 Jun 2021 04:38:46 GMT Server Apache Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Accept-Ranges bytes
GET H2	200	LSO_4959.jpg online.citi.com/nga-lite-signon/	0 0	138ms 37ms	Image text/html	104.92.75.138 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://online.citi.com/nga-lite-signon/LSO_4959.jpg Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.92.75.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-75-138.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers
GET H/1.1	403 Forbidden	qrsignon-1.png www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/	0 0	329ms 229ms	Image text/html	96.16.129.152 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-129-152.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://zigmainfratech.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers
GET H/1.1	200 OK	Interstate-Light.woff zigmainfratech.com/citimeme/online/assets/	74 KB 74 KB	291ms 282ms	Font font/woff	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL http://zigmainfratech.com/citimeme/online/assets/Interstate-Light.woff Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/assets/styles.a4a9307b7b034ca614a7.css Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296 Request headers Referer http://zigmainfratech.com/citimeme/online/assets/styles.a4a9307b7b034ca614a7.css Origin http://zigmainfratech.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 12:19:04 GMT Server Apache Accept-Ranges bytes Content-Length 75538 Content-Type font/woff
GET H/1.1	200 OK	Interstate-Bold.woff zigmainfratech.com/citimeme/online/assets/	70 KB 70 KB	492ms 267ms	Font font/woff	116.206.104.141 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL http://zigmainfratech.com/citimeme/online/assets/Interstate-Bold.woff Requested by Host: zigmainfratech.com URL: http://zigmainfratech.com/citimeme/online/assets/styles.a4a9307b7b034ca614a7.css Protocol HTTP/1.1 Server 116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-35.webhostbox.net Software Apache / Resource Hash e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7 Request headers Referer http://zigmainfratech.com/citimeme/online/assets/styles.a4a9307b7b034ca614a7.css Origin http://zigmainfratech.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 08:23:58 GMT Last-Modified Fri, 04 Mar 2022 12:19:12 GMT Server Apache Accept-Ranges bytes Content-Length 71874 Content-Type font/woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| $ function| jQuery function| IMask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.citi.com
www.citi.com
zigmainfratech.com
104.92.75.138
116.206.104.141
96.16.129.152
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237
42c0b3eef2e0ad3e2cbe13a1ccaf105bcb12373a533b4b340f8cd2b3a373666d
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
547012f25b735aec336f17b2dad949550709726ab8371a9bef194bef2b854106
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
80574f4c5d1399c25e16d67e748b972ff70ed58a097f8e0016f648ecbd17a771
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296