firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 20:07:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PKZ-lDLvC7Ys-VS_5TTFBojxiYjDc1Mpljq67hVaCH4yYFb7yYK1rQ==
Age: 2118
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3938
Expires: Sun, 11 Sep 2022 21:48:47 GMT
Date: Sun, 11 Sep 2022 20:43:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M_MTg85WxBZY8i9EYKLaSA8ZDRah5WRJl0GaoAx1371ERNLPR5n09g==
age: 48357
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 20:43:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.clti-online.com/
176.123.0.83200 OK 86 kB IP 176.123.0.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash bb11efb49b464b3760652e78b827ffc6
5e11d0fe049ba595e9803770976f9fa93219c101
b04f4aeadded4212acc8b2f9caa61e982c1680b6fc8b88a6eb8aa215ce0ff105
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET / HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 11 Sep 2022 20:43:07 GMT
server: LiteSpeed
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33576
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 11 Sep 2022 03:11:53 GMT
Expires: Mon, 11 Sep 2023 03:11:53 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 63077
www.clti-online.com/styles.8083da3bc06f9b3e.css
176.123.0.83200 OK 143 kB URL HTTP/1.1 www.clti-online.com/styles.8083da3bc06f9b3e.css
IP 176.123.0.83:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size 143 kB (142741 bytes)
Hash 4582a4527457cbd09b20918c467dbd03
56ce1b29bf1f9d7d4feb469d251f7c97b9a609e7
affee8b4edf35c12db7d3b63bee68d93cc745485c5a7d94c9e21efa191ece7cd
Analyzer Verdict Alert openphish Citigroup Inc.
GET /styles.8083da3bc06f9b3e.css HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 142741
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/home.svg
176.123.0.83200 OK 818 B URL HTTP/1.1 www.clti-online.com/home.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1266)
Hash 395741019a89ea74327c9fd6699348ec
7dfceb5fc3a998de760ed9e3e55302063cf7e623
ac63a49f6cee9fe777fe74fb6def9f2f23999ca8a2664feeeae669a2b30cfcd5
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /home.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 818
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/location-blue.svg
176.123.0.83200 OK 840 B URL HTTP/1.1 www.clti-online.com/location-blue.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 4815d54574fb61848184ce95465943e6
b11f075237d1246614d49eb9ed092c262c32b8e8
dcf3054f98ff025803821fd49a4759b8af25bb2d94d0c8a0cf3d0a0f0703b4fb
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /location-blue.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 840
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/finDocument.svg
176.123.0.83200 OK 932 B URL HTTP/1.1 www.clti-online.com/finDocument.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1499)
Hash 3cdb5198f5d33217e05b44cf961b8985
ebebfc3a4aaa5fa62c9871f9d1e13783ebb1a69a
4d3ae2e5777da1a75823d3fb1c1f53c841926ca9cba64c0dfdfa658bc32295af
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /finDocument.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 932
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/idea.svg
176.123.0.83200 OK 924 B URL HTTP/1.1 www.clti-online.com/idea.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1448)
Hash 7f1ea16d73b871b0e5c700bff1f951b7
6d3ec4314f30f58e5437a69a56d4206887f95a94
653597d54f13482cb4dfa5536f146e1c06fb1ecc32299abd8a2b40098e3f3239
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /idea.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 924
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/mortage-learning-center1x.png
176.123.0.83200 OK 829 B URL HTTP/1.1 www.clti-online.com/mortage-learning-center1x.png
IP 176.123.0.83:0
File type PNG image data, 20 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 33b2062b82b686301ad7b7d9b6cb12da
561e6040162f2e3a29202c7b4f55d9ad6925baba
bd6124aa009720569f3745f3513e09a65678daa849cbff24daf0ab0f0acf7854
Analyzer Verdict Alert openphish Citigroup Inc.
GET /mortage-learning-center1x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-length: 829
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/line-data.svg
176.123.0.83200 OK 959 B URL HTTP/1.1 www.clti-online.com/line-data.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1117)
Hash df40f6ffe2604d4063f37e9465481f61
08f5bb03f59d789652e92d5c34a4d77b256406d9
36941f84c8b4b4fe271486f102bfd5500692d392eb9d7087db1ce0c62e09f6cb
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /line-data.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 959
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/profile-service.svg
176.123.0.83200 OK 1.2 kB URL HTTP/1.1 www.clti-online.com/profile-service.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1453)
Hash 75a8ce2fb275438d323ef42e373ca8eb
247fc74be6751469b8a30b2febd796d2934f342c
f3b13b99ad82f2fea480c3521bb2f1e0d3d4d4e613e6d4ecbf9036bdc3855c6b
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /profile-service.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1160
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/IE_warning.png
176.123.0.83200 OK 9.6 kB URL HTTP/1.1 www.clti-online.com/IE_warning.png
IP 176.123.0.83:0
File type PNG image data, 140 x 188, 8-bit/color RGBA, non-interlaced\012- data
Hash d8eea89a3eef4f4d57ab082338444cff
92b1ce05f94cfdd4fac21ec682978bbbbd510c57
56a8588a55f9dfb0f9a2b30f06551d02e1ee21bff94b7166e881aab313b226cb
Analyzer Verdict Alert openphish Citigroup Inc.
GET /IE_warning.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-length: 9575
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 19:56:07 GMT
Expires: Sun, 11 Sep 2022 20:29:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EXBazY7OQHpSZOSEUbmBzSMyGXMjo4vzpW9jeluGvGs3QZdq-nxHww==
Age: 2823
www.clti-online.com/phone-3x.png
176.123.0.83200 OK 6.1 kB URL HTTP/1.1 www.clti-online.com/phone-3x.png
IP 176.123.0.83:0
File type PNG image data, 144 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b38834607cf78bb57f8e6ffcc564f02
f3f5d7c7ee0ab9d45cf1120449cf73b9e216cf97
62920961d08702254a7deac2601d0481ee1c548fab440b64517c2d86c468843f
Analyzer Verdict Alert openphish Citigroup Inc.
GET /phone-3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 6124
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/laptop-and-phone-pairing.png
176.123.0.83200 OK 11 kB URL HTTP/1.1 www.clti-online.com/laptop-and-phone-pairing.png
IP 176.123.0.83:0
File type PNG image data, 366 x 231, 8-bit/color RGBA, non-interlaced\012- data
Hash e53f5a014254387f8774f48689bea9bc
441bf082d755e6033061c31a0cbfe38bbee9512a
280255d34c881ca94627b2a1bfe5a44b068487c6bd9da9d55a01f8763a3c7914
Analyzer Verdict Alert openphish Citigroup Inc.
GET /laptop-and-phone-pairing.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 10946
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/050-location2x.svg
176.123.0.83200 OK 761 B URL HTTP/1.1 www.clti-online.com/050-location2x.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (785)
Hash 85543620ad38e56e244712bb273cc762
026fe241f39ff19ddc789d2803d133ddcc9cf4b5
f8fdcf346192649aa2a56db9ff75914b81db8846c19b45f79af577277f0ddf86
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /050-location2x.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 761
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/citilogoredesign.png
176.123.0.83200 OK 1.8 kB URL HTTP/1.1 www.clti-online.com/citilogoredesign.png
IP 176.123.0.83:0
File type PNG image data, 89 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c9db53b866a0120618cd396e1513f1
5cfe9732c78e4eb7365681834cdd682b977a0232
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
Analyzer Verdict Alert openphish Citigroup Inc.
GET /citilogoredesign.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-length: 1799
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/icon_globe_med-grey2x.svg
176.123.0.83200 OK 1.4 kB URL HTTP/1.1 www.clti-online.com/icon_globe_med-grey2x.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2189)
Hash 769292d9568b737a34073c73ebf39f33
46520223668e253c5b49011c3bcbd262a211b950
bf624c4c42485cd1755ccfa5f8653cea2ba55e0b4faaf4cad028714ffe1c2225
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /icon_globe_med-grey2x.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1430
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Wave_Top.svg
176.123.0.83200 OK 1.3 kB URL HTTP/1.1 www.clti-online.com/Wave_Top.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (559)
Hash c70b7ac1bfd4b82f54025396ad627101
06a0b6a000da61481e78b95c79e852864b099cca
151b62c864c69facb467d46c1ed3bc078caf621d1fe8257ae6dde4d4b5210bcd
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /Wave_Top.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1317
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Interstate-Regular.woff
176.123.0.83200 OK 79 kB URL HTTP/1.1 www.clti-online.com/Interstate-Regular.woff
IP 176.123.0.83:0
File type Web Open Font Format, TrueType, length 78762, version 1.197\012- data
Hash b1f3eca7de0c2cb35740f32dd0b83823
dffc474081c23fc151265b637a4468e82004ecc8
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /Interstate-Regular.woff HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: font/woff
last-modified: Fri, 02 Sep 2022 17:29:42 GMT
accept-ranges: bytes
content-length: 78762
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/HP_1262_CitiSelfInvest_Image.jpg
176.123.0.83200 OK 47 kB URL HTTP/1.1 www.clti-online.com/HP_1262_CitiSelfInvest_Image.jpg
IP 176.123.0.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x315, components 3\012- data
Hash e1ce6608d5e57802fe0a9ab6e892806c
0388ed415be5ca12055fb92c38f9cf1083e2c04e
21ce9d5fb1b0c08a3983cabe314138b163341fea02a49962bdec84a5a13e02e0
Analyzer Verdict Alert openphish Citigroup Inc.
GET /HP_1262_CitiSelfInvest_Image.jpg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/jpeg
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 47164
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Hero_Credit_Cards_Offer.png
176.123.0.83200 OK 52 kB URL HTTP/1.1 www.clti-online.com/Hero_Credit_Cards_Offer.png
IP 176.123.0.83:0
File type PNG image data, 483 x 306, 8-bit colormap, non-interlaced\012- data
Hash b43045f704be45598b82dc4ceee836df
2c39ae26a5a298ecf381f14e7191b3b3eb30b5c2
b989462b5bf7e58b9162ede531dbffe7411f1f9eca5bdeb4c0f299314dabc839
Analyzer Verdict Alert openphish Citigroup Inc.
GET /Hero_Credit_Cards_Offer.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-length: 51580
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/right-white-chevi.svg
176.123.0.83200 OK 753 B URL HTTP/1.1 www.clti-online.com/right-white-chevi.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (391)
Hash 3c7049f3ff9656e0251141cfa5fbbb22
bf230eeb36c5489b0be5de735431db64652ca572
18fffcdd3204dd2efa4c5b1e31a1d752ad068e6bf7b442f5c1f217aa334ae0dc
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /right-white-chevi.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 753
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/search.svg
176.123.0.83200 OK 712 B URL HTTP/1.1 www.clti-online.com/search.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (899)
Hash b4e8b6cb8a160ce7f14b160a9cff17d6
3cdc732cd60c4d0c65e1bdfeec21fc3244f61dd1
06ca0b2aef5f991522955eb6aac7231194ebbe478cd3d8d69dc24e0d6bc3e847
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /search.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 712
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 20:43:10 GMT
Last-Modified: Sun, 11 Sep 2022 20:26:41 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.clti-online.com/Citi-futuristic-angles-bg-compressed.jpg
176.123.0.83200 OK 12 kB URL HTTP/1.1 www.clti-online.com/Citi-futuristic-angles-bg-compressed.jpg
IP 176.123.0.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x600, components 3\012- data
Hash 09cfa7b756b6a66e6ae88510b88fa592
ae487ba19f1d3f2465cfaec5e113cc222709e568
8eb4143c752b3ab868b3cc79fe6b3786c43ca465e0528a2c46683f2bff979f34
Analyzer Verdict Alert openphish Citigroup Inc.
GET /Citi-futuristic-angles-bg-compressed.jpg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/jpeg
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-length: 11476
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Interstate-Bold.woff
176.123.0.83200 OK 72 kB URL HTTP/1.1 www.clti-online.com/Interstate-Bold.woff
IP 176.123.0.83:0
File type Web Open Font Format, TrueType, length 71874, version 1.197\012- data
Hash 9fd45584370dd1c58e1ed9050efb925f
7b41085678166c62e23e8cf3c8c9ab13e13c356d
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /Interstate-Bold.woff HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: font/woff
last-modified: Fri, 02 Sep 2022 17:29:42 GMT
accept-ranges: bytes
content-length: 71874
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Interstate-Light.woff
176.123.0.83200 OK 76 kB URL HTTP/1.1 www.clti-online.com/Interstate-Light.woff
IP 176.123.0.83:0
File type Web Open Font Format, TrueType, length 75538, version 1.197\012- data
Hash 3d1d3153b04b6ce8a33a20f60df9d723
60e91c7766bdc415134c1111a283ffed3749dbae
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /Interstate-Light.woff HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: font/woff
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 75538
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/3c85c82ae12b2b8fbb65a341a0632a1d9c013513.svg
176.123.0.83200 OK 604 B URL HTTP/1.1 www.clti-online.com/3c85c82ae12b2b8fbb65a341a0632a1d9c013513.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2477), with no line terminators
Hash 94f9941807fe889dcd294c3af5f32300
72f8e64d7eb131925462952e185b9d9ce6ebd65a
fe97c01df80988fafbdb00e21a9fc3fbd151b6135951650dd48c65de98a19bfb
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /3c85c82ae12b2b8fbb65a341a0632a1d9c013513.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/styles.8083da3bc06f9b3e.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 604
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/080711951d681874360224692f6c7b29ec9ba8be.svg
176.123.0.83200 OK 500 B URL HTTP/1.1 www.clti-online.com/080711951d681874360224692f6c7b29ec9ba8be.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 517c05b8cd04a12f346b5ccfb59adb2e
c72a24c02e0227a2fc3b08dcd26e7bc51731f228
0eb0402debace57fc1b5981ad3f25e792946852b08c80e4be043148bd590cc2a
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /080711951d681874360224692f6c7b29ec9ba8be.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/styles.8083da3bc06f9b3e.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 500
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/HP_1005_LifestyleBenefit_3Up_M1M7.jpg
176.123.0.83200 OK 59 kB URL HTTP/1.1 www.clti-online.com/HP_1005_LifestyleBenefit_3Up_M1M7.jpg
IP 176.123.0.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x315, components 3\012- data
Hash fcb99b768eaad9279a6b10baae28f8b3
15bf1f721cf35091ba80ef790b11f7a5cc8c1e7c
f0dbc6cfd4a4c729ae0ca2f1404efcdb3e61e4943032b1767a567b9fbce33a51
Analyzer Verdict Alert openphish Citigroup Inc.
GET /HP_1005_LifestyleBenefit_3Up_M1M7.jpg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/jpeg
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 58806
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Wave_Bottom.svg
176.123.0.83200 OK 1.5 kB URL HTTP/1.1 www.clti-online.com/Wave_Bottom.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1134)
Hash 629e3875e12dca5efe5e0155813b6822
b0faff6ac19fd48ec69cbd2a4b3ed0f638ed8763
21bc12072f50919b1e0dddb5cc49d6986919c228bbd3dc97fe7580fa001ad4ef
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /Wave_Bottom.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1511
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/GENDERPAYBAN.png
176.123.0.83200 OK 18 kB URL HTTP/1.1 www.clti-online.com/GENDERPAYBAN.png
IP 176.123.0.83:0
File type PNG image data, 483 x 483, 8-bit colormap, non-interlaced\012- data
Hash 3354d82713f083afcf7a80bbd372a314
74a5db9c419cd587fb690e346e367ccfe3f2c99e
891bd7ab749935a37758ecb991d9f83b8baaddd54fd230e74343e369ef0b6cc4
Analyzer Verdict Alert openphish Citigroup Inc.
GET /GENDERPAYBAN.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 17511
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Interstate-Bold-1.woff
176.123.0.83200 OK 72 kB URL HTTP/1.1 www.clti-online.com/Interstate-Bold-1.woff
IP 176.123.0.83:0
File type Web Open Font Format, TrueType, length 71874, version 1.197\012- data
Hash 9fd45584370dd1c58e1ed9050efb925f
7b41085678166c62e23e8cf3c8c9ab13e13c356d
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /Interstate-Bold-1.woff HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.clti-online.com/styles.8083da3bc06f9b3e.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: font/woff
last-modified: Fri, 02 Sep 2022 17:29:42 GMT
accept-ranges: bytes
content-length: 71874
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/Wave_Top_Grey.svg
176.123.0.83200 OK 956 B URL HTTP/1.1 www.clti-online.com/Wave_Top_Grey.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (552)
Hash 6037e31f1bfb7ce5d2ad71968b4474be
423413464bc14d64e7f3d204ff17aec6ee3939c6
32e08f4b86b250793ca53aa0eb94791fef56db5c4364a11f5604434fe5de1060
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /Wave_Top_Grey.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 956
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/memberfdic.png
176.123.0.83200 OK 3.6 kB URL HTTP/1.1 www.clti-online.com/memberfdic.png
IP 176.123.0.83:0
File type PNG image data, 92 x 56, 8-bit colormap, non-interlaced\012- data
Hash 06f9182eaba97e7bb11957e00b602114
b7dbc5acfb4cbd262dc85889828f3afc36e25315
dd785f8f2c8aedd3c6e165633948ba26d178485f2cf2d0d8f747005472e7cf90
Analyzer Verdict Alert openphish Citigroup Inc.
GET /memberfdic.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-length: 3594
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/EqualHousing.png
176.123.0.83200 OK 1.6 kB URL HTTP/1.1 www.clti-online.com/EqualHousing.png
IP 176.123.0.83:0
File type PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 83a5bb8d054fc7b4adab0615c487dc25
8a26d8e39da754c8f63d2a3122ed87a6e4a7f369
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
Analyzer Verdict Alert openphish Citigroup Inc.
GET /EqualHousing.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-length: 1606
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/1440_Citi-PLT3x.png
176.123.0.83200 OK 28 kB URL HTTP/1.1 www.clti-online.com/1440_Citi-PLT3x.png
IP 176.123.0.83:0
File type PNG image data, 4320 x 279, 8-bit/color RGBA, non-interlaced\012- data
Hash 33567268701e83c3e827b6062cb0c062
d23224d7d4fd15617c84c976f979b259557b6fc6
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
Analyzer Verdict Alert openphish Citigroup Inc.
GET /1440_Citi-PLT3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 28149
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/HP_1615_Rewards_Plus_3Up-module-new_card_art.jpg
176.123.0.83200 OK 36 kB URL HTTP/1.1 www.clti-online.com/HP_1615_Rewards_Plus_3Up-module-new_card_art.jpg
IP 176.123.0.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 560x315, components 3\012- data
Hash 828a87bf98784f50f064562fdc53b062
152a1c4c9b44cbf38f502adc905f46ebea41c98d
77793ec25b490750a8db0f5d2b8fc262ed16008b99f83ff6c12cc2da8923377e
Analyzer Verdict Alert openphish Citigroup Inc.
GET /HP_1615_Rewards_Plus_3Up-module-new_card_art.jpg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/jpeg
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 36429
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/HP_1247_Premier_Module3_up.jpg
176.123.0.83200 OK 34 kB URL HTTP/1.1 www.clti-online.com/HP_1247_Premier_Module3_up.jpg
IP 176.123.0.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x315, components 3\012- data
Hash 9eb090210b7fad653ac95803c0c1eb14
d78895bbd96685177485d97bc5629e1d13c0dd13
537d468ccd24f1baf1cdfc59512837051a956ff062d5dd36fa10b4e01f52e82e
Analyzer Verdict Alert openphish Citigroup Inc.
GET /HP_1247_Premier_Module3_up.jpg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/jpeg
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 34527
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/googlePlay3x.png
176.123.0.83200 OK 25 kB URL HTTP/1.1 www.clti-online.com/googlePlay3x.png
IP 176.123.0.83:0
File type PNG image data, 390 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 27b0482f8ebba1e3cc92d2eee497497e
379e9e2ed883250c02736c151a47d38248285572
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
Analyzer Verdict Alert openphish Citigroup Inc.
GET /googlePlay3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-length: 25077
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/HP418_M.jpg
176.123.0.83200 OK 54 kB URL HTTP/1.1 www.clti-online.com/HP418_M.jpg
IP 176.123.0.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x315, components 3\012- data
Hash 3cdf8c3e467f12b6fa27da867c07c249
40200df80a9690ba8f932cd807bd02fb54957005
a3416b46058d11b22ed1862dbdc23227620ab579248b3fc9ead8dfdc0a5beb2f
Analyzer Verdict Alert openphish Citigroup Inc.
GET /HP418_M.jpg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/jpeg
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 53475
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/appStore3x.png
176.123.0.83200 OK 20 kB URL HTTP/1.1 www.clti-online.com/appStore3x.png
IP 176.123.0.83:0
File type PNG image data, 351 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d461f4d2e32e339372869b3f4be72007
d8e3a847a7d18c3948617f75622f6cd27bd4cd54
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
Analyzer Verdict Alert openphish Citigroup Inc.
GET /appStore3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 20047
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/social-media_facebook3x.png
176.123.0.83200 OK 445 B URL HTTP/1.1 www.clti-online.com/social-media_facebook3x.png
IP 176.123.0.83:0
File type PNG image data, 27 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f627e41e84a3b87f57c9de2e3a722d0
a7d350d9d267149f60b46a454f021920f89df877
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
Analyzer Verdict Alert openphish Citigroup Inc.
GET /social-media_facebook3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-length: 445
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/social-media_twitter3x.png
176.123.0.83200 OK 1.3 kB URL HTTP/1.1 www.clti-online.com/social-media_twitter3x.png
IP 176.123.0.83:0
File type PNG image data, 66 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 60b0fec951727b4762fabc2570a1317f
56f9ed9699233f4cef1317a9a2c83179070b5e8a
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
Analyzer Verdict Alert openphish Citigroup Inc.
GET /social-media_twitter3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 1277
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/social-media_youtube3x.png
176.123.0.83200 OK 1.2 kB URL HTTP/1.1 www.clti-online.com/social-media_youtube3x.png
IP 176.123.0.83:0
File type PNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3541c5442b1b90b4efe20ab4b2802323
ad778d35efc7b9950d2158d800b61966204b75d8
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
Analyzer Verdict Alert openphish Citigroup Inc.
GET /social-media_youtube3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-length: 1175
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/qrsignon.png
176.123.0.83200 OK 741 B URL HTTP/1.1 www.clti-online.com/qrsignon.png
IP 176.123.0.83:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash a5ee9c25c190474a2efe66a609a2ca19
890832b6a7115abd51f480dce8e74206f06a428a
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
Analyzer Verdict Alert openphish Citigroup Inc.
GET /qrsignon.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 741
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/laptop-and-phone-success.png
176.123.0.83200 OK 13 kB URL HTTP/1.1 www.clti-online.com/laptop-and-phone-success.png
IP 176.123.0.83:0
File type PNG image data, 366 x 231, 8-bit/color RGBA, non-interlaced\012- data
Hash a893e016676ccbfcbb496b7f81673ada
f4f951b24cbb92ff0a2095e0052a17ce90e3faf7
82b78ed4a68d13bb927ce09291b82255ae0f8d9b28afc70083a328a8977b7713
Analyzer Verdict Alert openphish Citigroup Inc.
GET /laptop-and-phone-success.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 13259
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/7dd5d8512f801d526c6bdd1cc060de1988124233.gif
176.123.0.83200 OK 35 B URL HTTP/1.1 www.clti-online.com/7dd5d8512f801d526c6bdd1cc060de1988124233.gif
IP 176.123.0.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6181cc2202fbf5a98fdbee4fe5874473
7dd5d8512f801d526c6bdd1cc060de1988124233
8d29865aa51f76ae96b1968abe50d09a1540ca0b5b4a085cb471ab454ff90725
Analyzer Verdict Alert openphish Citigroup Inc.
GET /7dd5d8512f801d526c6bdd1cc060de1988124233.gif HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/gif
last-modified: Fri, 02 Sep 2022 17:29:34 GMT
accept-ranges: bytes
content-length: 35
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qGKFa9E6/DY0hs3k9EvrfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e6utPoYxLYvF7ynxIDLKhz0QUIk=
www.clti-online.com/citi.action.html
176.123.0.83200 OK 0 B URL HTTP/1.1 www.clti-online.com/citi.action.html
IP 176.123.0.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /citi.action.html HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Fri, 02 Sep 2022 17:29:42 GMT
accept-ranges: bytes
content-length: 0
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/320_Citi-PLT3x.png
176.123.0.83200 OK 12 kB URL HTTP/1.1 www.clti-online.com/320_Citi-PLT3x.png
IP 176.123.0.83:0
File type PNG image data, 960 x 279, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c1b9c0c6762e2405c3fea9847a1d422
441fd252e12934bfb00554eae96f091d2764bf32
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
Analyzer Verdict Alert openphish Citigroup Inc.
GET /320_Citi-PLT3x.png HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/png
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-length: 11562
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/citiKT.svg
176.123.0.83200 OK 1.4 kB URL HTTP/1.1 www.clti-online.com/citiKT.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2516)
Hash ad1c059a915b8baf135a995dd1d99b62
33ce6d76a45a1392ad281b24982b68d4f6dc6b63
2cd11aa2358c56f979499f3fee7f3a9fad8c13f78c2c83c2f905318efba6c723
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /citiKT.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:09 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1370
date: Sun, 11 Sep 2022 20:43:09 GMT
server: LiteSpeed
www.clti-online.com/calculator.svg
176.123.0.83200 OK 1.0 kB URL HTTP/1.1 www.clti-online.com/calculator.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1649)
Hash a71f9310f957d42f0145a86e948f4cc1
6e3986f7cf3ea99a9abab46532cd45524489ba68
28e6b1658783941914d8067480bb39ec57ffc0191557d6399aa11b14f3b8f7f3
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /calculator.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:09 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1013
date: Sun, 11 Sep 2022 20:43:09 GMT
server: LiteSpeed
www.clti-online.com/citi_bonus_offers.svg
176.123.0.83200 OK 1.7 kB URL HTTP/1.1 www.clti-online.com/citi_bonus_offers.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (3718)
Hash 44c2230176ffb3ea920ec6c1bb502944
4487648cb663292e8eab8036228a309423156a19
ac61651e93c890d5a077301a0aa713422e25b6a836893883e0094ae5e17192e4
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /citi_bonus_offers.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:08 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1662
date: Sun, 11 Sep 2022 20:43:08 GMT
server: LiteSpeed
www.clti-online.com/savings.svg
176.123.0.83200 OK 2.1 kB URL HTTP/1.1 www.clti-online.com/savings.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (3665)
Hash d549984d6949c0d0ef60581d48d004c1
023a29163e329d52da3c75aba52277849b29b227
7805e59289c0c648bf046a772719530ebdf9177edfebe48c498f03df22a6f866
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /savings.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:09 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2052
date: Sun, 11 Sep 2022 20:43:09 GMT
server: LiteSpeed
www.clti-online.com/mail.svg
176.123.0.83200 OK 739 B URL HTTP/1.1 www.clti-online.com/mail.svg
IP 176.123.0.83:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (710)
Hash 5fd3d163b6eaa56317d3b366f1edc799
85654ca34c8e07e2ecf35915b0da07c61ac45606
fb52387f767aaf28b39536a324ed7e81235987005185bdd45dbbd4a3dbeced07
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /mail.svg HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:09 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 739
date: Sun, 11 Sep 2022 20:43:09 GMT
server: LiteSpeed
www.clti-online.com/favicon.ico
176.123.0.83200 OK 8.1 kB URL HTTP/1.1 www.clti-online.com/favicon.ico
IP 176.123.0.83:0
File type PNG image data, 367 x 367, 8-bit/color RGBA, non-interlaced\012- data
Hash cb435a5d4d63543f56ae50a6f33142b6
1b151548560b5df8c926a8dd4350709f202771e6
c0fa37a99fcf0208eb743d0e25e11d9b9aa7897233078b4aa78d220269edced9
Analyzer Verdict Alert openphish Citigroup Inc.
GET /favicon.ico HTTP/1.1
Host: www.clti-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clti-online.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 20:43:09 GMT
content-type: image/x-icon
last-modified: Fri, 02 Sep 2022 17:29:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8136
date: Sun, 11 Sep 2022 20:43:09 GMT
server: LiteSpeed
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10176
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 20:43:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10176
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 20:43:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10176
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 20:43:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 23824
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 81943
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:50:01 GMT
age: 71590
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1a86dcf94db0a29a6ebe21866766d4
b3491a6f12c97c8e1848a206a185fae29213c1e5
d05619e519fed6c0b6c0616cf540908006a68f127b25e38fb9d041dfe2546df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7519
x-amzn-requestid: bef8445b-1f8b-4c00-a9ad-b32fdefe3d13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3zXoHOhIAMFfNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312ff63-1a6c3ef64362a4d052a761ae;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:16:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Pzv2DSpqnXB0UP3C5EF-YUzRmveFwmal_8YyRfEuHuhZ1FcUWgHocg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 10:22:00 GMT
age: 37271
etag: "b3491a6f12c97c8e1848a206a185fae29213c1e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 82805
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b290c3f75a769f5cb0f36b5c84436c9b
22e386713ccb95ca1cf9aa367a5ad02bd1664954
e311757ae3bc5b821a9c1d4d654250b1ac936228eb4a600aa1e5b391d25adaaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10611
x-amzn-requestid: f034fbd9-c83e-4a29-84ff-674629759818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN3E8PoAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-63dd86ec10dbc2fb7dc0e5de;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -Fht5R4_rLcLWqglaPldh1846mPs_JS6_L3G_mi5G2iQbmkCPopvuQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 07:27:02 GMT
age: 47769
etag: "22e386713ccb95ca1cf9aa367a5ad02bd1664954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bd16c51d8e4853d6ee542d2ec9fb22
a9f77626875d68e1aea2516f78d491eba9969e37
b360c3c9fa12dc4f57fdbfc88fe820ecee1c049f2d43f44cd38b740513d8e9f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10298
x-amzn-requestid: f2e2d57b-1f6f-401a-bf0d-ca5c05dd5e59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-nmHBKIAMFrZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184496-52d1369463143fc94894e347;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:13:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xW7Lli2tEVlm-nAL_JANbf0u4uZcPpslrE3rd2rWPoj_af_2WpiJ8Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:01 GMT
age: 82937
etag: "a9f77626875d68e1aea2516f78d491eba9969e37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2