pendolatraining.com Open in urlscan Pro
67.222.38.76 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pendolatraining.com/review_account/verify
Effective URL:
https://pendolatraining.com/review_account/verify/login.php
Submission: On September 01 via manual (September 1st 2023, 2:28:25 am UTC) from IN — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 91 HTTP transactions. The main IP is 67.222.38.76, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is pendolatraining.com.
TLS certificate: Issued by R3 on July 19th 2023. Valid for: 3 months.

This is the only time pendolatraining.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 19	67.222.38.76 67.222.38.76	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 3	34.254.70.163 34.254.70.163	16509 (AMAZON-02) (AMAZON-02)
7	99.84.88.39 99.84.88.39	16509 (AMAZON-02) (AMAZON-02)
1	52.17.210.114 52.17.210.114	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.214 63.140.62.214	16509 (AMAZON-02) (AMAZON-02)
1 1	34.240.140.136 34.240.140.136	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c3:8c00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	66.235.152.143 66.235.152.143	16509 (AMAZON-02) (AMAZON-02)
1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
11	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	23.218.208.116 23.218.208.116	16625 (AKAMAI-AS) (AKAMAI-AS)
91	16

19 67.222.38.76 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2044.bluehost.com

pendolatraining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.70.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-70-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.84.88.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-39.muc50.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.210.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-210-114.eu-west-1.compute.amazonaws.com

citi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-214.data.adobedc.net

metrics1.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.140.136 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-140-136.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:8c00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-143.data.adobedc.net

citicorpcreditservic.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)

20766699p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.116 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-116.deploy.static.akamaitechnologies.com

iad1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	pendolatraining.com 1 redirects pendolatraining.com	945 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	972 KB
12	qualtrics.com zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com — Cisco Umbrella Rank: 32758 siteintercept.qualtrics.com — Cisco Umbrella Rank: 883 iad1.qualtrics.com — Cisco Umbrella Rank: 9870	96 KB
10	google.de www.google.de — Cisco Umbrella Rank: 6457	1 KB
10	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	14 KB
7	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3388	64 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 223 citi.demdex.net — Cisco Umbrella Rank: 39127	6 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310	763 B
1	rlcdn.com sr.rlcdn.com — Cisco Umbrella Rank: 20253	98 B
1	rfihub.com 20766699p.rfihub.com — Cisco Umbrella Rank: 126638	685 B
1	omtrdc.net citicorpcreditservic.tt.omtrdc.net — Cisco Umbrella Rank: 31691	903 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5830	6 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1197	517 B
1	citi.com metrics1.citi.com — Cisco Umbrella Rank: 24182	464 B
91	15

	Domain	Requested by
19	pendolatraining.com	1 redirects pendolatraining.com
15	www.googletagmanager.com	pendolatraining.com www.googletagmanager.com
10	www.google.de
10	www.google.com
10	siteintercept.qualtrics.com	zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com
10	googleads.g.doubleclick.net	www.googletagmanager.com
7	nexus.ensighten.com	pendolatraining.com
3	dpm.demdex.net	1 redirects pendolatraining.com
2	s.amazon-adsystem.com	1 redirects
1	iad1.qualtrics.com
1	sr.rlcdn.com	nexus.ensighten.com
1	zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com	nexus.ensighten.com
1	20766699p.rfihub.com	c1.rfihub.net
1	citicorpcreditservic.tt.omtrdc.net	pendolatraining.com
1	c1.rfihub.net	nexus.ensighten.com
1	cm.everesttech.net	1 redirects
1	metrics1.citi.com	pendolatraining.com
1	citi.demdex.net	pendolatraining.com
91	18

This site contains no links.

Subject Issuer	Validity	Valid
cpanel.pendolatraining.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
metrics1.citi.com DigiCert EV RSA CA G2	`2023-07-10` - `2024-08-09`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://pendolatraining.com/review_account/verify/login.php
Frame ID: A8539A4C60B612E17E5F7B5C7A87CB17
Requests: 88 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: C4DEA6D13304FF3CCA3D56ED26CE874C
Requests: 1 HTTP requests in this frame

Frame: https://20766699p.rfihub.com/ca.html?ver=9&ra=124&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&pf=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&ra=8379520109996677
Frame ID: 7BD7FAD2D2B5B8A9419CA278179E2610
Requests: 1 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 8EEBAD57F355A78AA7E3B5D6EFCE9377
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On to Your Citi Account - Citibank

Page URL History Show full URLs

https://pendolatraining.com/review_account/verify HTTP 301
https://pendolatraining.com/review_account/verify/ Page URL
https://pendolatraining.com/review_account/verify/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

91
Requests

97 %
HTTPS

29 %
IPv6

15
Domains

18
Subdomains

16
IPs

4
Countries

2108 kB
Transfer

5914 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pendolatraining.com/review_account/verify HTTP 301
https://pendolatraining.com/review_account/verify/ Page URL
https://pendolatraining.com/review_account/verify/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://pendolatraining.com/review_account/verify HTTP 301
https://pendolatraining.com/review_account/verify/

Request Chain 11

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1693535299941 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1693535299941

Request Chain 27

https://cm.everesttech.net/cm/dd?d_uuid=27601135491175728903889712452679831573 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPFMRAAAANQhMANe

Request Chain 39

https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView HTTP 302
https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
pendolatraining.com/review_account/verify/
Redirect Chain

https://pendolatraining.com/review_account/verify
https://pendolatraining.com/review_account/verify/

53 B
177 B

353ms
353ms

Document
text/html

67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pendolatraining.com/review_account/verify/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=7200
content-encoding: gzip
content-length: 68
content-type: text/html; charset=UTF-8
date: Fri, 01 Sep 2023 02:28:10 GMT
expires: Fri, 01 Sep 2023 04:28:18 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
server: nginx/1.21.6
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

Redirect headers

cache-control: max-age=7200
content-length: 258
content-type: text/html; charset=iso-8859-1
date: Fri, 01 Sep 2023 02:28:10 GMT
expires: Fri, 01 Sep 2023 04:28:18 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
location: https://pendolatraining.com/review_account/verify/
server: nginx/1.21.6
x-server-cache: false

GET
H2 200 Primary Request login.php Show response
pendolatraining.com/review_account/verify/ 371 KB
71 KB 261ms
261ms Document
text/html 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pendolatraining.com/review_account/verify/login.php
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 9e59aed7a46591c6dd2b28fc147050c3fa37879c69a79021e999be845cfaf8bd

Request headers

Referer: https://pendolatraining.com/review_account/verify/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=7200
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Sep 2023 02:28:11 GMT
expires: Fri, 01 Sep 2023 04:28:18 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
server: nginx/1.21.6
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

GET
H2 200 Bootstrap.js Show response
pendolatraining.com/review_account/verify/js/ 280 KB
112 KB 345ms
344ms Script
application/javascript 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: c73e69a929ce513e05bba4a3359296cf41064aaff3355d900b971ca39175a935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:19 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:44:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Fri, 01 Sep 2023 08:28:19 GMT

GET
H2 200 Interstate-Light.woff
pendolatraining.com/review_account/verify/css/ 74 KB
74 KB 466ms
465ms Font
font/woff 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pendolatraining.com/review_account/verify/css/Interstate-Light.woff
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Request headers

Referer: https://pendolatraining.com/review_account/verify/login.php
Origin: https://pendolatraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:19 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:29:36 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 75538
expires: Fri, 01 Sep 2023 08:28:19 GMT

GET
H2 200 Interstate-Bold.woff
pendolatraining.com/review_account/verify/css/ 70 KB
70 KB 622ms
621ms Font
font/woff 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pendolatraining.com/review_account/verify/css/Interstate-Bold.woff
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Request headers

Referer: https://pendolatraining.com/review_account/verify/login.php
Origin: https://pendolatraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:19 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:29:34 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 71874
expires: Fri, 01 Sep 2023 08:28:19 GMT

GET
H2 200 Interstate-Regular.woff
pendolatraining.com/review_account/verify/css/ 77 KB
77 KB 622ms
622ms Font
font/woff 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pendolatraining.com/review_account/verify/css/Interstate-Regular.woff
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: 045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe

Request headers

Referer: https://pendolatraining.com/review_account/verify/login.php
Origin: https://pendolatraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:19 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:29:38 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 78762
expires: Fri, 01 Sep 2023 08:28:19 GMT

GET
H2 200 styles.css
pendolatraining.com/review_account/verify/css/ 1 MB
276 KB 622ms
621ms Stylesheet
text/css 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pendolatraining.com/review_account/verify/css/styles.css
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: 70f3cacfaa80a9d270cf98ce26fef532b1004bc471a20611f35bc70cd6d8d899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:19 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 13 Jun 2021 16:04:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Sun, 01 Oct 2023 02:28:19 GMT

GET
H2 200 citipridelogo.jpg
pendolatraining.com/review_account/verify/css/ 3 KB
3 KB 177ms
177ms Image
image/jpeg 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/citipridelogo.jpg
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: f94cb7cab7413f3e828c469111e3f9ee7bf21ac163cea343be2cdef866160d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:03:50 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2658
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H2 200 050-location@2x.svg
pendolatraining.com/review_account/verify/css/ 2 KB
2 KB 174ms
173ms Image
image/svg+xml 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/050-location@2x.svg
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:29:00 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1752
expires: Fri, 01 Sep 2023 08:28:20 GMT

GET
H2 200 icon_globe_med-grey@2x.svg
pendolatraining.com/review_account/verify/css/ 3 KB
3 KB 186ms
185ms Image
image/svg+xml 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/icon_globe_med-grey@2x.svg
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:29:14 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3523
expires: Fri, 01 Sep 2023 08:28:20 GMT

GET
H2 200 320_Citi-PLT@3x.png
pendolatraining.com/review_account/verify/css/ 11 KB
11 KB 187ms
186ms Image
image/png 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/320_Citi-PLT@3x.png
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:03:40 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 11562
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H2 200 1440_Citi-PLT@3x.png
pendolatraining.com/review_account/verify/css/ 27 KB
28 KB 196ms
196ms Image
image/png 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/1440_Citi-PLT@3x.png
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: 6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:03:34 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 28149
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1693535299941
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1693535299941

363 B
1 KB

30ms
30ms

XHR
application/json

34.254.70.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1693535299941

Requested by

Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php

Protocol

HTTP/1.1

Server

34.254.70.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-70-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

053690d1b257f0e4044be2a7594019943ceb4d7c1f43c9f0ff71a2fd0bcd874a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-06ae758f2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: TX+MMN5ETcE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://pendolatraining.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 309
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0fb6a4853.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RoerDOR0R6s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://pendolatraining.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1693535299941
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
251 B 61ms
7ms Image
text/plain 99.84.88.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-39.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 05:41:04 GMT
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
age: 74836
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: oRbU2QedYm-w41F9FmsyTHPC9hji4WKgqpf5mPoiD06l3uZITUpyqw==

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 1 KB
874 B 92ms
38ms Script
text/javascript 99.84.88.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/serverComponent.php?r=12.88555635393207&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Tue%20Jun%2008%2018:03:25%20GMT%202021&ClientID=1129&PageID=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-39.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0fcf24016f05ab2bcad4749936fd7756ff7bd064ab49bcf14c3bfb64f39148d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: gzip
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: YmvLN-P7iARk-MdCtaCUAKxQjr92U55dfjPt9inIA10mMaSCp5QWsQ==
expires: Fri, 01 Sep 2023 02:28:19 GMT

GET
H2 200 LSO_4959.jpg
pendolatraining.com/review_account/verify/css/ 171 KB
171 KB 179ms
179ms Image
image/jpeg 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/LSO_4959.jpg
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: 48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Fri, 11 Jun 2021 23:22:08 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 174933
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H2 404 Citi-Branding-Sprite.png
pendolatraining.com/review_account/verify/img/ 315 B
315 B 180ms
179ms Image
text/html 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/img/Citi-Branding-Sprite.png
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 200 Appstore-Googleplay-JDPower-Sprite.png
pendolatraining.com/review_account/verify/css/ 44 KB
44 KB 175ms
174ms Image
image/png 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/Appstore-Googleplay-JDPower-Sprite.png
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: b8e446605f92c29a178dd6494688103ac268004592afe06643df46f4bff68577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:03:44 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 44996
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H2 200 social-media_facebook@3x.png
pendolatraining.com/review_account/verify/css/ 445 B
503 B 193ms
193ms Image
image/png 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/social-media_facebook@3x.png
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: 695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:03:54 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 445
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H2 200 social-media_twitter@3x.png
pendolatraining.com/review_account/verify/css/ 1 KB
1 KB 186ms
186ms Image
image/png 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/social-media_twitter@3x.png
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: 5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:03:56 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1277
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H2 200 social-media_youtube@3x.png
pendolatraining.com/review_account/verify/css/ 1 KB
1 KB 242ms
242ms Image
image/png 67.222.38.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendolatraining.com/review_account/verify/css/social-media_youtube@3x.png
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.222.38.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2044.bluehost.com
Software: Apache /
Resource Hash: be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/review_account/verify/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
x-nginx-cache: WordPress
last-modified: Wed, 09 Jun 2021 22:03:58 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1175
expires: Sat, 31 Aug 2024 02:28:20 GMT

GET
H2 200 7c8ae1f9c206930028672949c6703f6d.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
2 KB 7ms
7ms Script
application/javascript 99.84.88.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/7c8ae1f9c206930028672949c6703f6d.js?conditionId0=4849963
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-39.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9a74546a8f511f31b5252f115d2db7aa69370ca5eeaf6828f60abb197f35a169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 03:20:05 GMT
x-amz-version-id: fn0OQIG24n9jjHSfN2OozphT08M6eW_x
content-encoding: br
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 12352096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:52:59 GMT
server: CloudFront
etag: W/"7df0440e45009010a99db868682aafb3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 7WGlgVSNWZgJvXeFC-YPbs6wkz-avhAYYNEtsU_McfczKY3uI3tlWw==

GET
H2 200 f0db1cf4496c8b42c5a1b2fa40b4f157.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 8ms
7ms Script
application/javascript 99.84.88.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/f0db1cf4496c8b42c5a1b2fa40b4f157.js?conditionId0=4897099
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-39.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 13a59cfac1785dd94d0005457ed1e12cf77fee65b975fe6fd91af77b7ac6cd77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 16:06:56 GMT
x-amz-version-id: _NJEt9Au7TfYHRltPN9x_4PZSTxTzbkJ
content-encoding: br
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 2542885
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 02 Aug 2023 16:06:47 GMT
server: CloudFront
etag: W/"f21df27f4d3e67ca5151a737dacd6837"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: iC0TrAkLK8YHv1gNClIjFhfuujHgLQBJB2r8LvHcuR5TSOs20ItLlg==

GET
H2 200 4f48dc27f3678d0aba4f0616dc1034a7.js Show response
nexus.ensighten.com/citi/na_prod/code/ 363 KB
47 KB 9ms
8ms Script
application/javascript 99.84.88.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/4f48dc27f3678d0aba4f0616dc1034a7.js?conditionId0=421908
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-39.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3724bfeac04f27a8c36e0e13834195f8c032acd23bbb5fd307526ea9bf2b20a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 19:30:42 GMT
x-amz-version-id: QbiC_.E9NG7z_6_kBPG3zYEPZsU3eeEo
content-encoding: br
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 197859
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 29 Aug 2023 19:30:35 GMT
server: CloudFront
etag: W/"83832e59b82bb9f8cc37ad2d38455fa5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: PdtOJmVAxZy9MAi5u05jXJ2-M5dy3EfCFRM-2_6Bc3CWOc8jxnttjQ==

GET
H2 200 f9112c4f4cc2da7bc760957da1d0a476.js Show response
nexus.ensighten.com/citi/na_prod/code/ 27 KB
5 KB 9ms
9ms Script
application/javascript 99.84.88.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/f9112c4f4cc2da7bc760957da1d0a476.js?conditionId0=486757
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-39.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 18fe0fbfef31b4ef603a5827ac377792d1a68b93710d285e88623a79ea0e6870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 08:36:01 GMT
x-amz-version-id: _EGaJ0JRqXa7HXWsIS89V3k4kvtsyejg
content-encoding: br
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 10777940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Feb 2023 18:50:31 GMT
server: CloudFront
etag: W/"341b188f6c2fe2107f63f9a2f998bb29"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: JYN4TOamE0hAzbwN2QAaP2ZGuW-JSz1jzjncY4emBFJJkVScegqJRg==

GET
H2 200 a7bd055e0a04596c52d5370fd2cb52c1.js Show response
nexus.ensighten.com/citi/na_prod/code/ 27 KB
7 KB 8ms
8ms Script
application/javascript 99.84.88.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/a7bd055e0a04596c52d5370fd2cb52c1.js?conditionId0=467299
Requested by: Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-39.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7713d20bc523112a4dd0c1409159b1a8b4c1122349d1c042977977707047d492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 19:28:04 GMT
x-amz-version-id: R4LXhNxZFTVoGUDnd76tDf4sU34YOz0N
content-encoding: br
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 3222017
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 25 Jul 2023 19:27:55 GMT
server: CloudFront
etag: W/"bc57186d3c67c4d3b4a33281b4650a9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: jiRhZQ31DoKkuRhh5JUX_8Ml9602JrTSOCUqcV02tpc_FYjtL5KpXw==

GET
H/1.1 200
OK dest5.html Show response
citi.demdex.net/ Frame C4DE 7 KB
3 KB 137ms
30ms Document
text/html 52.17.210.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.demdex.net/dest5.html?d_nsid=0

Requested by

Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.210.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-210-114.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pendolatraining.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v050-093c44046.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Wc2xGqMtSTo=
content-encoding: gzip
date: Fri, 1 Sep 2023 02:28:20 GMT
last-modified: Wed, 28 Jun 2023 12:57:15 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
metrics1.citi.com/ 48 B
464 B 75ms
17ms XHR
application/x-javascript 63.140.62.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&mid=34538371880457007934348386949786970550&ts=1693535300113

Requested by

Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

188c6328aa00017bbf5c410dfc7b41c60a23776574872a019822c62bd442e01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pendolatraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://pendolatraining.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZPFMRAAAANQhMANe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=27601135491175728903889712452679831573
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPFMRAAAANQhMANe

42 B
942 B

29ms
29ms

Image
image/gif

34.254.70.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPFMRAAAANQhMANe

Requested by

Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/login.php

Protocol

HTTP/1.1

Server

34.254.70.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-70-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0fc891792.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3FysdpyMSh4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPFMRAAAANQhMANe
Date: Fri, 01 Sep 2023 02:28:20 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 59ms
6ms Script
application/x-javascript 2600:9000:20c3:8c00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/f0db1cf4496c8b42c5a1b2fa40b4f157.js?conditionId0=4897099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:8c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:35:29 GMT
content-encoding: gzip
via: 1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 01:35:19 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: MUC50-C1
age: 3171
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: ioxlrLbPNasFEoxvJGsX666PPZwMpUIW--kwAEdZz9U8Dckb3IOURg==
expires: Fri, 01 Sep 2023 02:35:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac2a232aa1326ea5d52067ead4c4d5af7d0302313ace12a8180feb5914478092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65012
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71edd36b22d51c75c810a78194b9ede22661a449a0c42886dd6dafbf0df241f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65051
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eb821fdbecc257e465134406b5e87ac5a4655a5fa358c1231bebfa7c2e1031b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65057
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6415812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fac2b4fd937b82c23ba1f35e6b486ecf902ca420f8824d1acb57f805451188c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65017
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5c95870f3179767bb745f13d4b91ea8c910e7fd242062041b0148d7547e8305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65019
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H2 200 json Show response
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ 142 B
903 B 114ms
33ms XHR
application/json 66.235.152.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/json?mbox=target-global-mbox&mboxSession=ce95cf65fa044bf9808971032c011c77&mboxPC=&mboxPage=33d50654afb045f392bfc4edd04012c0&mboxRid=684c77c0a76e488494cf0bcca9331eb0&mboxVersion=1.7.0&mboxCount=1&mboxTime=1693542499978&mboxHost=pendolatraining.com&mboxURL=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&mboxReferrer=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&mboxMCSDID=2E508C3FC233521B-3F045F0C1CB039C8&vst.trk=metrics.citi.com&vst.trks=metrics1.citi.com&mboxMCGVID=34538371880457007934348386949786970550&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6

Requested by

Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.143 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-143.data.adobedc.net

Software

jag /

Resource Hash

1f14a2b866d397b7ca541c0d1f915c50a81ae6554ef3986af3e264385f915e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 142
x-xss-protection: 1; mode=block
x-request-id: 684c77c0a76e488494cf0bcca9331eb0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pendolatraining.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H/1.1 200
OK ca.html Show response
20766699p.rfihub.com/ Frame 7BD7 118 B
685 B 108ms
15ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20766699p.rfihub.com/ca.html?ver=9&ra=124&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&pf=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&ra=8379520109996677
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76

Request headers

Referer: https://pendolatraining.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 118
Content-Type: text/html;charset=utf-8
Date: Fri, 01 Sep 2023 02:28:20 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 / Show response
zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 91ms
28ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/7c8ae1f9c206930028672949c6703f6d.js?conditionId0=4849963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e82176c3ee11b36dbbc4aaef389145582fd3e46f8feaf4821e537c6a2381c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 184934
cf-polished: origSize=9150
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23be-xKKkBSwcBSYhAc6SYD9lFtLJ81Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144b6b0b37c8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
70 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: pendolatraining.com
URL: https://pendolatraining.com/review_account/verify/js/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ebc758b69a1bfab7318a0dd886f5716f9e511774367dad949f0d59f4e120eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71210
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame 8EEB 0
98 B 168ms
118ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/a7bd055e0a04596c52d5370fd2cb52c1.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pendolatraining.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 01 Sep 2023 02:28:20 GMT
via: 1.1 google

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView
https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t

0
0

113ms
113ms

Image
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t
Protocol: HTTP/1.1
Server: 52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 01 Sep 2023 02:28:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZW4ZDJB6WEDF0CKC3X1Y
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 3 KB
2 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1693535300365&cv=11&fst=1693535300365&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-916451471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3ba56641b8def4ebe1443ffdbb9c650350a6dbbad040afe6955a1d87eca9087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
70 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6be43847215228d91b45d5ddf0e9e8777278c2d587a4cf5ee3a9e119e491aff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71136
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a9e37969705bfab57e4433e28c5b2f27a46736c37bf5448884776ec4948f408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55938
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42ad3d17dda97b7ff3a509ca84eb4a4f7aa8502bf26a0ab6859c7a4e8c48fae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55789
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c9bdbf86639c6a2fce40e1fd9979ebf07dcafe112f9b43b657f05b3fd34b184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74525
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3802b17b349bbf2f8e03bfd16531a307cbd271d6eab4ca959c7d5cfd458b33e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69619
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
70 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-819500023&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51800d6f9dcb64320a661a6c64412abdf3f7b9b6e9e4a72f1c3ccbd668917c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71458
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f14ed9676703747b8e089a792521642e11b6c2ed132665857ccd842237ba027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55802
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
70 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c0994ba3552881861ba4a42d85b184a408c8da27c174aba9a895a2705051f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71163
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11172302925&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f52d3c30b6c6bee2a58be8ef68ef888afac80bd03f031e98e77f04d94709f9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72585
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 00:14:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 02:28:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 3 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1693535300411&cv=11&fst=1693535300411&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1793f5e6238c74f1cdddd63c9b67900d4f301008cbe7e4f8c3518da48b1449ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1693535300431&cv=11&fst=1693535300431&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43602221f47448e30c4b519f4505eff5f10b967b9988c6ce0b2307006408fcf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1693535300445&cv=11&fst=1693535300445&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bcc29295c4782c5930c87bbc0905d4af808e189269b069ca2d438c3514c1728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1693535300469&cv=11&fst=1693535300469&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4e47b641e03b6d4601778db01fd17b5e86ad6c0f935945a83faf8a18fa51b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1693535300513&cv=11&fst=1693535300513&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a318f5c1db93c7b1c2a8cae2a3e53202fb0d50b1f1bbb259d51ac4fff072cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12.f3d25ebe8c96530b2fc2.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 69 KB
21 KB 27ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=pendolatraining.com

Requested by

Host: zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
URL: https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965a2c31659c544a6a01fbe1bac9958452aa28ccb7ac568867ded1ac95230674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 180303
cf-polished: origSize=71575
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11797-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144c5bb137c8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
455 B 41ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1693535300365&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1377926360&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
455 B 43ms
20ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1693535300365&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1377926360&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1693535300551&cv=11&fst=1693535300551&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-819500023&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c42660d8e839f4165de4905dd9585cbf4e52bfaf787ba3ea1162654793a7bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1352
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1693535300565&cv=11&fst=1693535300565&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54d769de930640d39157bbdd8be7bc8d525286defebf45afc79181188cd641e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1693535300586&cv=11&fst=1693535300586&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dec3124a3e328ae2fa0c52db64d0bae1cac35513a314629a83ee018fb1eb6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11172302925/ 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11172302925/?random=1693535300604&cv=11&fst=1693535300604&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=89626453.1693535300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11172302925&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60e8dd77aa096f30559afbe2ae4ed16c17eee437edaa8a710437e54a267a8b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1693535300411&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2365921019&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/644574043/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/644574043/?random=1693535300411&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2365921019&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
108 B 18ms
17ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1693535300431&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3097951086&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975701947/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975701947/?random=1693535300431&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3097951086&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
108 B 19ms
17ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1693535300469&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3477288199&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/830907969/ 42 B
108 B 21ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830907969/?random=1693535300469&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3477288199&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
108 B 24ms
21ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1693535300513&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2287872897&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/695231162/ 42 B
108 B 20ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695231162/?random=1693535300513&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2287872897&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
108 B 23ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1693535300445&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=368353423&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/960621875/ 42 B
108 B 20ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960621875/?random=1693535300445&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=368353423&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10955006959/ 42 B
108 B 22ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10955006959/?random=1693535300586&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=452762765&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10955006959/ 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10955006959/?random=1693535300586&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=452762765&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
108 B 23ms
21ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1693535300551&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2092415773&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819500023/ 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819500023/?random=1693535300551&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2092415773&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
108 B 22ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1693535300565&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1409614402&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/959299794/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/959299794/?random=1693535300565&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1409614402&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 8 KB
2 KB 34ms
34ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3VI8kkudS0JJRFc&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=pendolatraining.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b657aec59f9aa3451c7055956e533f949282f2d4bb29d54d1a120974891dce64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pendolatraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pendolatraining.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: e998ab6dfe2af811
cf-ray: 7ffa144cfc0a37c8-FRA
timing-allow-origin: *

GET
H2 200 /
www.google.com/pagead/1p-user-list/11172302925/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11172302925/?random=1693535300604&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2940471361&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11172302925/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11172302925/?random=1693535300604&cv=11&fst=1693533600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2Flogin.php&ref=https%3A%2F%2Fpendolatraining.com%2Freview_account%2Fverify%2F&frm=0&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2940471361&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 02:28:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 27ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=pendolatraining.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2511823ee589cef1a1b05009d107035ad3d0656d238cdb9ca3f51e53da4c24e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 180303
cf-polished: origSize=105535
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19c3f-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144d2c3537c8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.e410c6e4072cd30ceddd.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1006 B 29ms
28ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.e410c6e4072cd30ceddd.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
URL: https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2257d5dcff45e05bb9d046829b14c16dc3751a2e620af325231c44506d63f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 180303
cf-polished: origSize=2803
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"af3-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144d7c5b37c8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.6bff9e45c450943efd56.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 27ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.6bff9e45c450943efd56.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
URL: https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a2d8d2c814b20e1c9141321c11837e3884dacbc7e0d35f0442a74449922472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 180303
cf-polished: origSize=29367
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72b7-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144d7c5c37c8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 63 KB
23 KB 27ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=pendolatraining.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eaa61116a44b60d15c87e58db63270223e677db1d546e128906d77d11c8a572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 180301
cf-polished: origSize=65277
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"fefd-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144d7c5d37c8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 101ms
82ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0AioryRkl8bxHM2&Version=24&Q_ORIGIN=https://pendolatraining.com&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=pendolatraining.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34b0f5d47e3efc9d36f58289370a0c1bd9e0555ba91603afa9d20c500b545af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

servershortname
date: Fri, 01 Sep 2023 02:28:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Sep 2023 02:28:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144d9c769ba1-FRA
expires: Mon, 29 Aug 2033 02:28:20 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
781 B 478ms
460ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6sPqDX4wKQujPO6&Version=9&Q_InterceptID=SI_0AioryRkl8bxHM2&Q_ORIGIN=https://pendolatraining.com&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=pendolatraining.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

566095a5f65029a8730735e82ff6cf43336a92723d96484db740011b88467aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

servershortname
date: Fri, 01 Sep 2023 02:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Sep 2023 02:28:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ffa144d9c779ba1-FRA
expires: Mon, 29 Aug 2033 02:28:21 GMT

GET
H2 200 Graphic.php
iad1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
3 KB 89ms
20ms Image
image/png 23.218.208.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iad1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_2ghDuHHjeSOirNc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-116.deploy.static.akamaitechnologies.com

Software

Resource Hash

25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=feedback.png
content-length: 2196
x-request-id: a2f27bad-37fe-49ff-b99a-1535f9b1aca9
referrer-policy: strict-origin-when-cross-origin
etag: "e6ed675f115fb1568bb1aabc00aa3f30"
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 634c7244-04bb-4efe-b1d2-8474a6ea13f0
cache-control: public, max-age=48
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Fri, 01 Sep 2023 02:29:09 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
207 B 119ms
118ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6sPqDX4wKQujPO6&Q_SIID=SI_0AioryRkl8bxHM2&Q_ASID=AS_etUBT4QUD9Btyf4&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&r=1693535301290

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pendolatraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Sep 2023 02:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pendolatraining.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 404a0dbbb4becacb
cf-ray: 7ffa14511ea59ba1-FRA

GET
H2 200 wr-dialog-close-btn-white.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 254 B
548 B 24ms
24ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pendolatraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Sun, 24 Apr 2033 13:06:48 GMT
date: Fri, 01 Sep 2023 02:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10934493
cf-polished: origSize=759
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 254
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Apr 2023 16:10:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, public
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
cf-ray: 7ffa14511e4537c8-FRA
trace-id: ad81c6c45a4781b0
servershortname

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pendolatraining.com/	1969-12-31 23:59:59	Name: check Value: true
.demdex.net/	1970-01-20 18:44:47	Name: demdex Value: 27601135491175728903889712452679831573
pendolatraining.com/	1969-12-31 23:59:59	Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1
pendolatraining.com/	1970-01-20 14:25:37	Name: 7830 Value: error
pendolatraining.com/	1970-01-20 14:25:37	Name: 7018 Value:
pendolatraining.com/	1970-01-20 16:35:11	Name: 64072 Value:
.pendolatraining.com/	1970-01-20 16:35:11	Name: _gcl_au Value: 1.1.89626453.1693535300
.citi.com/	1970-01-21 00:01:35	Name: s_ecid Value: MCMID%7C34538371880457007934348386949786970550
.everesttech.net/	1970-01-20 23:11:11	Name: everest_g_v2 Value: g_surferid~ZPFMRAAAANQhMANe
.rfihub.com/	1970-01-20 23:47:11	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrM0NzQ3MTe3sBTiM9RNLC8JqQo0M3R3jnQEAN_WQv0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrM0NzQ3MTe3sBTiM9RNLC8JqQo0M3R3jnQEAN_WQv0lAAAA
.dpm.demdex.net/	1970-01-20 18:44:47	Name: dpm Value: 27601135491175728903889712452679831573
.pendolatraining.com/	1970-01-21 00:01:35	Name: mbox Value: session#ce95cf65fa044bf9808971032c011c77#1693537161\|PC#ce95cf65fa044bf9808971032c011c77.37_0#1756780101
.pendolatraining.com/	1970-01-20 14:25:37	Name: mboxEdgeCluster Value: 37
pendolatraining.com/	1970-01-21 00:01:35	Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C19602%7CMCMID%7C34538371880457007934348386949786970550%7CMCAAMLH-1694140100%7C6%7CMCAAMB-1694140100%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1693542500s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19609%7CvVersion%7C3.1.2
.doubleclick.net/	1970-01-20 23:47:11	Name: IDE Value: AHWqTUkT4UuFB46HNYuIwFk6SaFtGflUmP8IMayOZ8oZ7IEVVz3t8rYx45yHv9AZ
.amazon-adsystem.com/	1970-01-20 19:32:18	Name: ad-id Value: A2BqpN-JJ0JBoRLBD-ur0BU
.amazon-adsystem.com/	1970-01-21 00:01:35	Name: ad-privacy Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pendolatraining.com/review_account/verify/img/Citi-Branding-Sprite.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20766699p.rfihub.com
c1.rfihub.net
citi.demdex.net
citicorpcreditservic.tt.omtrdc.net
cm.everesttech.net
dpm.demdex.net
googleads.g.doubleclick.net
iad1.qualtrics.com
metrics1.citi.com
nexus.ensighten.com
pendolatraining.com
s.amazon-adsystem.com
siteintercept.qualtrics.com
sr.rlcdn.com
www.google.com
www.google.de
www.googletagmanager.com
zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
104.17.208.240
193.0.160.130
23.218.208.116
2600:9000:20c3:8c00:1:76cf:fe80:93a1
2a00:1450:4001:802::2008
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:831::2003
34.240.140.136
34.254.70.163
35.190.60.146
52.17.210.114
52.46.128.147
63.140.62.214
66.235.152.143
67.222.38.76
99.84.88.39
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
053690d1b257f0e4044be2a7594019943ceb4d7c1f43c9f0ff71a2fd0bcd874a
0bcc29295c4782c5930c87bbc0905d4af808e189269b069ca2d438c3514c1728
0c9bdbf86639c6a2fce40e1fd9979ebf07dcafe112f9b43b657f05b3fd34b184
0fcf24016f05ab2bcad4749936fd7756ff7bd064ab49bcf14c3bfb64f39148d0
13a59cfac1785dd94d0005457ed1e12cf77fee65b975fe6fd91af77b7ac6cd77
1793f5e6238c74f1cdddd63c9b67900d4f301008cbe7e4f8c3518da48b1449ab
188c6328aa00017bbf5c410dfc7b41c60a23776574872a019822c62bd442e01c
18fe0fbfef31b4ef603a5827ac377792d1a68b93710d285e88623a79ea0e6870
1c0994ba3552881861ba4a42d85b184a408c8da27c174aba9a895a2705051f5b
1dec3124a3e328ae2fa0c52db64d0bae1cac35513a314629a83ee018fb1eb6ca
1eaa61116a44b60d15c87e58db63270223e677db1d546e128906d77d11c8a572
1f14a2b866d397b7ca541c0d1f915c50a81ae6554ef3986af3e264385f915e29
2511823ee589cef1a1b05009d107035ad3d0656d238cdb9ca3f51e53da4c24e6
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
2a9e37969705bfab57e4433e28c5b2f27a46736c37bf5448884776ec4948f408
3724bfeac04f27a8c36e0e13834195f8c032acd23bbb5fd307526ea9bf2b20a6
3802b17b349bbf2f8e03bfd16531a307cbd271d6eab4ca959c7d5cfd458b33e2
42ad3d17dda97b7ff3a509ca84eb4a4f7aa8502bf26a0ab6859c7a4e8c48fae8
43602221f47448e30c4b519f4505eff5f10b967b9988c6ce0b2307006408fcf6
48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593
4c42660d8e839f4165de4905dd9585cbf4e52bfaf787ba3ea1162654793a7bfe
51800d6f9dcb64320a661a6c64412abdf3f7b9b6e9e4a72f1c3ccbd668917c90
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
566095a5f65029a8730735e82ff6cf43336a92723d96484db740011b88467aa1
60e8dd77aa096f30559afbe2ae4ed16c17eee437edaa8a710437e54a267a8b2f
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
6be43847215228d91b45d5ddf0e9e8777278c2d587a4cf5ee3a9e119e491aff4
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
70f3cacfaa80a9d270cf98ce26fef532b1004bc471a20611f35bc70cd6d8d899
71edd36b22d51c75c810a78194b9ede22661a449a0c42886dd6dafbf0df241f6
7713d20bc523112a4dd0c1409159b1a8b4c1122349d1c042977977707047d492
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eb821fdbecc257e465134406b5e87ac5a4655a5fa358c1231bebfa7c2e1031b
7ebc758b69a1bfab7318a0dd886f5716f9e511774367dad949f0d59f4e120eea
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8a318f5c1db93c7b1c2a8cae2a3e53202fb0d50b1f1bbb259d51ac4fff072cfe
8e82176c3ee11b36dbbc4aaef389145582fd3e46f8feaf4821e537c6a2381c7d
965a2c31659c544a6a01fbe1bac9958452aa28ccb7ac568867ded1ac95230674
9a74546a8f511f31b5252f115d2db7aa69370ca5eeaf6828f60abb197f35a169
9e59aed7a46591c6dd2b28fc147050c3fa37879c69a79021e999be845cfaf8bd
a3ba56641b8def4ebe1443ffdbb9c650350a6dbbad040afe6955a1d87eca9087
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
ac2a232aa1326ea5d52067ead4c4d5af7d0302313ace12a8180feb5914478092
b34b0f5d47e3efc9d36f58289370a0c1bd9e0555ba91603afa9d20c500b545af
b657aec59f9aa3451c7055956e533f949282f2d4bb29d54d1a120974891dce64
b8e446605f92c29a178dd6494688103ac268004592afe06643df46f4bff68577
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
c0a2d8d2c814b20e1c9141321c11837e3884dacbc7e0d35f0442a74449922472
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
c54d769de930640d39157bbdd8be7bc8d525286defebf45afc79181188cd641e
c73e69a929ce513e05bba4a3359296cf41064aaff3355d900b971ca39175a935
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
d4e47b641e03b6d4601778db01fd17b5e86ad6c0f935945a83faf8a18fa51b23
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c95870f3179767bb745f13d4b91ea8c910e7fd242062041b0148d7547e8305
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14ed9676703747b8e089a792521642e11b6c2ed132665857ccd842237ba027d
f2257d5dcff45e05bb9d046829b14c16dc3751a2e620af325231c44506d63f1a
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f52d3c30b6c6bee2a58be8ef68ef888afac80bd03f031e98e77f04d94709f9d0
f94cb7cab7413f3e828c469111e3f9ee7bf21ac163cea343be2cdef866160d40
fac2b4fd937b82c23ba1f35e6b486ecf902ca420f8824d1acb57f805451188c0

pendolatraining.com Open in urlscan Pro 67.222.38.76 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

97 %HTTPS

29 %IPv6

15 Domains

18 Subdomains

16 IPs

4 Countries

2108 kBTransfer

5914 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pendolatraining.com Open in urlscan Pro
67.222.38.76 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

97 %
HTTPS

29 %
IPv6

15
Domains

18
Subdomains

16
IPs

4
Countries

2108 kB
Transfer

5914 kB
Size

18
Cookies

91 HTTP transactions
0 data transactions