Report - crichton.app/f/citizens/prohqcker2.php

Report Overview

Submitted URL
crichton.app/f/citizens/prohqcker2.php
IP
45.40.135.19
ASN
#26496 AS-26496-GO-DADDY-COM-LLC
Submitted
2023-06-02 01:13:29
Access
public
Website Title
Final URL
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
crichton.app	unknown	2021-06-14	2021-06-14	2023-06-01	11 kB	338 kB	45.40.135.19
cdn1.onlineaccess1.com	19210	2005-08-24	2015-01-02	2023-06-01	537 B	14 kB	192.0.54.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	crichton.app/f/citizens/personal.html
2023-06-01	medium	crichton.app/f/citizens/prohqcker2.php

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	crichton.app/f/citizens/js/mask.js	149 kB	2023-03-07	2024-03-18
Pretty URL crichton.app/f/citizens/js/mask.js IP 45.40.135.19 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:43:16 Last Seen2024-03-18 16:58:28 Times Seen308 Hash b28c4e8b73d73eb52c812ee9e4757460 513be6d33316e1ba686515457c0280c8f02d3ffa 3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237 Loading...

	crichton.app/f/citizens/personal.html	0 B	2023-03-07	2024-04-24
Pretty URL crichton.app/f/citizens/personal.html IP 45.40.135.19 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 18:28:56 Times Seen37043346 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (21)

URL IP Response Size

crichton.app/f/citizens/personal.html

45.40.135.19

200 OK

1.6 kB

URL User Request GET HTTP/2
crichton.app/f/citizens/personal.html
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (498), with CRLF line terminators
Size
1.6 kB (1554 bytes)
Hash
5452da7af9c49c35f60bb22014158f87
28930d6236031300c7f38948989bee9cb7e235ee
39588c0d4d15c594d50721c6d38f9acafa342460bd23e29ebd5e0eac84e0935c

Detections

Analyzer	Verdict	Alert
openphish	First Citizens Bank

HTTP Headers

GET /f/citizens/personal.html HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
last-modified: Fri, 19 May 2023 09:47:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1554
date: Fri, 02 Jun 2023 01:13:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

crichton.app/f/citizens/css/app.css

45.40.135.19

200 OK

17 kB

URL GET HTTP/3
crichton.app/f/citizens/css/app.css
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (55844)
Size
17 kB (16616 bytes)
Hash
254b86ec2aeac18814d18d7acf843c5c
3b0f0a8af537aff8ab8ca20ae5b55704f070d899
722e0f8219375018d795921485032e970952ab5ab3c5d534b024e1693d7f982f

HTTP Headers

GET /f/citizens/css/app.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 23:53:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16616
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css

45.40.135.19

200 OK

114 kB

URL GET HTTP/3
crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (114020 bytes)
Hash
23d6f5c394031f2b7a197598ef562da5
8ba7a928149ea4e58a8f37a3ef8857eedfacbf95
5fe9be1ee622cde0915ad2e0fd99a1aec935c971201dcbe8ddc63427fc8d103e

HTTP Headers

GET /f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 20:00:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 114020
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed

crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css

45.40.135.19

200 OK

114 kB

URL GET HTTP/3
crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113624 bytes)
Hash
3ace15d1a3da1d5fa8d7bd7b0982771a
6c6c75edbf229ebd4f168282a55b36b7bbb04185
44b62296dd491bc6b05441bd4dfc79d12d979d033f5103a176c223c6e87b6823

HTTP Headers

GET /f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 23:53:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 113624
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed

crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css

45.40.135.19

200 OK

1.5 kB

URL GET HTTP/3
crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (8014), with no line terminators
Size
1.5 kB (1509 bytes)
Hash
590048df214033d1c1591d552a32c9af
6e93aed836cbb1b6976248df6d2cb4c8b17c23b4
fbb5d60b0e8fbf3ce2eeb2479ad9ef6744585303f9ee0bf27c62b35a0a2dc30a

HTTP Headers

GET /f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 23:53:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1509
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed

crichton.app/f/citizens/js/mask.js

45.40.135.19

200 OK

30 kB

URL GET HTTP/3
crichton.app/f/citizens/js/mask.js
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (4222), with CRLF line terminators
Size
30 kB (30228 bytes)
Hash
b28c4e8b73d73eb52c812ee9e4757460
513be6d33316e1ba686515457c0280c8f02d3ffa
3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237

HTTP Headers

GET /f/citizens/js/mask.js HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crichton.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 01:13:13 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 07:50:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30228
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed

crichton.app/f/citizens/img/desktop-background-31261c4b72eb487c279e9a1b57d9f095.jpg

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/img/desktop-background-31261c4b72eb487c279e9a1b57d9f095.jpg
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/img/desktop-background-31261c4b72eb487c279e9a1b57d9f095.jpg HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff

45.40.135.19

404 Not Found

6.6 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:13 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff

45.40.135.19

404 Not Found

6.6 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/tecton-590048df214033d1c1591d552a32c9af.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/favicon.ico

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/favicon.ico
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/favicon.ico HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crichton.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff

45.40.135.19

404 Not Found

6.6 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff

45.40.135.19

404 Not Found

6.6 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

cdn1.onlineaccess1.com/cdn/depot/3397/1069/d156970adc960ccc43e0f0d4d553bb92/assets/images/logos/logo_large-5741abb9675d37b6178ac83becc79b17.png

192.0.54.4

13 kB

URL GET
cdn1.onlineaccess1.com/cdn/depot/3397/1069/d156970adc960ccc43e0f0d4d553bb92/assets/images/logos/logo_large-5741abb9675d37b6178ac83becc79b17.png
IP
192.0.54.4:0
ASN
#62659 Q2HOLDINGS

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuerGoogle Trust Services LLC
Subjectonlineaccess1.com
Fingerprint56:19:94:0F:94:5C:C1:5B:2A:5E:44:EA:FF:29:63:E9:C0:40:DF:FB
ValiditySat, 20 May 2023 07:00:52 GMT - Fri, 18 Aug 2023 07:58:40 GMT

File type
gzip compressed data, from Unix\012- data
Size
13 kB (13150 bytes)
Hash
fb168ffc879c7b3c8f0b140dbe08add0
c0a2b9afbcd34a694b7119a4af4e4567c36b26a7
f6f157c9a29ae6f2dcb60826ff11df6a2cb4f0b25a092e6f8ba2213eb0e6eb77

HTTP Headers

GET /cdn/depot/3397/1069/d156970adc960ccc43e0f0d4d553bb92/assets/images/logos/logo_large-5741abb9675d37b6178ac83becc79b17.png HTTP/1.1
Host: cdn1.onlineaccess1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:13:13 GMT
content-type: image/png
last-modified: Fri, 24 Mar 2023 16:13:06 GMT
vary: Accept-Encoding
etag: W/"641dcc12-1a27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
timing-allow-origin: *
access-control-allow-headers: *
cf-cache-status: HIT
age: 183835
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: __cfruid=22a273aa1430640133e5f39c88bd7680521169de-1685668393; path=/; domain=.onlineaccess1.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7d0bd5255c90b4f9-OSL
X-Firefox-Spdy: h2

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Semibold.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/theme-q2-c78f9a6334979dc02a4414cf3a8779e5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff

45.40.135.19

404 Not Found

6.6 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.woff HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Fri, 02 Jun 2023 01:13:14 GMT
server: LiteSpeed

crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf

45.40.135.19

404 Not Found

2.1 kB

URL GET HTTP/3
crichton.app/f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://crichton.app/f/citizens/personal.html
Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.1 kB (2123 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /f/citizens/css/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crichton.app/f/citizens/css/highcontrast-23d6f5c394031f2b7a197598ef562da5.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: no-cache, private
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2123
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:15 GMT
server: LiteSpeed

crichton.app/f/citizens/prohqcker2.php

45.40.135.19

302 Found

5.2 kB

URL User Request GET HTTP/2
crichton.app/f/citizens/prohqcker2.php
IP
45.40.135.19:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Certificate
IssuercPanel, Inc.
Subjectcrichton.app
FingerprintA0:2D:83:7F:A3:D6:45:B0:93:08:4A:58:3C:40:AE:13:29:B2:BC:47
ValidityFri, 19 May 2023 00:00:00 GMT - Thu, 17 Aug 2023 23:59:59 GMT

File type

Size
5.2 kB (5180 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
openphish	First Citizens Bank

HTTP Headers

GET /f/citizens/prohqcker2.php HTTP/1.1
Host: crichton.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: personal.html
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 02 Jun 2023 01:13:12 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN