globalannualirsurvey.citigatedewerogerson.com Open in urlscan Pro
44.207.78.112  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response globalannualirsurvey.citigatedewerogerson.com/	97 KB 20 KB	623ms 198ms	Document text/html	44.207.78.112 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.207.78.112 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-207-78-112.compute-1.amazonaws.com Software / Resource Hash 0413e327a1fed25de09c710237eb4c91a1d95fae9ac39e36dc40d5dd5a06e7de Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 53 content-encoding gzip content-length 20609 content-type text/html date Sat, 18 Feb 2023 18:16:17 GMT vary x-wf-forwarded-proto, Accept-Encoding x-cache HIT x-cache-hits 1 x-cluster-name us-east-1-prod-edge-blue x-served-by cache-iad-kjyo7100054-IAD x-timer S1676744177.028682,VS0,VE1
GET H2	200	citigate.webflow.60600858d.css assets.website-files.com/635805f4baeb6103d4109fd2/css/	191 KB 24 KB	250ms 130ms	Stylesheet text/css	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 37915805053f58025a64c9f2c58f5e3515164e8d0e19d5bbdaa2b6bee2dff10f Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id B84qFI1452mcl_hgFQ1XThNujBkYaZCP content-encoding gzip via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) date Sat, 18 Feb 2023 18:16:18 GMT x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 23962 last-modified Tue, 10 Jan 2023 11:05:48 GMT server AmazonS3 etag "11267e170f16d604c299ca9e354b2b7e" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id G3GxJEusndWi_Tn8eeLuNugDl-SmgYiAD_6RMgpZbIgfYt6E4WHLDg==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	83ms 23ms	Script application/javascript	52.222.232.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=635805f4baeb6103d4109fd2 Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.144 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-144.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://globalannualirsurvey.citigatedewerogerson.com/ Origin https://globalannualirsurvey.citigatedewerogerson.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 04:19:11 GMT content-encoding gzip via 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront) age 50247 x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id usfG3aa4OTWa5RaYl57zxSP4tCsWCp-w6bbpYDJlR7H09U7HLlZqXw==
GET H2	200	webflow.7d529cfe3.js Show response assets.website-files.com/635805f4baeb6103d4109fd2/js/	715 KB 144 KB	267ms 148ms	Script text/javascript	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/js/webflow.7d529cfe3.js Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bb62dcf10da73b692853d260451aad6443a846f4b53e65d3b27a7d736ef35532 Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id 1bUW2oRyNdDuYBVr2MRvAxw4JqjeP9QE content-encoding gzip via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) date Sat, 18 Feb 2023 18:16:18 GMT x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 147291 last-modified Tue, 10 Jan 2023 11:05:48 GMT server AmazonS3 etag "3ffc50db20888733d46139dd790488e1" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id _U633V_C3BK0wx6ApL0zdXA7755u_ObpgXM3LaMk6kZRasulrQUSKA==
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/	82 KB 27 KB	48ms 22ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1523093 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26660 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-14983" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNI6IX1P4gAPkxakRYGMsDv6vf3EMtmP06MuCSDoV32y4cBDI3lSFnZfqAij8HXkYisCaXJm2WAcevRIaUTW2N7QSBL7iU0JkfHCPN%2Bqt5rBtbaMTHoNCaQAaxQxyVQDaDHwo8Fghsp9OUnko2OzPP5a"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79b8c0c39daf383e-FRA expires Thu, 08 Feb 2024 18:16:17 GMT
GET H2	200	waypoints.min.js Show response cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/	8 KB 3 KB	51ms 26ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 164913 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2331 last-modified Mon, 04 May 2020 16:17:51 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb0402f-1f6c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpToQaSzr78Nr4nsTkGSetKwnc4OJbML98SDScRL9N%2Bxp5NJ%2BxagTm0eCROtYnu6tW4sCT109DgUBNtMgNC472Nv7X1dgKAl%2FxVt8pnrWMv7ZmL0EDYg3435%2ByMo3rcIQCRvMY8nV%2Fv7oXmrqWcaUctI"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79b8c0c39db2383e-FRA expires Thu, 08 Feb 2024 18:16:17 GMT
GET H2	200	jquery.counterup.min.js Show response cdn.jsdelivr.net/jquery.counterup/1.0/	1 KB 1 KB	77ms 30ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/jquery.counterup/1.0/jquery.counterup.min.js Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 603e3b6061c49f8c02f07e5152c5d7381defba10c8fe73f95090e19a78de0397 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15159901 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19139-FRA, cache-iad-kiad7000179-IAD server cloudflare etag W/"42f-YzteFSlsJJhNsZKJU944+r1/DPU" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PC%2FTOzzHfPq5REMV%2BhaamWf%2FesW%2F1%2F3O9Z8%2FVxAbflnvRfZMkceA9EjaaPg2mABndGxzEBf9ga1%2B3y3ofiB9cHzN7OBKoteaNYqEuvf%2BK%2Bi3NBEd5Lj2ZUlpjTMVbWYwODwMJ2An2rvdKrkHdE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 79b8c0c3bcf59b8c-FRA
GET H2	200	635805f4baeb613b6410a035_segoeuisl.ttf assets.website-files.com/635805f4baeb6103d4109fd2/	834 KB 410 KB	524ms 480ms	Font application/x-font-ttf	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb613b6410a035_segoeuisl.ttf Requested by Host: assets.website-files.com URL: https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 38a85c09ee4fc558e7739ebdd1a15a06e2846ebb787cf73b1b6476a3a5b22000 Request headers Referer https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Origin https://globalannualirsurvey.citigatedewerogerson.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id E06OfBR01ELGdIDprxBjEaBTUk4UXdFL content-encoding br via 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 etag W/"426088e434f43481b24859270171b906" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id fUn0uXdyHmKs0DY3JwEoaQKFOntPiHM2iecfVFDIk_-cXPS3qZCvbQ==
GET H2	200	635805f4baeb6193ca10a032_segoeuib.ttf assets.website-files.com/635805f4baeb6103d4109fd2/	929 KB 456 KB	565ms 521ms	Font application/x-font-ttf	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb6193ca10a032_segoeuib.ttf Requested by Host: assets.website-files.com URL: https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1b242874a2f57529060e770ba313e027a99d40b3c36e1c7e8b2dece16ad6ed88 Request headers Referer https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Origin https://globalannualirsurvey.citigatedewerogerson.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id X0vdKpdTpEtr6Ik9pJ5IWKeB0dm009BF content-encoding br via 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 etag W/"299556cecd6b730bce8230f529e837a1" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id QjGCkrz24zbWn3sUCbFETfWO5-bcEmfXpZkIKRJ1KhKAEr7tho64Ug==
GET H2	200	635805f4baeb614cfc10a034_segoeuil.ttf assets.website-files.com/635805f4baeb6103d4109fd2/	892 KB 446 KB	537ms 494ms	Font application/x-font-ttf	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb614cfc10a034_segoeuil.ttf Requested by Host: assets.website-files.com URL: https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1a2231bbd4fad4a3ac8c0b8a93af0bce58324a8b3605df16038a9e660a0c072a Request headers Referer https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Origin https://globalannualirsurvey.citigatedewerogerson.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id ZOtP9QNzdakbYdJDWxp1h_SS_Mt60lk5 content-encoding br via 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 etag W/"d44929d62a49114d494d1768893fcdf7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id Rjp3YpwGVlWHmwGnvzMVV9nHJdeoLvoi9MGvrAbXI6THIVPohWvvbA==
GET H2	200	635805f4baeb614ff210a031_segoeui.ttf assets.website-files.com/635805f4baeb6103d4109fd2/	933 KB 466 KB	577ms 544ms	Font application/x-font-ttf	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb614ff210a031_segoeui.ttf Requested by Host: assets.website-files.com URL: https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ba32a222b23d727267cf1aba4e5296fe84ce99b9d910915103fc085d7931bc88 Request headers Referer https://assets.website-files.com/635805f4baeb6103d4109fd2/css/citigate.webflow.60600858d.css Origin https://globalannualirsurvey.citigatedewerogerson.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id rMhRG9C4yWuaICyhmrJvXGlFLMXNOmVi content-encoding br via 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 etag W/"d9076ed73f2501090da92fe3c72d3ce6" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id ZuQ6tT_vJr7NMaBibY08i7czcTnN30t6Vz1PEiMNup2Iy-3kS42KGg==
GET H2	200	635805f4baeb61e68510a03f_quote.svg assets.website-files.com/635805f4baeb6103d4109fd2/	467 B 917 B	434ms 432ms	Image image/svg+xml	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb61e68510a03f_quote.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9801213ad8aeee6b1c88d005074b0020cbe7a321b78b2ddbec614d696e998c2b Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id W8UM0BMV0G0bcV2VbmY7.Uj5lwYnbdzQ via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "26f87993b49eafbb4cffa0d628b3fab9" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 467 x-amz-cf-id Qje0dlYBTibYQb0GIcVMyavjLsr1C6yujEVapDBg4ZMLsDRwXcdIfw==
GET H2	200	635805f4baeb618d3710a043_4lines.svg assets.website-files.com/635805f4baeb6103d4109fd2/	567 B 1016 B	428ms 427ms	Image image/svg+xml	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb618d3710a043_4lines.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b5ff4ed9a5eed99a43b7e9a6e68d3c7876c63e9c283155703495364c48d4dd4 Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id dR5ysDVSUUeb3x_Tw_KhEw.M7c4.cuL2 via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "06b4f6e656e0a09cc32fbe67ec7d23db" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 567 x-amz-cf-id 1ymhXUfp0XoM5cm2RqZbKJGUdFLfTJP51IsX7xdqepUdhTFM1i5Oqg==
GET H2	200	635805f4baeb612fc510a03e_Sandra%20Novakov%20transparent%20large%201.png assets.website-files.com/635805f4baeb6103d4109fd2/	454 KB 455 KB	444ms 443ms	Image image/png	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb612fc510a03e_Sandra%20Novakov%20transparent%20large%201.png Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 047aed42c9e11a3f1265202d1537f579bb0c56143eb68363ca04a94f6704d466 Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id u_pS_545NIo3RY_yvIiQ_nZKJZgZW6VG via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "2ebddad821b6d65ffee7496a92018c56" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 465169 x-amz-cf-id 3YzdK8LrPWlSFAyqSovUT-8MtfSgUggDDeEd2eMuKEigERdA5JMgig==
GET H2	200	635805f4baeb6179b410a044_circle_graph_1.svg assets.website-files.com/635805f4baeb6103d4109fd2/	1 KB 1 KB	421ms 418ms	Image image/svg+xml	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb6179b410a044_circle_graph_1.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8c744a92248ead7b60ed7ee3260b6f5c7fb624d6e757ac8d40c2c94541cee423 Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id tWVbLOziNGKkgVzFIy8MeufOjRHuqmtr content-encoding br last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 etag W/"7c27c74f7f32da468d05179fc5e1c1bb" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id Mqflrdh0kYgdH9jGxasfo2l9eCSxkzo-ZpSebL3IUMk5Pklv8w4Uaw==
GET H2	200	635805f4baeb616a9710a045_circle_graph_2.svg assets.website-files.com/635805f4baeb6103d4109fd2/	671 B 1 KB	433ms 431ms	Image image/svg+xml	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb616a9710a045_circle_graph_2.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8f753c15e3a1840a6cd4825baa17657b054385903ae57828b497948c2d6a38df Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id _Be7PCY8SaI9mIiZuM5IB_B3WLk_IXGL via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "55b2fe3ceaeb1f7215901ca779c8b27b" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 671 x-amz-cf-id vqSnELJYu69euJv9cn9wosVLWy8ZwuaUJLCdRJfX1l7kR8kbCR7JbA==
GET H2	200	635805f4baeb6138a910a046_circle_graph_3.svg assets.website-files.com/635805f4baeb6103d4109fd2/	670 B 1 KB	139ms 138ms	Image image/svg+xml	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb6138a910a046_circle_graph_3.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e5e3119f832c8d0bde3c798f42b89621926aef79d8f1be88f32f342e4b3de4c4 Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id wK7pfzIJX_H8HfRruFvLJxhEdQyu7Xnv via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "6252fcc9fb194e7647decd26f13fa76f" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 670 x-amz-cf-id irWajbe70fmOPF-LH7TLz47cujkGK1hgr6CacTcnxR15teYN4p6tSg==
GET H2	200	635805f4baeb613e4510a047_circle_graph_4.svg assets.website-files.com/635805f4baeb6103d4109fd2/	861 B 1 KB	429ms 428ms	Image image/svg+xml	2600:9000:223f:3c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/635805f4baeb6103d4109fd2/635805f4baeb613e4510a047_circle_graph_4.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2d192cde3b25b0895882ad1be976199408e101ad986df7e490db8bea4e1ff3af Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 18:16:18 GMT x-amz-version-id sMX7SjwqhC0Qca6aKKQO63tBvwTyjwYY via 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront) last-modified Tue, 25 Oct 2022 15:51:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "eef81ac3ba495e51a91441b26b38c1b5" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 861 x-amz-cf-id twtRnpjz1rMcSm2DEkhNWajG8Guy1c01aX989UBEv7l-93x4KQdsBA==
GET H2	200	webflow-badge-icon.f67cd735e3.svg d3e54v103j8qbb.cloudfront.net/img/	986 B 1 KB	43ms 14ms	Image image/svg+xml	52.222.232.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3e54v103j8qbb.cloudfront.net/img/webflow-badge-icon.f67cd735e3.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.144 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-144.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 62ec19d15083cbe8e83011166ea431990acebbc3e3ffdef1fce157dfb590d9af Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 10:53:48 GMT via 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront) last-modified Wed, 20 Feb 2019 14:35:04 GMT server AmazonS3 age 26673 x-amz-cf-pop FRA56-P4 etag "f67cd735e31357df186644dce43ec148" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes content-length 986 x-amz-cf-id TC_cBIw27GFxRztNfNb__-Trm86jBt_Red8so0q2o5HZqZNTBKfnOg==
GET H2	200	webflow-badge-text.6faa6a38cd.svg d1otoma47x30pg.cloudfront.net/img/	4 KB 2 KB	302ms 19ms	Image image/svg+xml	2600:9000:2304:c800:0:3ec8:d500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1otoma47x30pg.cloudfront.net/img/webflow-badge-text.6faa6a38cd.svg Requested by Host: globalannualirsurvey.citigatedewerogerson.com URL: https://globalannualirsurvey.citigatedewerogerson.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:c800:0:3ec8:d500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9ced8fefb6bac72d336556cde73b3846929d44d253620de919b0d8ee0168ab61 Request headers accept-language de-DE,de;q=0.9 Referer https://globalannualirsurvey.citigatedewerogerson.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id null content-encoding br via 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront) date Fri, 17 Feb 2023 22:43:27 GMT last-modified Mon, 14 Nov 2016 08:40:05 GMT server AmazonS3 age 70402 x-amz-cf-pop VIE50-P1 etag W/"6faa6a38cd86f8d3230ca56aff3d0d47" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=84600, must-revalidate x-amz-cf-id RnazzMTbAUtkB6IEy_pMx17A3rljdnXxB8I-d_gh1U_1Lamf5ornhg==

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| tram object| Webflow

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.website-files.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d1otoma47x30pg.cloudfront.net
d3e54v103j8qbb.cloudfront.net
globalannualirsurvey.citigatedewerogerson.com
2600:9000:223f:3c00:11:3b84:d200:93a1
2600:9000:2304:c800:0:3ec8:d500:93a1
2606:4700::6810:5914
2606:4700::6811:180e
44.207.78.112
52.222.232.144
0413e327a1fed25de09c710237eb4c91a1d95fae9ac39e36dc40d5dd5a06e7de
047aed42c9e11a3f1265202d1537f579bb0c56143eb68363ca04a94f6704d466
1a2231bbd4fad4a3ac8c0b8a93af0bce58324a8b3605df16038a9e660a0c072a
1b242874a2f57529060e770ba313e027a99d40b3c36e1c7e8b2dece16ad6ed88
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2d192cde3b25b0895882ad1be976199408e101ad986df7e490db8bea4e1ff3af
37915805053f58025a64c9f2c58f5e3515164e8d0e19d5bbdaa2b6bee2dff10f
38a85c09ee4fc558e7739ebdd1a15a06e2846ebb787cf73b1b6476a3a5b22000
5b5ff4ed9a5eed99a43b7e9a6e68d3c7876c63e9c283155703495364c48d4dd4
603e3b6061c49f8c02f07e5152c5d7381defba10c8fe73f95090e19a78de0397
62ec19d15083cbe8e83011166ea431990acebbc3e3ffdef1fce157dfb590d9af
8c744a92248ead7b60ed7ee3260b6f5c7fb624d6e757ac8d40c2c94541cee423
8f753c15e3a1840a6cd4825baa17657b054385903ae57828b497948c2d6a38df
9801213ad8aeee6b1c88d005074b0020cbe7a321b78b2ddbec614d696e998c2b
9ced8fefb6bac72d336556cde73b3846929d44d253620de919b0d8ee0168ab61
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
ba32a222b23d727267cf1aba4e5296fe84ce99b9d910915103fc085d7931bc88
bb62dcf10da73b692853d260451aad6443a846f4b53e65d3b27a7d736ef35532
e5e3119f832c8d0bde3c798f42b89621926aef79d8f1be88f32f342e4b3de4c4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d