crichton.app/f/citizens/personal.html
45.40.135.19200 OK 1.6 kB URL User Request GET HTTP/2 crichton.app/f/citizens/personal.html
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (498), with CRLF line terminators
Hash 5452da7af9c49c35f60bb22014158f87
28930d6236031300c7f38948989bee9cb7e235ee
39588c0d4d15c594d50721c6d38f9acafa342460bd23e29ebd5e0eac84e0935c
Analyzer Verdict Alert openphish First Citizens Bank
GET /f/citizens/personal.html HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Fri, 19 May 2023 09:47:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1554
date: Fri, 02 Jun 2023 01:13:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
crichton.app/f/citizens/css/app.css
45.40.135.19200 OK 17 kB URL GET HTTP/3 crichton.app/f/citizens/css/app.css
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (55844)
Hash 254b86ec2aeac18814d18d7acf843c5c
3b0f0a8af537aff8ab8ca20ae5b55704f070d899
722e0f8219375018d795921485032e970952ab5ab3c5d534b024e1693d7f982f
GET /f/citizens/css/app.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 23:53:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16616
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
45.40.135.19200 OK 114 kB URL GET HTTP/3 crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (114020 bytes)
Hash 23d6f5c394031f2b7a197598ef562da5
8ba7a928149ea4e58a8f37a3ef8857eedfacbf95
5fe9be1ee622cde0915ad2e0fd99a1aec935c971201dcbe8ddc63427fc8d103e
GET /f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 20:00:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 114020
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
45.40.135.19200 OK 114 kB URL GET HTTP/3 crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (113624 bytes)
Hash 3ace15d1a3da1d5fa8d7bd7b0982771a
6c6c75edbf229ebd4f168282a55b36b7bbb04185
44b62296dd491bc6b05441bd4dfc79d12d979d033f5103a176c223c6e87b6823
GET /f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 23:53:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 113624
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
45.40.135.19200 OK 1.5 kB URL GET HTTP/3 crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (8014), with no line terminators
Hash 590048df214033d1c1591d552a32c9af
6e93aed836cbb1b6976248df6d2cb4c8b17c23b4
fbb5d60b0e8fbf3ce2eeb2479ad9ef6744585303f9ee0bf27c62b35a0a2dc30a
GET /f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 23:53:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1509
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
crichton.app/f/citizens/js/mask.js
45.40.135.19200 OK 30 kB URL GET HTTP/3 crichton.app/f/citizens/js/mask.js
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (4222), with CRLF line terminators
Hash b28c4e8b73d73eb52c812ee9e4757460
513be6d33316e1ba686515457c0280c8f02d3ffa
3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237
GET /f/citizens/js/mask.js HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crichton.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 07:50:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30228
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
crichton.app/f/citizens/img/desktop-background-31261c4b72eb487c279e9a1b57d9f095.jpg
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/img/desktop-background-31261c4b72eb487c279e9a1b57d9f095.jpg
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/img/desktop-background-31261c4b72eb487c279e9a1b57d9f095.jpg HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
45.40.135.19404 Not Found 6.6 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff
45.40.135.19404 Not Found 6.6 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/favicon.ico
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/favicon.ico
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/favicon.ico HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crichton.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
45.40.135.19404 Not Found 6.6 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff
45.40.135.19404 Not Found 6.6 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
cdn1.onlineaccess1.com/cdn/depot/3397/1069/d156970adc960ccc43e0f0d4d553bb92/assets/images/logos/logo_large-5741abb9675d37b6178ac83becc79b17.png
192.0.54.4 13 kB URL GET cdn1.onlineaccess1.com/cdn/depot/3397/1069/d156970adc960ccc43e0f0d4d553bb92/assets/images/logos/logo_large-5741abb9675d37b6178ac83becc79b17.png
IP 192.0.54.4:0
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuerGoogle Trust Services LLC
Subjectonlineaccess1.com
Fingerprint56:19:94:0F:94:5C:C1:5B:2A:5E:44:EA:FF:29:63:E9:C0:40:DF:FB
ValiditySat, 20 May 2023 07:00:52 GMT - Fri, 18 Aug 2023 07:58:40 GMT
File type gzip compressed data, from Unix\012- data
Hash fb168ffc879c7b3c8f0b140dbe08add0
c0a2b9afbcd34a694b7119a4af4e4567c36b26a7
f6f157c9a29ae6f2dcb60826ff11df6a2cb4f0b25a092e6f8ba2213eb0e6eb77
GET /cdn/depot/3397/1069/d156970adc960ccc43e0f0d4d553bb92/assets/images/logos/logo_large-5741abb9675d37b6178ac83becc79b17.png HTTP/1.1
Host: cdn1.onlineaccess1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:13:13 GMT
content-type: image/png
last-modified: Fri, 24 Mar 2023 16:13:06 GMT
vary: Accept-Encoding
etag: W/"641dcc12-1a27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
timing-allow-origin: *
access-control-allow-headers: *
cf-cache-status: HIT
age: 183835
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: __cfruid=22a273aa1430640133e5f39c88bd7680521169de-1685668393; path=/; domain=.onlineaccess1.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7d0bd5255c90b4f9-OSL
X-Firefox-Spdy: h2
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
45.40.135.19404 Not Found 6.6 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
45.40.135.19404 Not Found 2.1 kB URL GET HTTP/3 crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://crichton.app/f/citizens/personal.html
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:15 GMT
server: LiteSpeed
crichton.app/f/citizens/prohqcker2.php
45.40.135.19302 Found 5.2 kB URL User Request GET HTTP/2 crichton.app/f/citizens/prohqcker2.php
IP 45.40.135.19:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Certificate IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - DHL
openphish First Citizens Bank
GET /f/citizens/prohqcker2.php HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: personal.html
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:12 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2