Report - citi-mockup.netlify.app/

Report Overview

Visited public
2023-12-04 02:35:40
Tags
URL
citi-mockup.netlify.app/
Finishing URL
citi-mockup.netlify.app/
IP / ASN
18.192.231.252
#16509 AMAZON-02
Title
Citi-mockup-Landing page

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
citi-mockup.netlify.app	unknown	2018-05-08	2023-10-09 17:49:33	2023-11-18 22:25:01	7.7 kB	640 kB	18.192.231.252
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-03 05:09:13	1.0 kB	171 kB	104.17.24.14
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-03 07:59:58	450 B	32 kB	172.217.21.170
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-03 05:09:21	933 B	57 kB	151.101.193.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.
2023-12-03	medium	citi-mockup.netlify.app/	Citigroup Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	citi-mockup.netlify.app/	ScriptElement	215 B	2023-11-03	2024-09-28
Pretty URL citi-mockup.netlify.app/ IP 18.192.231.252 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:41 Last Seen2024-09-28 08:46 Times Seen11 Hash a39e37a30139054169911e225e6d10c4 734a542c3ad95f0a999177273b1649724b28abe7 81ace6485486f26faa12ea2f1a59906732d455b6f7a07c87a1a6e8ef78ddf6ef Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js	ScriptElement	80 kB	2023-03-08	2025-05-07
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:08 Last Seen2025-05-07 22:49 Times Seen1639 Hash b75ae000439862b6a97d2129c85680e8 90d15036ef48fcb336a135bae812b45669f19044 9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 07:15 Times Seen14359 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

HTTP Transactions (21)

URL IP Response Size

citi-mockup.netlify.app/

18.192.231.252

200 OK

2.4 kB

URL User Request GET HTTP/2
citi-mockup.netlify.app/
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.4 kB (2408 bytes)
Hash
ade4d9a94e013eb8370bd0d21fe81a69
d78f2135e95cbad6bd37fe4fb425ca1527b519a9
6376d4b39795478b067e1ffdf36e50997fa90afd94fd5631bfa342a889aeeb6b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET / HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 128005
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "776ca16c9cc1720b9543ad2d95c4bf03-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HGSAW8VY9611X6ZGJKMRPKT6
content-length: 2408
X-Firefox-Spdy: h2

citi-mockup.netlify.app/style.css

18.192.231.252

200 OK

1.4 kB

URL GET HTTP/2
citi-mockup.netlify.app/style.css
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1403 bytes)
Hash
cde5c1a3e131e90160d92caac21421f6
d2e367ce8abbe3cba7d0a4e1130d8051a1fb7312
1f74bcbdeb6d280abf900c5e008e7f5c26804fb5d22aae273a0a95247ad17397

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /style.css HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65735
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/css; charset=UTF-8
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "90b79779435181301a6c58f299ba8542-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HGSAW9E1QJ5M6DX7ENBT3M8B
content-length: 1403
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/logo.png

18.192.231.252

200 OK

2.6 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/logo.png
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
PNG image data, 60 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2618 bytes)
Hash
0d765f9d542be474413b0468964c8b6d
ec29369a72c7f050799ae0094266286cccb0679b
f1c635c4782fce1eef7290194a81f790b0dc0655c6eafdc43eb1498fd6b10295

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65736
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "e3380aadfb87141f44fadacc0b728672-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9E8R86VW0BEGH2S1H7C
content-length: 2618
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/open-menu.png

18.192.231.252

200 OK

959 B

URL GET HTTP/2
citi-mockup.netlify.app/images/open-menu.png
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
PNG image data, 31 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size
959 B (959 bytes)
Hash
d2b44f14595f3342d078203497d0ba2d
4716f483ecc1c522dad27f26acc223aec2cf3a0d
2bb88d60b540bca29bb11c13c207be784f06f4ae855a78431f7ce34ac5ef9946

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/open-menu.png HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65735
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "bdadf35b0a9cc1270118d7fec3d62457-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9E8MVWEMWSFJ8HWBNMV
content-length: 959
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65317)
Size
19 kB (18716 bytes)
Hash
8bb6644125ddeee7a27732e86f65fa05
686e3160cff3fb1be2de10779754b40f15948208
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

HTTP Headers

GET /ajax/libs/font-awesome/6.2.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 02:35:22 GMT
content-type: text/css; charset=utf-8
content-length: 18716
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6373d4a6-491c"
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 857869
expires: Sat, 23 Nov 2024 02:35:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXqLZTqs0PBs3qjSPhSWtyzGc0m2BAWk7KDsxFPfxL4%2FkqdCY8CpXdMmKKO3AMt3M30XEo6aEMSwDCKWDZsytA3m1GSK5nw9DNycKC7AxR8AHibq1jaund13U%2BdARxJBb0atsfj8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8300a7dcad50b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/Lit_logo.png

18.192.231.252

200 OK

14 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/Lit_logo.png
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 92, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14533 bytes)
Hash
b2e3c3e359fac66d53656a47f5202764
80ddd6b2a73ae0988b2dc8b3105c6c8d2b31aac5
f81fead9f5e27f2c0b38a52a21fdf94a5a97ee835ca08a93d596e08658a15211

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/Lit_logo.png HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "e066dfb1233b62390d0cf4252829d48b-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9E9FK18GQF242HT6JSE
content-length: 14533
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/right-arrow.png

18.192.231.252

200 OK

1.0 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/right-arrow.png
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
PNG image data, 5 x 8, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1000 bytes)
Hash
f9a66eeac952923a39d4b4a7aa487b48
b580a1978f598451e1af1088f6c1e67b51e77a9a
9ff6758b42b0a0b014c5f74aa460b3dc76e9d22f6805b7b2ee4dd3035aa6ae15

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/right-arrow.png HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "ff11d2a206211ad19e777a7ee99610bf-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9EA5HCZEPX5PSD3GGK9
content-length: 1000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

172.217.21.170

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31100 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:10:07 GMT
expires: Fri, 29 Nov 2024 07:10:07 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 329115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

151.101.193.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
3f30c2c47d7d23c7a994db0c862d45a5
7791dd1f3173a0d62cc39c21d2ad71fc8dad0e72
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 02:35:23 GMT
age: 3408999
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1640-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/facebook.png

18.192.231.252

200 OK

172 B

URL GET HTTP/2
citi-mockup.netlify.app/images/facebook.png
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
172 B (172 bytes)
Hash
61de26eb22d3126941e72ac60c9a4b7f
e28bb337db5474396712e721d58065ed7dd1d212
43a24dc27fdec203195a28d3fe6a9bb9b4e87d57d0b1c6d7b305a2a32a0e68fc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/facebook.png HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "db62ae3b887b33e602a4298359b40861-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9ETCFPF8T52WN1Q1J9R
content-length: 172
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

25 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65299)
Size
25 kB (24659 bytes)
Hash
b75ae000439862b6a97d2129c85680e8
90d15036ef48fcb336a135bae812b45669f19044
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 02:35:23 GMT
age: 13336618
x-served-by: cache-fra-eddf8230056-FRA, cache-bma1640-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24659
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/cards/Repayments-and-Auto-Debit.jpg

18.192.231.252

200 OK

32 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/cards/Repayments-and-Auto-Debit.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 590x325, components 3\012- data
Size
32 kB (32271 bytes)
Hash
ecbed637d6cf16869b444b203d2330bd
8972e569dcee3c8ef01711c7d8f5189939b0d2ca
b4c551b07946051c4477357b57ae2694b7ef605078c12b1336b934f672142510

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/cards/Repayments-and-Auto-Debit.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 77140
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "eb038af088117dc18e6ee9f47e9024ed-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9ETGS0SBT9Q442R8ETM
content-length: 32271
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/cards/What-do-you-want-to-get-out-of-your-personal-loan.jpg

18.192.231.252

200 OK

43 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/cards/What-do-you-want-to-get-out-of-your-personal-loan.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 590x325, components 3\012- data
Size
43 kB (43046 bytes)
Hash
dc459a33ba97c8693a4d083020304fe1
7687010afd19a8c3503741c581722f2ed18942fc
b217197afc5dd84fd206fa9db3b8faf1515af4f0024e7d5e4934f3281f3e3343

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/cards/What-do-you-want-to-get-out-of-your-personal-loan.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "7bb392d76b47638bfe65eb0c092e6710-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9ETF5RPW3PZRKGDHYKX
content-length: 43046
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/cards/Monthly-Debt-Obligations.jpg

18.192.231.252

200 OK

35 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/cards/Monthly-Debt-Obligations.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 590x325, components 3\012- data
Size
35 kB (34705 bytes)
Hash
32a2e70b98fb97eba423e8eb3a9ba2a5
3880960f1e01174d68b35822e19f2feaeaddbf6d
02a8b2fbae611e79a62abb3f2f57c28a4b2429da71a03325126cc9c818492d2d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/cards/Monthly-Debt-Obligations.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "b5b2d41d60bff401a8b6ffd78dbc33ae-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9EKJ7C7M64G67NAXFQK
content-length: 34705
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/cards/Interest-Rates.jpg

18.192.231.252

200 OK

51 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/cards/Interest-Rates.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 590x325, components 3\012- data
Size
51 kB (51404 bytes)
Hash
458752e946b734a650b007e817dda903
5383caf83dedfc56665529c28ceb06d9054857f8
6a39ca8be8cdc931c1be352aa7c362e57c3ead3f1112e940fca49b887145cb99

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/cards/Interest-Rates.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "242772fca1126d55630239e0ba284b8e-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9EEY060S5DVBX6ZYZZC
content-length: 51404
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/cards/Credit-Score.jpg

18.192.231.252

200 OK

42 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/cards/Credit-Score.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 590x325, components 3\012- data
Size
42 kB (41679 bytes)
Hash
a24f57b6de42585679a41c45ae2c1211
fd256af383ed8f59c0d61822fd9e2882a6731b9f
3a92df36fef4a222904ab11844a2d4a61b63d41611d2e99cee46c220c60f000f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/cards/Credit-Score.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "77bfcd26f3074216403c81c413815b4f-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9EDNV5X2B0QAV4KG8EP
content-length: 41679
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/pl-main-banner-mob.jpg

18.192.231.252

200 OK

93 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/pl-main-banner-mob.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x250, components 3\012- data
Size
93 kB (93133 bytes)
Hash
777f1e94014cac00e888f6fe90ce1e23
55b086ce56f5aa2a208a3b81210d3a98dca0791a
6a324928b8dac64a51b2406d287998450e44d6b156922176c5edb95d1bf8e3b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/pl-main-banner-mob.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "f291878136d29eeede20a0fff898de55-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9EBXPZ6N2METBZ546FB
content-length: 93133
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/pl-main-banner.jpg

18.192.231.252

200 OK

308 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/pl-main-banner.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x420, components 3\012- data
Size
308 kB (307734 bytes)
Hash
4e867becfc5285f2ac42e75b17bfe668
d56aa72023ae00c9295e107a97d3a3c493fb0f95
1a7aae615e749e6c4bfbc19b691dc77e42e6421d83a943a4851af124aebc14ed

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/pl-main-banner.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65734
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:22 GMT
etag: "345c6cbd25a7f2d3362cb1dc50a1ebd4-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9EAB3T60Q5MJV44CPXG
content-length: 307734
X-Firefox-Spdy: h2

citi-mockup.netlify.app/images/bg_header.jpg

18.192.231.252

200 OK

1.4 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/bg_header.jpg
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 6x84, components 3\012- data
Size
1.4 kB (1354 bytes)
Hash
76be07f00fe66076a842e2ea685bf6e1
da81fb3e9e7bad3b9db883a0f583b93ae6c3279b
54e4b6c72aba2d337ca14b8ef7912e0cfff62cbae54f0edbfe02b1f02f70c827

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/bg_header.jpg HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 65735
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 02:35:23 GMT
etag: "ebacaa0ec3e6e7d0823592900b96a7c9-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9T3B8HGGXNF4DBWW3PB
content-length: 1354
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2

104.17.24.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150516, version 770.768\012- data
Size
150 kB (150516 bytes)
Hash
328a9d0f59f0ebb55cddac6f39995bea
c0e6e76b4a02c34656ff2a41b671e02f2821829b
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

HTTP Headers

GET /ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-mockup.netlify.app
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:35:23 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150516
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6373d4a6-24bf4"
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 933696
expires: Sat, 23 Nov 2024 02:35:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwnsYOZ0zRhlSpddQckFwEZcbv3H2VVEavHZUwUfYN4w%2FnfW7aOU2augnsDsMY44wYBrf%2FajiWuF7L269s7xzAGR%2Fuvq9C86Srp0fjfKKtW85%2BgTo815y9waXFNQC9X8YlXyxcUU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8300a7df2f6e56ba-OSL
alt-svc: h3=":443"; ma=86400

citi-mockup.netlify.app/images/cards/favicon.ico

18.192.231.252

200 OK

4.3 kB

URL GET HTTP/2
citi-mockup.netlify.app/images/cards/favicon.ico
IP
18.192.231.252:443
ASN
#16509 AMAZON-02

Requested by
https://citi-mockup.netlify.app/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
750240dafc34444bc0c598bd0c5fdd31
0054abcecc976136edf72f476e8d6e71ac3227e1
a208032884b564421a9c5355c3806d4d33ef6616045444d58ec4595cb73abfa0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Citigroup Inc.

HTTP Headers

GET /images/cards/favicon.ico HTTP/1.1
Host: citi-mockup.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://citi-mockup.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-type: image/vnd.microsoft.icon
date: Mon, 04 Dec 2023 02:35:23 GMT
etag: "35fe607225c1e48e3aa9d150d6320886-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HGSAW9Y3DJ85D266F4H2AX2M
content-length: 4286
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type