| www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff |  104.110.24.232 | 200 OK | 79 kB |
URL GET HTTP/2www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff IP104.110.24.232:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerDigiCert Inc Subjectwww.citi.com Fingerprint7B:97:41:ED:8C:0E:70:DA:7E:FF:FC:93:66:2A:DF:E0:12:35:0A:00 ValidityTue, 07 Nov 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 78762, version 1.197 Hashb1f3eca7de0c2cb35740f32dd0b83823 dffc474081c23fc151265b637a4468e82004ecc8 045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/
Origin: https://piapiliows.indloguass.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: font/woff
content-length: 78762
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
access-control-max-age: 2147483647
dclocation: GT1DMS
etag: W/"133aa-18edb4cb448"
last-modified: Sun, 14 Apr 2024 06:30:21 GMT
nonce: 6177670342399341
referrer-policy: no-referrer
scope: VISITOR
sid: fdb9af1f-1bdd-456e-8800-b95133ed38c4
uuid: da13d33a-3b3f-4f46-a085-4c84d3616fef
x-content-type-options: nosniff
x-vcap-request-id: 30c63ac6-7f2a-443f-695c-460f78c76be7
x-xss-protection: 1 ; mode=block
x-akamai-citisite: GTDC
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, no-transform, max-age=21600
expires: Wed, 24 Apr 2024 03:44:00 GMT
date: Tue, 23 Apr 2024 21:44:00 GMT
set-cookie: AKMTLTSID=5CFDDDBFC008833D13DC7687AFE48BE1; path=/; domain=citi.com; secure
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
X-Firefox-Spdy: h2
|
|
| www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff | 104.110.24.232 | 200 OK | 76 kB |
URL GET HTTP/2www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff IP104.110.24.232:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerDigiCert Inc Subjectwww.citi.com Fingerprint7B:97:41:ED:8C:0E:70:DA:7E:FF:FC:93:66:2A:DF:E0:12:35:0A:00 ValidityTue, 07 Nov 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 75538, version 1.197 Hash3d1d3153b04b6ce8a33a20f60df9d723 60e91c7766bdc415134c1111a283ffed3749dbae f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/
Origin: https://piapiliows.indloguass.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: font/woff
content-length: 75538
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
access-control-max-age: 2147483647
dclocation: GT1DMS
etag: W/"12712-18edb4cb448"
last-modified: Sun, 14 Apr 2024 06:30:21 GMT
nonce: 8619135711713931
referrer-policy: no-referrer
scope: VISITOR
sid: 090bcdb8-416c-4702-b79e-c78b2a871aad
uuid: 71f75d73-325c-47a0-a17f-d732b2415714
x-content-type-options: nosniff
x-vcap-request-id: 987ff145-7d6e-4040-53fb-524e235e6a8c
x-xss-protection: 1 ; mode=block
x-akamai-citisite: GTDC
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, no-transform, max-age=21600
expires: Wed, 24 Apr 2024 03:44:00 GMT
date: Tue, 23 Apr 2024 21:44:00 GMT
set-cookie: AKMTLTSID=E2B55FF4D5B3A367C96A11A231B93E53; path=/; domain=citi.com; secure
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
X-Firefox-Spdy: h2
|
|
| www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff | 104.110.24.232 | 200 OK | 72 kB |
URL GET HTTP/2www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff IP104.110.24.232:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerDigiCert Inc Subjectwww.citi.com Fingerprint7B:97:41:ED:8C:0E:70:DA:7E:FF:FC:93:66:2A:DF:E0:12:35:0A:00 ValidityTue, 07 Nov 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 71874, version 1.197 Hash9fd45584370dd1c58e1ed9050efb925f 7b41085678166c62e23e8cf3c8c9ab13e13c356d e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/
Origin: https://piapiliows.indloguass.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: font/woff
content-length: 71874
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
access-control-max-age: 2147483647
dclocation: GT1DMS
etag: W/"118c2-18edb4cb448"
last-modified: Sun, 14 Apr 2024 06:30:21 GMT
nonce: 5723817147935276
referrer-policy: no-referrer
scope: VISITOR
sid: 16ccbb89-7744-480b-8592-b95d8aae0308
uuid: 90d8bbcf-8d88-4fcc-8294-d70f84debb70
x-content-type-options: nosniff
x-vcap-request-id: a4a37d39-536d-46bf-55db-224f9de25f4a
x-xss-protection: 1 ; mode=block
x-akamai-citisite: GTDC
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, no-transform, max-age=21600
expires: Wed, 24 Apr 2024 03:44:00 GMT
date: Tue, 23 Apr 2024 21:44:00 GMT
set-cookie: AKMTLTSID=130CC927F139B86590BFEDA16E48B71C; path=/; domain=citi.com; secure
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
X-Firefox-Spdy: h2
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff |  172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (57035) Size263 kB (262947 bytes) Hashe542f21d7c524869a6f73125d38e8b88 fa444f8f3f9046fd73dc338d4bc4d9bf9d69cb95 f74d9b1050ffe7d8fc892e3d35e49ad977cfadbe10dbb5fa8d72bb93d0bb6f0b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
content-length: 262947
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WXCPbKDRna3ficfn0HcQzltvTcnatQbo5MblENPN5YLK4SU3NP0EJJklxVB0DbUWnyJI52aMqGm1xm6vkTH1XfIY44bcG6ilK0bzaMpytl3%2FxrMfpu07cmc9KHOp7vIeI58qkvwhnB%2B6Wjr0rPmV7Q4K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084b5d1756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (57035) Size263 kB (262947 bytes) Hashe542f21d7c524869a6f73125d38e8b88 fa444f8f3f9046fd73dc338d4bc4d9bf9d69cb95 f74d9b1050ffe7d8fc892e3d35e49ad977cfadbe10dbb5fa8d72bb93d0bb6f0b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
content-length: 262947
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xgHuS6%2FLTn2snlONnf%2FZ8if0v4T%2BEv34qj%2F3qKHhBCuCOLbvIrGo4kV9LEdwiDedTjTJIEfDiBL6fk55UnFRbhkrnEzQu2Id4cdz9LHs8YHjNfxplbmOCMt9%2F6Eyflf9WWDzAWlY4NNbI2tO%2Bv2kELk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084b5d1556af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/css/styles.7083615ebe6cea4aa24b.css | 172.66.44.186 | 200 OK | 33 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/css/styles.7083615ebe6cea4aa24b.css IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (57035) Hashe542f21d7c524869a6f73125d38e8b88 fa444f8f3f9046fd73dc338d4bc4d9bf9d69cb95 f74d9b1050ffe7d8fc892e3d35e49ad977cfadbe10dbb5fa8d72bb93d0bb6f0b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/css/styles.7083615ebe6cea4aa24b.css HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l06%2BfWKdBoGmFwGumzOA6JhTsRlT3puvvQlUpmiEVPBIKX4qIKqmZDZefHNcLWa79Ew4mrlCwFRIXKA5QYnJHKkGgaxOLTa9Syqksg1pIAXvoKTnBhHxhxfJdwD6bQqFhucbafb2q1vquTedhWr1tZoS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879108483a2e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/social-media_twitter%403x.png | 172.66.44.186 | 200 OK | 38 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/social-media_twitter%403x.png IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (57035) Hashe542f21d7c524869a6f73125d38e8b88 fa444f8f3f9046fd73dc338d4bc4d9bf9d69cb95 f74d9b1050ffe7d8fc892e3d35e49ad977cfadbe10dbb5fa8d72bb93d0bb6f0b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/social-media_twitter%403x.png HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Js50pIJC%2BtattiKIz5GXiJmweNL7m9BEnYp7JNR9avg1GyAGLBWk7lsmB4xqyIe4ugIbXZk%2FqaoVU3s73EiYEpQJanPGJSqnA2nvYDd8iUV23Wy9flGcstM6Ou0JNNLX8HnPkZjRxx892v%2FhOBhLYF6M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084b5d1156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/assets/signin.css | 172.66.44.186 | 200 OK | 0 B |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/assets/signin.css IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/assets/signin.css HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCl3N%2BBUBLgpsNg%2B%2B%2F9SCBN3nQUbtKhGJcAhpmg1hh5XvjY8ei1e38UnQkXUY0iQqHQc5OdP1JlsfIuZ%2FSG3N60OHxdJkrTXolwuy6WkckueHAZmLmveYyLZRrgw0LQLYNdmVhztGFPKWsMqW1qSDdWw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879108482a2656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/Citi-Branding-Sprite.png | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/Citi-Branding-Sprite.png IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/Citi-Branding-Sprite.png HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FF%2BzqeJXalpw%2FRZMUIQr%2FxZqTxU9Vu386leiJEOZWoK0ZlApq9Ia75u2WTg94avyTIL4R9RR4dquWFyW78A80%2B%2F5m2g4N5dh6hvQTMNSeHoO6tm%2FwZbZwv8hWvSus6NicRYJkoCI9tBSoFSROV2Xwaj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084b4d0c56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/050-location%402x.svg | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/050-location%402x.svg IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/050-location%402x.svg HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekHVbFhx7Wlc5GGHGssS65WMaFPAJsuQAeTtWe45b9li9RYAvJSehrZVZ%2FR9UcFRMVpKsqfEDj6OD%2BNzyLHTGxS2GX3icl6MTIp9DR09mZOhIyqb5JPAxE3Z8K9RCaOsh88YhOiMzYDbN5OOMxkUVfQ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879108483a3f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/Appstore-Googleplay-JDPower-Sprite.png | 172.66.44.186 | 200 OK | 164 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/Appstore-Googleplay-JDPower-Sprite.png IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size164 kB (163840 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/Appstore-Googleplay-JDPower-Sprite.png HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7w0R%2FiFFmybACg6Ac75%2Fl%2Bt99kAJRtEMlP4IxV8zWvGjsRWUkW85nzuE3Za5IMqRZH8FKBgshdoaRDWMLd9LfqnbUl1Sp9S3V4QjFAQY1eQKP8TXTP%2B8gWMdGRFnIsrfjlQdAtwC4X36frJzBYjqPNVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084b4d0d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets | 172.66.44.186 | 200 OK | 263 kB |
URL User Request GET HTTP/2piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets IP172.66.44.186:443
CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/commonui-assets HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:43:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPFSc0VbDfqqsAIvqyGhuRBGk3B4riyzuaziYxjfTmF%2F%2FNbrI%2BTzUGKyg%2BTDJKCVAkkmW1uSZ0glOl0DKDThY6PXlJU0gLkXoml5V68TxyopOs1EIMfuoNlqt2BXDi9twCL4Kyl%2F2%2FWM6a7Z4LPgArMI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87910845dbd2568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/css/stylee.css | 172.66.44.186 | 200 OK | 0 B |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/css/stylee.css IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/css/stylee.css HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hK6da1UTk%2B%2Bws2emd8pxd40LGsqEnH75Sgkf%2BYXYbYPu%2FTFASBVMS6F8sOocbCNlpTtV%2FTba4DvfZSjjHL2r09JEMh4G2MX3MtALm8On5OzNymL31SOy8Von%2Bz%2FtUddT6uSYwXA%2FkZrNglb6Dfhbu6PH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879108482a2856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/css/origination.css | 172.66.44.186 | 200 OK | 0 B |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/css/origination.css IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/css/origination.css HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2irm6JZ%2BK49GCy7gHz64bo052%2FkwUImER9Ts%2F5QnK%2FetE4hVeXyDd9tnLcezAhOkbhkpX32865RWnucJCZj10d5BBhyoM0m13VN2gss2qZBnnfc%2BxbayE7j12Om1C2zLfKGH2jHRHQ2mVdIqiRyxfk%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879108482a2b56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/icon_globe_med-grey%402x.svg | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/icon_globe_med-grey%402x.svg IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/icon_globe_med-grey%402x.svg HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Km%2FyixZgRefhi7BgUZ1cRWTrSHn6z2D6q0R3Mm6HmWCfFq5GbXszegRC9nOkBCeeXYsOnTQ5KMDtd3JayRv%2BVhe6aIFYE6o0ji7T%2FTaT0OvGxbOrHN0zZ%2FCX0wEYXmM8Toc9SldONsjZZGAle4dHhBMd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879108484a4256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/social-media_facebook%403x.png | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/social-media_facebook%403x.png IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/social-media_facebook%403x.png HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Q6ML%2B5tF6HDRJCse9YmYX3FM%2Bl%2FC7bfdYr6L6ZW9k6n9DcXbtXJ8Bz8YlmBmFbebTn4Pioal7iOv%2FuOFeCXnw7CPHVVdo2bVgteSctlUTlqBmSSI%2BqAbFeAo4B3kLlLq7XUtYSAi1YmAc1hL44MKJKQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084b4d1056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/social-media_youtube%403x.png | 172.66.44.186 | 200 OK | 219 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/social-media_youtube%403x.png IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size219 kB (219264 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/social-media_youtube%403x.png HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dt%2BWqEUFkeZvQBXi6wX0O4DBR9VD6c6dZvr2D%2B%2F%2BZRRfxjPWoefqsz2wqwQPF%2F5hFN%2Ff5HkVRcYHRyXHiouBP5Js1%2FyDbKi%2BVD9x%2BC3wp2Z%2BU9aPxcGNU9ymUQQlZumGgHJ%2BV28b%2FAagrKpbzE%2B69lED"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084b5d1356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXZATiSMu7PRcdC7I7TReTHxHP2hhcIlXDb%2BWEI6ftmNrq%2BR86mBOVGaCn9NJ1dtuRIUdsFjBeJ1DXPdX%2FY6VoZ%2BQltTfB%2BkRJxozdOEz2I9Tq4Qc1z0h2%2FGR7TCyphLeuHYr4V0CdhxnUX96SAtPFbX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084bfdb056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/citilogoredesign.png | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/images/citilogoredesign.png IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/images/citilogoredesign.png HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=315tJcwo2%2FmHhy7Pc0cEJjkU757t1JcPlxqGcwPtkjYnZiZR3giFAajtEq%2F%2BUfdsGAEopgx0MIPK8C5b75iQdOqGVj9nsGJpe9owKACW1sP%2BE%2F4chdInpf8TNBr56VkE6NqxYdrlil4a6wrKmdOK88Ca"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879108483a3e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ko2tMWoPL9Gj%2B%2Fg8qu%2FejY3BlNv%2Fuc%2FJEeJUgQw42ETpwngxaUAp1L5VMy6spCd%2B0frW61mzsEqOc4CAxNGvqb8MWaZSxZeEno6JUab7GGtcVaPel5yjLylNabpq0XQ651kbJrGfXON3AhnfqPZU2r2q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084c0dc456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/favicon.ico | 172.66.44.186 | 200 OK | 263 kB |
URL GET HTTP/3piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/favicon.ico IP172.66.44.186:443
Requested byhttps://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets CertificateIssuerGoogle Trust Services LLC Subjectindloguass.pages.dev Fingerprint01:B9:59:CC:43:38:13:BB:DA:81:FB:23:6C:DF:3E:71:EB:AA:5A:D1 ValidityTue, 02 Apr 2024 09:27:49 GMT - Mon, 01 Jul 2024 09:27:48 GMT
Size263 kB (262947 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Citigroup Inc. | | Quad9 DNS | malicious | Sinkholed |
GET /cbol-pre-login-static-assets/favicon.ico HTTP/1.1
Host: piapiliows.indloguass.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piapiliows.indloguass.pages.dev/cbol-pre-login-static-assets/commonui-assets
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:44:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2da075174192a49b9bb2b14e715828e1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azWA3C7VRUZ2yHwg38UcI4MUh3p7r7PPGarW5cWm%2B%2Fmol9%2BNCCYJiraKaGew0jVdvFr3dw%2Fwvzf%2FvfeUeUO%2B4zjBumN0C0uN9w5R3pD0mCFD4wpdZZI96sARC5zn727HxCB8j5Kfyzo%2FdxDDuKM8MQMe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791084c4df556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|