Suspected phishing site | Cloudflare

phishing scam

technology software

English

Domain 'cititrustfirst.com' uses the commercial generic top-level domain (.com) with no subdomain. The registrable portion 'cititrustfirst' spans 14 characters containing 4 vowels alongside ten consonants. Word splitting yields three words: citi, trust, first. The median word length lands at five characters. No strong language cues emerged from the frequency lists.

atok

original_path

cf-turnstile-response

html/de/b0/deb0d066-f438-4a71-99e4-8f608c4953d1.html.gz

default-src 'none'; script-src 'nonce-qNJ28JzVHiWwBeT0' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms

50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324

5743c640722924aa6974b1f602ad1abb67f4c5240cc4829ed64147cf0e6ecf83

18a52fd2cc16c86bcba28796b0e231144f219cc87e049c41d9d378b880a42fba

275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24

390eefa5af21228aaab4bb7eb68043b2468a645b3c861aaba17b226cc8c05d95

robots

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

Cosmotown, Inc.

CITITRUSTFIRST.COM


  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }



    function onTurnstileSuccess(token) {
      document.getElementById("bypass-button").disabled = false;
    }
  

Requests	IP Address	Location	AS Autonomous System
7	104.18.95.41	Unknown	Unknown
1	104.18.94.41	Unknown	Unknown
1	104.21.32.224	Unknown	Unknown
1	172.67.136.216	Unknown	Unknown
1	2606:4700:3031::6815:20e0	Unknown	Unknown
1	2606:4700::6812:5f29	Unknown	Unknown
1	2606:4700:3031::ac43:88d8	Unknown	Unknown
1	2606:4700::6812:5e29	Unknown	Unknown
14	8	-	-

Security Scan Report: cititrustfirst.com

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Bot Protection Detected

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History