| ctzunlock.com/images/footer-follow-twitter.png | 162.159.140.98 | 200 OK | 3.3 kB |
URL GET HTTP/2ctzunlock.com/images/footer-follow-twitter.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 25 x 21, 8-bit/color RGBA, non-interlaced Hashab8d8dc7ea3d7b572b2dc47f2aebe5ae 900c9f837d9a015e6609b14eed6d99c384ec5441 9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/footer-follow-twitter.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 3295
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"cdf-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd02fc256c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/footer-follow-facebook.png | 162.159.140.98 | 200 OK | 395 B |
URL GET HTTP/2ctzunlock.com/images/footer-follow-facebook.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 28 x 21, 8-bit/color RGB, non-interlaced Hash25dbaaa7fa1bf41ca6614f1d2cf699f5 56a9e2459a275ef7178ff8c90c2b277265f64fb0 eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/footer-follow-facebook.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 395
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"18b-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd02fc156c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/footer-follow-linkedin.png | 162.159.140.98 | 200 OK | 3.2 kB |
URL GET HTTP/2ctzunlock.com/images/footer-follow-linkedin.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 25 x 21, 8-bit/color RGBA, non-interlaced Hashb187d1cd61b1912b22ebfb4efce30bad b502a6ed3e50ffe6da8d8d5114fd404650d38ea7 fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/footer-follow-linkedin.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 3239
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"ca7-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd02fc356c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/elh.gif | 162.159.140.98 | 200 OK | 1.4 kB |
URL GET HTTP/2ctzunlock.com/images/elh.gif IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeGIF image data, version 89a, 31 x 24 Hashf79e78d673f51194d9b9021cbc72b5b3 79a917fad527cef8d96af24d142653f2f49109b3 56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/elh.gif HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/gif
content-length: 1433
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"599-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd02fc956c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/CTZ_Green-01.png | 162.159.140.98 | 200 OK | 5.3 kB |
URL GET HTTP/2ctzunlock.com/images/CTZ_Green-01.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 406 x 50, 8-bit/color RGBA, non-interlaced Hashbeb4d1c9f430bb08a4ed54df069e8f0c 39950ddd690d1cbe2d08610da5c11c854450523f bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/CTZ_Green-01.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 5277
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"149d-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd01fbe56c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/footer-follow-youtube.png | 162.159.140.98 | 200 OK | 3.3 kB |
URL GET HTTP/2ctzunlock.com/images/footer-follow-youtube.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 25 x 21, 8-bit/color RGBA, non-interlaced Hash09c8c4f0f417a049b8ab6acdd2581717 2c9dbf84a80167a9c7b41e5955969dd4d1d75c6f 9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/footer-follow-youtube.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 3278
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"cce-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd02fc756c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/feedback.png | 162.159.140.98 | 200 OK | 824 B |
URL GET HTTP/2ctzunlock.com/images/feedback.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash561da56e59bf569d0f41d6bb9713ce2f 20bee990614a20ae69d2cd21fc9f0688f9fc02e1 713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/feedback.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 824
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"338-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd01fbf56c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/fdicFooter.gif | 162.159.140.98 | 200 OK | 2.2 kB |
URL GET HTTP/2ctzunlock.com/images/fdicFooter.gif IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeGIF image data, version 89a, 56 x 24 Hasha0742f4f717eac3a1e61f53cbbec74f2 f85639ee91bccd2bddaf043b80c892ae6b700d49 dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/fdicFooter.gif HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/gif
content-length: 2245
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"8c5-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd02fcc56c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/equal-housing.gif | 162.159.140.98 | 200 OK | 1.1 kB |
URL GET HTTP/2ctzunlock.com/images/equal-housing.gif IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeGIF image data, version 89a, 14 x 9 Hash39fc59327cb01ffbd5ab0ece1b08fba4 6cc1099707564164c3de6f94714808cdb1c415a7 319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/equal-housing.gif HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/gif
content-length: 1134
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"46e-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd02fc056c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/1OCTy1zHpdX06BECEGlV7/_ssgManifest.js | 162.159.140.98 | 200 OK | 415 B |
URL GET HTTP/2ctzunlock.com/_next/static/1OCTy1zHpdX06BECEGlV7/_ssgManifest.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeASCII text, with no line terminators Hash5352cb582146311d1540f6075d1f265e cbe5dad683f4f887122db6f6d343aa8ba41dee8b e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/1OCTy1zHpdX06BECEGlV7/_ssgManifest.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"4c-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fbd56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/arrow-down-blue.png | 162.159.140.98 | 200 OK | 1.1 kB |
URL GET HTTP/2ctzunlock.com/images/arrow-down-blue.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 28 x 11, 8-bit/color RGBA, non-interlaced Hashdc25c0429ceba4038c36551d05760dd7 a79832f9ae49997cd90701d48a02bd06bf29a7d0 56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/arrow-down-blue.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 1054
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"41e-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd0d81956c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/pages/login-1e82d89343fa1668.js | 162.159.140.98 | 200 OK | 5.1 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/pages/login-1e82d89343fa1668.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (12812), with no line terminators Hasha7ee2c3a9863ef2c4909e2d69761f489 638899116e7d921e89c782d3d8e02b42acabccf4 92a92e5d1ec7ac39b54df9554efc19fc776c141285aef4aaf25ffbaf79b3c29d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/login-1e82d89343fa1668.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"3234-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fb956c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/90-5000044baabcdd96.js | 162.159.140.98 | 200 OK | 76 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/90-5000044baabcdd96.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65490), with no line terminators Hash32a336b568db2b615636c0b8c9caca10 ccb73a2367cf212a7cb1ab8e21118a2b2401e365 6a4086b4d1975e9b6b910f01be321633d7cd01a5e79fa6464c28823ad92579cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/90-5000044baabcdd96.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"621bb-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fb756c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_roman.ttf | 162.159.140.98 | 404 Not Found | 4.7 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_roman.ttf IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (1466) Hashf9018bb644cd47054d0eeb6e0340e73d 9067c85c63397d60efd804fedf33d0c7bfd980f7 a9ab70f0c6e9132aae6ca02b7d4a95286fda2c1efd8d5b3fb13b306f8d3294ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_roman.ttf HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd1a88256c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/fonts/citizen_roman.woff | 162.159.140.98 | 200 OK | 32 kB |
URL GET HTTP/2ctzunlock.com/fonts/citizen_roman.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeWeb Open Font Format, TrueType, length 31968, version 1.0 Hashd496c6122c776cae7c2a783bfcd7a3a1 fbdbec90d23bd77f471be50a3c6711e535ac72bc c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /fonts/citizen_roman.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: font/woff
content-length: 31968
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"7ce0-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd278e756c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_bold.ttf | 162.159.140.98 | 404 Not Found | 33 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_bold.ttf IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (1466) Hashf9018bb644cd47054d0eeb6e0340e73d 9067c85c63397d60efd804fedf33d0c7bfd980f7 a9ab70f0c6e9132aae6ca02b7d4a95286fda2c1efd8d5b3fb13b306f8d3294ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_bold.ttf HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd1a88656c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/fonts/citiolb_icons.woff | 162.159.140.98 | 200 OK | 18 kB |
URL GET HTTP/2ctzunlock.com/fonts/citiolb_icons.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeWeb Open Font Format, TrueType, length 18524, version 0.0 Hash022cb73ac43269074f73e97b9cca4f2d 85f96bbe6d675a4892fbb483cde78c6eb9419d78 b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /fonts/citiolb_icons.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: font/woff
content-length: 18524
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"485c-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd288f456c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_extrabold.ttf | 162.159.140.98 | 404 Not Found | 29 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_extrabold.ttf IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (1466) Hashf9018bb644cd47054d0eeb6e0340e73d 9067c85c63397d60efd804fedf33d0c7bfd980f7 a9ab70f0c6e9132aae6ca02b7d4a95286fda2c1efd8d5b3fb13b306f8d3294ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_extrabold.ttf HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd1a88356c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/fonts/citizen_bold.woff | 162.159.140.98 | 200 OK | 29 kB |
URL GET HTTP/2ctzunlock.com/fonts/citizen_bold.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeWeb Open Font Format, TrueType, length 29304, version 1.0 Hashc0f795cba89d0c65078577b8b1b7c62a 6fd231b6616aad9abdfc37562541da3db904e6ac 5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /fonts/citizen_bold.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: font/woff
content-length: 29304
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"7278-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd288f956c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/favicon.png | 162.159.140.98 | 200 OK | 11 kB |
URL GET HTTP/2ctzunlock.com/favicon.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashf62b2664dd6a40ab3a9f7af34412f8b7 02438189257c795c3726e4f45b1ce3bb921255d5 707a3217546ca6852234cb3fa3b61f458581ca943b6195032ba9efe7e1e0ee5f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /favicon.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: image/png
content-length: 10871
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"2a77-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd3697756c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_book.woff | 162.159.140.98 | 404 Not Found | 3.1 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_book.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
Hash0d6dba4509d26c6ee77c68a7e923c107 200fd93dfae2a528ed24bf2ed4b8055ed12afc7b 21da030f3fc89a66122ff132f1d57c7bab8825048276978cfa7b7be25837b77d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_book.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd0d81d56c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/237-d83b95ec01fca10d.js | 162.159.140.98 | 200 OK | 16 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/237-d83b95ec01fca10d.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, ASCII text, with very long lines (24535) Hash1a8f6842ee616061966e572da1292de7 2543ba6b558add4c40537eabfd0fb3a873cb7638 1fe2ee7ad8adc143238b46680910506a433e98e7f3817f1f15e702fac365ac54
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/237-d83b95ec01fca10d.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"b444-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fb556c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/efs/efs/grafx/arrow-right-orange.png | 162.159.140.98 | 404 Not Found | 8.9 kB |
URL GET HTTP/2ctzunlock.com/efs/efs/grafx/arrow-right-orange.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (1466) Hashf9018bb644cd47054d0eeb6e0340e73d 9067c85c63397d60efd804fedf33d0c7bfd980f7 a9ab70f0c6e9132aae6ca02b7d4a95286fda2c1efd8d5b3fb13b306f8d3294ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /efs/efs/grafx/arrow-right-orange.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd0d81a56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_roman.woff | 162.159.140.98 | 404 Not Found | 10 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_roman.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
Hashda7cd7207777f0e188f03732a56e774b 487645cd7a72d621067a55c55305f673a28e4af6 9618f37c426b86b21f04248af259a0c4b3442da678cfa36a58c926c51ef638e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_roman.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd0d81c56c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_extrabold.woff | 162.159.140.98 | 404 Not Found | 14 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_extrabold.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
Hash4e63ac7d81161eda59db3fa2edb51837 899af2e9b81a0f7d3a5445e80093e52c9b1828f7 f840f11066d3745c8275003537d348fa4fbb9d182c9b68183fd2042eda7184e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_extrabold.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd0e82256c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/css/40454bbab671217b.css | 162.159.140.98 | 200 OK | 7.1 kB |
URL GET HTTP/2ctzunlock.com/_next/static/css/40454bbab671217b.css IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeASCII text, with very long lines (7155), with no line terminators Hasha6bdf237698d53a799e4a559512f0f2a 0659cd49d2b32eca7b14e9d7bcc8bd00a539b4a2 99edcf6b58aedb2adcecbc3ae649bbc8ecd265d9ccfdb7805bd5b68d05adaace
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/40454bbab671217b.css HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1ba7-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01faa56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/webpack-bb469f829a664d48.js | 162.159.140.98 | 200 OK | 2.2 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/webpack-bb469f829a664d48.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, ASCII text, with very long lines (2215), with no line terminators Hash8d44158c9de8b1d01bd08ad2a37082b4 7d9b2ee701fee322917a02a1c05bddd879374b82 4fde5771041940a50d17303625e402069d0a0fc2d7ad2838d9fc680ea75ccf5b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-bb469f829a664d48.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"891-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fad56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/pages/_app-b51eec3fb892f995.js | 162.159.140.98 | 200 OK | 1.6 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/pages/_app-b51eec3fb892f995.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, ASCII text, with very long lines (1632), with no line terminators Hash62c87367c0047dd57d725d9adf9d881c 694b4379f1a74bb4104e931d0050bccee77d3556 a3dedebd1bcf3a60212222df53aa595f2fdcc3a904b3c058d3b040b715cfa8f4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-b51eec3fb892f995.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"64a-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fb456c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/1OCTy1zHpdX06BECEGlV7/_buildManifest.js | 162.159.140.98 | 200 OK | 2.4 kB |
URL GET HTTP/2ctzunlock.com/_next/static/1OCTy1zHpdX06BECEGlV7/_buildManifest.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeASCII text, with very long lines (2512), with no line terminators Hash301057781ec4716aa77c068b2f499a10 cc568f5bfc263cf63c10be081873ee23671f9cd5 ab96b9cac76ef2a31f3972c8c8b40e0c6905767e01b90a907d9741ba66a4e261
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/1OCTy1zHpdX06BECEGlV7/_buildManifest.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"956-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fbc56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/icon-secure.png | 162.159.140.98 | 200 OK | 292 B |
URL GET HTTP/2ctzunlock.com/images/icon-secure.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced Hash18ffa7c3d8f40b5da7df780d91930e20 524ca8ffaadbd033fd0504fe580d47315690afa1 c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/icon-secure.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 292
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"124-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd0d81656c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/fonts/citizen_extrabold.woff | 162.159.140.98 | 200 OK | 28 kB |
URL GET HTTP/2ctzunlock.com/fonts/citizen_extrabold.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeWeb Open Font Format, TrueType, length 27852, version 1.0 Hash76f4964f6d001aa6967fb570438d80cc 5259516d0615338a701e5a19a37d6bc45c6bcedc 0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /fonts/citizen_extrabold.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: font/woff
content-length: 27852
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"6ccc-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd288f256c0-OSL
X-Firefox-Spdy: h2
|
|
| | 162.159.140.98 | 200 OK | 389 kB |
URL User Request GET HTTP/2IP162.159.140.98:443
CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
Size389 kB (388774 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | RBS Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
set-cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA; path=/; expires=Sat, 20-Apr-24 05:48:40 GMT; domain=.ctzunlock.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8772accd5e1056c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/framework-9b5d6ec4444c80fa.js | 162.159.140.98 | 200 OK | 142 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/framework-9b5d6ec4444c80fa.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, ASCII text, with very long lines (65154) Size142 kB (141509 bytes) Hash4f45f9a036208ef5b00302eaa0de99d4 6271883ba52614a6412d4146f7b905cd75807c55 1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-9b5d6ec4444c80fa.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"228c5-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fb256c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citiolb_icons.woff | 162.159.140.98 | 404 Not Found | 2.6 kB |
URL GET HTTP/2ctzunlock.com/font/citiolb_icons.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (2692), with no line terminators Hash46ed0bab0b9b5f4f9d3b8031fb39b096 fcefa41efa2031ab2554d01f850ab6597a57084e fb176665076aa48dde01d9aaca6e336ee514410b19842a88917d9bc0ca98a49d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citiolb_icons.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd0e82856c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_bold.woff | 162.159.140.98 | 404 Not Found | 2.6 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_bold.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (2692), with no line terminators Hash46ed0bab0b9b5f4f9d3b8031fb39b096 fcefa41efa2031ab2554d01f850ab6597a57084e fb176665076aa48dde01d9aaca6e336ee514410b19842a88917d9bc0ca98a49d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_bold.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd0f82d56c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/arrow-button-white.png | 162.159.140.98 | 200 OK | 1.0 kB |
URL GET HTTP/2ctzunlock.com/images/arrow-button-white.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 18 x 12, 8-bit/color RGBA, non-interlaced Hashe7b1dd2b4db648b74fc5b873e7196a87 2f053c0827091b3929ea889dd2dc5c923dcb450a ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/arrow-button-white.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 1017
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"3f9-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd0d81856c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citiolb_icons.ttf | 162.159.140.98 | 404 Not Found | 2.6 kB |
URL GET HTTP/2ctzunlock.com/font/citiolb_icons.ttf IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (2692), with no line terminators Hash46ed0bab0b9b5f4f9d3b8031fb39b096 fcefa41efa2031ab2554d01f850ab6597a57084e fb176665076aa48dde01d9aaca6e336ee514410b19842a88917d9bc0ca98a49d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citiolb_icons.ttf HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd1b88e56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/main-3123a443c688934f.js | 162.159.140.98 | 200 OK | 105 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/main-3123a443c688934f.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size105 kB (104950 bytes) Hash5c8fa4faef8700c12dd2c8fe8b29ee96 6882f5b250869c46d913875d48ae03c2b9be449d 0eed4542b90a01be928023ec3dc7abed45c63ffc8067a496863ecef579d4af9f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-3123a443c688934f.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"199f6-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fb356c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/_next/static/chunks/170-eb8e8532566fbaf1.js | 162.159.140.98 | 200 OK | 19 kB |
URL GET HTTP/2ctzunlock.com/_next/static/chunks/170-eb8e8532566fbaf1.js IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeJavaScript source, ASCII text, with very long lines (19133), with no line terminators Hasha9ee7221834165db19e90fcca0f715f9 110468c4004bc8f0067689e83b090afcef044fc3 0cd7c773bc65874492c5dc26d281e1498a33672f8ed1eb38e3dc5c7ac6b4e727
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/170-eb8e8532566fbaf1.js HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"4abd-49773873e8"
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: HIT
age: 56
server: cloudflare
cf-ray: 8772acd01fb656c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/images/flows-tooltip.png | 162.159.140.98 | 200 OK | 364 B |
URL GET HTTP/2ctzunlock.com/images/flows-tooltip.png IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typePNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced Hash35a7359b239ddca8639017dfc4b71b4a dfdd659f24502fbe7dd79c9564e1e528233fdcad dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /images/flows-tooltip.png HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:40 GMT
content-type: image/png
content-length: 364
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"16c-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd0d81756c0-OSL
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/font/citizen_book.ttf | 162.159.140.98 | 404 Not Found | 2.6 kB |
URL GET HTTP/2ctzunlock.com/font/citizen_book.ttf IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeHTML document, ASCII text, with very long lines (2692), with no line terminators Hash46ed0bab0b9b5f4f9d3b8031fb39b096 fcefa41efa2031ab2554d01f850ab6597a57084e fb176665076aa48dde01d9aaca6e336ee514410b19842a88917d9bc0ca98a49d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/citizen_book.ttf HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 8772acd1a88456c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ctzunlock.com/fonts/citizen_book.woff | 162.159.140.98 | 200 OK | 32 kB |
URL GET HTTP/2ctzunlock.com/fonts/citizen_book.woff IP162.159.140.98:443
Requested byhttps://ctzunlock.com/login CertificateIssuerGoogle Trust Services LLC Subjectctzunlock.com Fingerprint70:A1:A2:7B:7C:58:91:9F:48:F2:59:51:75:14:05:69:19:AA:8E:81 ValidityMon, 15 Apr 2024 16:22:35 GMT - Sun, 14 Jul 2024 16:22:34 GMT
File typeWeb Open Font Format, TrueType, length 31864, version 1.0 Hash0dd22599312493e4bb7b8662f71dddcc 29f5fd587566f80d886dc0109f53ecf47eb5bbf5 2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Citizens Bank | Quad9 DNS | malicious | Sinkholed |
GET /fonts/citizen_book.woff HTTP/1.1
Host: ctzunlock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ctzunlock.com/login
Cookie: __cf_bm=nZL1ycOvgMTrQPwWYGYmhW44T2YkbPr4SmjrEZr7wLg-1713590320-1.0.1.1-.nd4fD6i2wopTtwSa28Vf7ewzeHQqowzQbqZvpVTkz0A9sSXC5Rbx1U3A1Lf.s.ocO2BkYi1rjawYISZmm3izA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 05:18:41 GMT
content-type: font/woff
content-length: 31864
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"7c78-49773873e8"
x-do-app-origin: df5436f7-3c40-4570-8908-16c8c9ca9976
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772acd288f056c0-OSL
X-Firefox-Spdy: h2
|
|