urlscan.io logo urlscan.io
SecurityTrails logo

citi-widget.2pp.dev Open in urlscan Pro
185.33.247.4  Public Scan

Go To Rescan Add Verdict Report
URL: https://citi-widget.2pp.dev/
Submission: On February 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 185.33.247.4, located in Russian Federation and belongs to RUPROFIT-01, RU. The main domain is citi-widget.2pp.dev.
TLS certificate: Issued by R3 on February 9th 2023. Valid for: 3 months.
This is the only time citi-widget.2pp.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 185.33.247.4 206301 (RUPROFIT-01)
2 2a04:4e42:400... 54113 (FASTLY)
2 82.202.192.242 49505 (SELECTEL)
4 2a00:ab00:501... 49505 (SELECTEL)
31 5
Apex Domain
Subdomains		 Transfer
23 2pp.dev
citi-widget.2pp.dev
2 MB
4 juicyscore.com
score.juicyscore.com — Cisco Umbrella Rank: 504476
62 KB
2 usedesk.ru
lib.usedesk.ru — Cisco Umbrella Rank: 357126
secure.usedesk.ru — Cisco Umbrella Rank: 471449
201 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 360
435 KB
31 4
Domain Requested by
23 citi-widget.2pp.dev citi-widget.2pp.dev
4 score.juicyscore.com citi-widget.2pp.dev
score.juicyscore.com
2 cdn.jsdelivr.net citi-widget.2pp.dev
cdn.jsdelivr.net
1 secure.usedesk.ru
1 lib.usedesk.ru citi-widget.2pp.dev
31 5

This site contains no links.

Subject Issuer Validity Valid
citi-widget.2pp.dev
R3		 2023-02-09 -
2023-05-10		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.usedesk.ru
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.juicyscore.com
GlobalSign RSA OV SSL CA 2018		 2022-03-09 -
2023-04-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://citi-widget.2pp.dev/
Frame ID: B7C15E096D1514F0E7D151FA1DC14405
Requests: 6 HTTP requests in this frame

Frame: https://citi-widget.2pp.dev/common/startwidget
Frame ID: DD8EED4DE5044541C550221C3697FAE0
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Widget

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

31
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2410 kB
Transfer

3272 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citi-widget.2pp.dev/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
f9abee3d835018b3a176e6e5ad12df57f5c40bc61b34e1be927b705b8be52e74
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-security-policy
frame-ancestors *
content-type
text/html; charset=utf-8
date
Thu, 09 Feb 2023 20:23:01 GMT
server
nginx
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
l-kredit.min.js
citi-widget.2pp.dev/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/js/l-kredit.min.js
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
3e97d59c661ce70f075d014ceeafcdd5060e6ec5a07f875d2bb1671ade5ba837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a16a4e"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
19278
bootstrap2.min.css
citi-widget.2pp.dev/css/ 		103 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/bootstrap2.min.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
61968d67bf41007e0c187700f435ce1dbd8747905c818f62f4a14fb9758016fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a0bc0c"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
105740
main-presentation.min.css
citi-widget.2pp.dev/css/ 		449 B
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/main-presentation.min.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
155d5475f411264e211cd7a413984e723d5db3356117fc65ce61b858237a5b55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a120c1"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
449
bootstrap-responsive2.min.css
citi-widget.2pp.dev/css/ 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/bootstrap-responsive2.min.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
6fdb87587e3dec46fe56b12b9f4ddc2d4415085a0d0242e4ce9b3ac1f8473fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a160e0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
16864
/
citi-widget.2pp.dev/ Frame DD8E 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/js/l-kredit.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
f9abee3d835018b3a176e6e5ad12df57f5c40bc61b34e1be927b705b8be52e74
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://citi-widget.2pp.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-security-policy
frame-ancestors *
content-type
text/html; charset=utf-8
date
Thu, 09 Feb 2023 20:23:01 GMT
server
nginx
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
getip
citi-widget.2pp.dev/api/widget/ 		22 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/api/widget/getip
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/js/l-kredit.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
c496fe9f75c426ca2c73978cf71263ad19af88dc7f7ddd578d564565c93d4447
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
content-security-policy
frame-ancestors *
strict-transport-security
max-age=31536000
server
nginx
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
l-kredit.min.js
citi-widget.2pp.dev/js/ Frame DD8E 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/js/l-kredit.min.js
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
3e97d59c661ce70f075d014ceeafcdd5060e6ec5a07f875d2bb1671ade5ba837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a16a4e"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
19278
bootstrap2.min.css
citi-widget.2pp.dev/css/ Frame DD8E 		103 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/bootstrap2.min.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
61968d67bf41007e0c187700f435ce1dbd8747905c818f62f4a14fb9758016fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a0bc0c"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
105740
main-presentation.min.css
citi-widget.2pp.dev/css/ Frame DD8E 		449 B
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/main-presentation.min.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
155d5475f411264e211cd7a413984e723d5db3356117fc65ce61b858237a5b55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a120c1"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
449
bootstrap-responsive2.min.css
citi-widget.2pp.dev/css/ Frame DD8E 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/bootstrap-responsive2.min.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
6fdb87587e3dec46fe56b12b9f4ddc2d4415085a0d0242e4ce9b3ac1f8473fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a160e0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
16864
startwidget
citi-widget.2pp.dev/common/ Frame DD8E 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
514f9224bb4af0c494d9d3caccce0d06af6627317951d147e06e4ac912f1d701
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=31536000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://citi-widget.2pp.dev
Referer
https://citi-widget.2pp.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-security-policy
frame-ancestors *
content-type
text/html; charset=utf-8
date
Thu, 09 Feb 2023 20:23:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ Frame DD8E 		326 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
446611327adb01390eb1937a404e9bf6ce05541af688a5c609cedc9abf39e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Feb 2023 20:23:01 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
6913
x-jsd-version
7.1.96
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
52596
x-served-by
cache-fra-eddf8230124-FRA, cache-hhn-etou8220072-HHN
x-jsd-version-type
version
etag
W/"5193b-XtLWPc40KAm/Ma5olCM1piKxCCI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
chunk-vendors.css
citi-widget.2pp.dev/css/ Frame DD8E 		367 KB
368 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/chunk-vendors.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
43d8bc203a795694d13347f3911d79198cac3821fce679287161b86a438e304d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 10:50:28 GMT
server
nginx
etag
"1d93ae1fd8e48b4"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
375476
app.css
citi-widget.2pp.dev/css/ Frame DD8E 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/css/app.css
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
9392b9e6991231a60227f9c95447428675356a9be49e7568be605ece2ae4e1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 10:50:28 GMT
server
nginx
etag
"1d93ae1fd8bd5ac"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
10156
site.min.js
citi-widget.2pp.dev/js/ Frame DD8E 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/js/site.min.js?v=424
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
57764cad92cd29286810df5e3dc663a4e89813f11fb286cb308344afa7228e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 16:00:10 GMT
server
nginx
etag
"1d937e897a16423"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
17699
webcam.js
citi-widget.2pp.dev/js/ Frame DD8E 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/js/webcam.js
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
d153b3000e77c62426759e66e331ecd0acd050033302c8d233e9b419190ba47a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 10:50:28 GMT
server
nginx
etag
"1d93ae1fd8b63df"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
37343
app.js
citi-widget.2pp.dev/js/ Frame DD8E 		78 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/js/app.js?v=424
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
0e12df127bb8c5fd735ccb4bad75447dee8afc32da0a968855d1ff161b239e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 10:50:28 GMT
server
nginx
etag
"1d93ae1fd8acbfe"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
80382
chunk-vendors.js
citi-widget.2pp.dev/js/ Frame DD8E 		681 KB
683 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/js/chunk-vendors.js?v=424
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
2cbc933b9d588716208b1dcbb00ad06a539df83cbe99e74a9ea59190fdb580a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 10:50:28 GMT
server
nginx
etag
"1d93ae1fd8156dd"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
697565
widget_156262_8742.js
lib.usedesk.ru/secure.usedesk.ru/ Frame DD8E 		656 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.usedesk.ru/secure.usedesk.ru/widget_156262_8742.js
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.192.242 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
s1.ru5.net
Software
nginx /
Resource Hash
ea6538d569771b7599ef2864da0b0dfb5430a04b64caf01b1a2fe7bb63701028

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:02 GMT
content-encoding
gzip
last-modified
Thu, 09 Feb 2023 08:21:43 GMT
server
nginx
etag
W/"63e4ad17-a414d"
content-type
application/javascript
cache-control
max-age=300, private
expires
Thu, 09 Feb 2023 20:28:02 GMT
fast-outline.png
citi-widget.2pp.dev/img/ Frame DD8E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citi-widget.2pp.dev/img/fast-outline.png
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
9b9d8bcf6baece318711d4512e3b42cccd4afcfcd183e259c101de22bce7a705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 15:55:35 GMT
server
nginx
etag
"1d937e7f3b766d0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
4944
truncated
/ Frame DD8E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e531cc6903d057fbbdb6f396c6b96035f54eadc2f4d5966304ff7219f5c9d6a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DD8E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae1868e9d16a3ae1e0a0d02c557d852fa57e2de908321507b9986381b36fcf74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
attention.png
citi-widget.2pp.dev/img/ Frame DD8E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citi-widget.2pp.dev/img/attention.png
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
dae33ecde6053e76c41ef36c742aa903b63638198af5a90524a7f35063c52bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/common/startwidget
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 15:55:35 GMT
server
nginx
etag
"1d937e7f3b74a9e"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
16158
OpenSans-Regular.woff
citi-widget.2pp.dev/fonts/ Frame DD8E 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/fonts/OpenSans-Regular.woff
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/css/app.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
baec724e63a42c587dcde455031c730f69002246904cadffcfaf20a3d75948bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://citi-widget.2pp.dev/css/app.css
Origin
https://citi-widget.2pp.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 15:55:35 GMT
server
nginx
etag
"1d937e7f3b67254"
x-powered-by
ASP.NET
content-type
application/font-woff
accept-ranges
bytes
content-length
67540
OpenSans-SemiBold.woff
citi-widget.2pp.dev/fonts/ Frame DD8E 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/fonts/OpenSans-SemiBold.woff
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/css/app.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
d199b23ca0f6d9057db0b6c784c761f8f8f4bd3bf500133a80ac84c6d6827708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://citi-widget.2pp.dev/css/app.css
Origin
https://citi-widget.2pp.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 15:55:35 GMT
server
nginx
etag
"1d937e7f3b6657c"
x-powered-by
ASP.NET
content-type
application/font-woff
accept-ranges
bytes
content-length
69884
OpenSans-Bold.woff
citi-widget.2pp.dev/fonts/ Frame DD8E 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citi-widget.2pp.dev/fonts/OpenSans-Bold.woff
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/css/app.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.33.247.4 , Russian Federation, ASN206301 (RUPROFIT-01, RU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
7030e021bf4902f402a936a583c06a0261854af53ff6720909636a39379832bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://citi-widget.2pp.dev/css/app.css
Origin
https://citi-widget.2pp.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:01 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03 Feb 2023 15:55:35 GMT
server
nginx
etag
"1d937e7f3b667a8"
x-powered-by
ASP.NET
content-type
application/font-woff
accept-ranges
bytes
content-length
70184
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ Frame DD8E 		383 KB
383 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.1.96
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739dc70ddd8affbac6e6a7a7cec3ff342fd28fcd77e3711a312c01845517a495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin
https://citi-widget.2pp.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Feb 2023 20:23:01 GMT
x-content-type-options
nosniff
age
13437
x-jsd-version
7.1.96
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
391688
x-served-by
cache-fra-eddf8230045-FRA, cache-hhn-etou8220049-HHN
x-jsd-version-type
version
etag
W/"5fa08-x2c2gG9GszeWFK/zkIHWweCMXSI"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js.js
score.juicyscore.com/static/ Frame DD8E 		191 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://score.juicyscore.com/static/js.js
Requested by
Host: citi-widget.2pp.dev
URL: https://citi-widget.2pp.dev/common/startwidget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:ab00:501:14b::3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
7de3733d758b5dabb8f4f1ccc232ebaccdd4f1b3635667a52d0f0fdb127adaf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
https://citi-widget.2pp.dev
date
Thu, 09 Feb 2023 20:23:02 GMT
content-encoding
gzip
server
nginx/1.20.2
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/javascript
p.json
score.juicyscore.com/static/ Frame DD8E 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://score.juicyscore.com/static/p.json
Requested by
Host: score.juicyscore.com
URL: https://score.juicyscore.com/static/js.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:ab00:501:14b::3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
560a49240bb9beec181f57a685d118480369ed23cf675d090a7409fd90ed4a7a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:02 GMT
strict-transport-security
max-age=15768000
server
nginx/1.20.2
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://citi-widget.2pp.dev
access-control-allow-credentials
true
content-length
1068
/
score.juicyscore.com/data/ Frame DD8E 		90 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://score.juicyscore.com/data/?juicyLabsSession=w.202302092023028d73553c-a8b7-11ed-8def-5253aa323049.C&ver=js-14.23.0
Requested by
Host: score.juicyscore.com
URL: https://score.juicyscore.com/static/js.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:ab00:501:14b::3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
0614e11164b4bf00bd0cc3e8e934f2bd0ca15151241bc745648ddcc83ce2a169

Request headers

Referer
https://citi-widget.2pp.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryd8jmwWDWEBgnmdbi

Response headers

date
Thu, 09 Feb 2023 20:23:02 GMT
server
nginx/1.20.2
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
js-response-time
0.010
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://citi-widget.2pp.dev
js-request-content-length
7052
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
content-length
90
usedesk_logo_round.png
secure.usedesk.ru//images/ Frame DD8E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.usedesk.ru//images/usedesk_logo_round.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.192.242 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
s1.ru5.net
Software
nginx /
Resource Hash
af4fd55d4126d144bb8faef720ceb71e625e12dd4d632af71c216696667af12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-widget.2pp.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:23:03 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 13:03:00 GMT
server
nginx
etag
W/"63e24c04-1c15"
content-type
image/png
cache-control
max-age=86400, private
expires
Fri, 10 Feb 2023 20:23:03 GMT
/
score.juicyscore.com/data/ Frame DD8E 		90 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://score.juicyscore.com/data/?juicyLabsSession=w.202302092023028d73553c-a8b7-11ed-8def-5253aa323049.C&sid=8d73553c-a8b7-11ed-8def-5253aa323049&ver=js-14.23.0
Requested by
Host: score.juicyscore.com
URL: https://score.juicyscore.com/static/js.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:ab00:501:14b::3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
0614e11164b4bf00bd0cc3e8e934f2bd0ca15151241bc745648ddcc83ce2a169

Request headers

Referer
https://citi-widget.2pp.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryWMh1mKDXqur7DUKe

Response headers

date
Thu, 09 Feb 2023 20:23:03 GMT
server
nginx/1.20.2
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
js-response-time
0.010
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://citi-widget.2pp.dev
js-request-content-length
1891
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
content-length
90

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange function| fade function| fadeIn function| wgt_removeClass function| testOnload function| testOnload2 function| antiadblock function| getParameterByName function| getUserIp boolean| first_load object| tpl_cl string| tpl_param string| clientIp object| CLObject string| content_cssWidget string| style_bg

1 Cookies

Domain/Path Name / Value
citi-widget.2pp.dev/ Name: WidgetSession
Value: CfDJ8NII6mxcss9OhNJ%2BlRRAGIJINyItw0vwD6W0vkun1O3c1x%2FJ%2BMpnPyx4G8YHk8Ld2s0R%2BX%2F0mT0NFqlqmlTJamtugGxK6sJKFGOtGS%2FsJ2za9k1iP4aufq0oVQtTHV84iBTQrrfCa9X8opmG7uXlpxZORWbeMmaOlTmlNhByIdFH

3 Console Messages

Source Level URL
Text
other warning URL: https://score.juicyscore.com/static/js.js(Line 4)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
rendering warning URL: https://score.juicyscore.com/static/js.js(Line 4)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://score.juicyscore.com/static/js.js(Line 4)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
citi-widget.2pp.dev
lib.usedesk.ru
score.juicyscore.com
secure.usedesk.ru
185.33.247.4
2a00:ab00:501:14b::3
2a04:4e42:400::485
82.202.192.242
0614e11164b4bf00bd0cc3e8e934f2bd0ca15151241bc745648ddcc83ce2a169
0e12df127bb8c5fd735ccb4bad75447dee8afc32da0a968855d1ff161b239e6c
155d5475f411264e211cd7a413984e723d5db3356117fc65ce61b858237a5b55
2cbc933b9d588716208b1dcbb00ad06a539df83cbe99e74a9ea59190fdb580a1
3e97d59c661ce70f075d014ceeafcdd5060e6ec5a07f875d2bb1671ade5ba837
43d8bc203a795694d13347f3911d79198cac3821fce679287161b86a438e304d
446611327adb01390eb1937a404e9bf6ce05541af688a5c609cedc9abf39e72d
514f9224bb4af0c494d9d3caccce0d06af6627317951d147e06e4ac912f1d701
560a49240bb9beec181f57a685d118480369ed23cf675d090a7409fd90ed4a7a
57764cad92cd29286810df5e3dc663a4e89813f11fb286cb308344afa7228e77
61968d67bf41007e0c187700f435ce1dbd8747905c818f62f4a14fb9758016fb
6fdb87587e3dec46fe56b12b9f4ddc2d4415085a0d0242e4ce9b3ac1f8473fd0
7030e021bf4902f402a936a583c06a0261854af53ff6720909636a39379832bd
739dc70ddd8affbac6e6a7a7cec3ff342fd28fcd77e3711a312c01845517a495
7de3733d758b5dabb8f4f1ccc232ebaccdd4f1b3635667a52d0f0fdb127adaf6
9392b9e6991231a60227f9c95447428675356a9be49e7568be605ece2ae4e1dc
9b9d8bcf6baece318711d4512e3b42cccd4afcfcd183e259c101de22bce7a705
ae1868e9d16a3ae1e0a0d02c557d852fa57e2de908321507b9986381b36fcf74
af4fd55d4126d144bb8faef720ceb71e625e12dd4d632af71c216696667af12d
baec724e63a42c587dcde455031c730f69002246904cadffcfaf20a3d75948bd
c496fe9f75c426ca2c73978cf71263ad19af88dc7f7ddd578d564565c93d4447
d153b3000e77c62426759e66e331ecd0acd050033302c8d233e9b419190ba47a
d199b23ca0f6d9057db0b6c784c761f8f8f4bd3bf500133a80ac84c6d6827708
dae33ecde6053e76c41ef36c742aa903b63638198af5a90524a7f35063c52bde
e531cc6903d057fbbdb6f396c6b96035f54eadc2f4d5966304ff7219f5c9d6a9
ea6538d569771b7599ef2864da0b0dfb5430a04b64caf01b1a2fe7bb63701028
f9abee3d835018b3a176e6e5ad12df57f5c40bc61b34e1be927b705b8be52e74