online-secureuser7654365citi1654654.duckdns.org Open in urlscan Pro
34.106.153.222 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://online-secureuser7654365citi1654654.duckdns.org/secure/
Submission: On December 17 via automatic, source openphish (December 17th 2021, 1:27:23 am UTC) — Scanned from DE

Summary HTTP 425 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 19 domains to perform 425 HTTP transactions. The main IP is 34.106.153.222, located in Salt Lake City, United States and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is online-secureuser7654365citi1654654.duckdns.org.

This is the only time online-secureuser7654365citi1654654.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
235	34.106.153.222 34.106.153.222	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
13	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	23.67.141.195 23.67.141.195	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.235.253.107 34.235.253.107	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.192.68 151.101.192.68	54113 (FASTLY) (FASTLY)
93	91.235.133.67 91.235.133.67	30286 (THM) (THM)
2 5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	91.235.132.130 91.235.132.130	30286 (THM) (THM)
3	192.225.158.3 192.225.158.3	30286 (THM) (THM)
1	151.101.1.175 151.101.1.175	54113 (FASTLY) (FASTLY)
2	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	13.32.22.87 13.32.22.87	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:7800:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.128 199.38.167.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	13.32.22.112 13.32.22.112	16509 (AMAZON-02) (AMAZON-02)
4	192.193.179.248 192.193.179.248	25883 (CITIGROUP) (CITIGROUP)
3	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1377	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
425	28

235 34.106.153.222 (Salt Lake City, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 222.153.106.34.bc.googleusercontent.com

online-secureuser7654365citi1654654.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.141.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-141-195.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.235.253.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-253-107.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.68 (United States)

ASN54113 (FASTLY, US)

assets.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

93 91.235.133.67 (United States)

ASN30286 (THM, US)

content22.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net

89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-87.fra56.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7800:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

20822230p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-112.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.193.179.248 (United States)

ASN25883 (CITIGROUP, US)

prod.report.nacustomerexperience.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.134.131 (United States)

ASN30286 (THM, US)

89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1377 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
235	duckdns.org online-secureuser7654365citi1654654.duckdns.org	18 MB
98	citi.com www.citi.com Failed online.citi.com contents3.00110.citi.com Failed content22.online.citi.com prod.report.nacustomerexperience.citi.com	580 KB
16	google.com www.google.com	2 KB
13	ensighten.com nexus.ensighten.com	74 KB
12	online-metrix.net h.online-metrix.net 89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net 89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net 89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net 89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net 89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net 89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net	88 KB
8	google.de www.google.de	1 KB
8	doubleclick.net googleads.g.doubleclick.net	10 KB
8	bing.com 1 redirects bat.bing.com c.bing.com	12 KB
5	clarity.ms 1 redirects www.clarity.ms c.clarity.ms b.clarity.ms	24 KB
5	googletagmanager.com 2 redirects www.googletagmanager.com	110 KB
5	tvpixel.com p.tvpixel.com c.tvpixel.com	32 KB
4	kampyle.com assets.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	8 KB
2	rlcdn.com 1 redirects sr.rlcdn.com	380 B
2	medallia.com resources.digital-cloud-citi.medallia.com	89 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	rezync.com live.rezync.com	30 B
1	rfihub.com 1 redirects 20822230p.rfihub.com	707 B
1	agkn.com d.agkn.com	599 B
1	pbbl.co cdn.pbbl.co
425	19

	Domain	Requested by
235	online-secureuser7654365citi1654654.duckdns.org	online-secureuser7654365citi1654654.duckdns.org
93	content22.online.citi.com	online-secureuser7654365citi1654654.duckdns.org content22.online.citi.com
16	www.google.com	online-secureuser7654365citi1654654.duckdns.org
13	nexus.ensighten.com	online-secureuser7654365citi1654654.duckdns.org
8	www.google.de
8	googleads.g.doubleclick.net	www.googleadservices.com
7	bat.bing.com	bat.bing.com
6	h.online-metrix.net	online-secureuser7654365citi1654654.duckdns.org content22.online.citi.com
5	www.googletagmanager.com	2 redirects online-secureuser7654365citi1654654.duckdns.org
4	prod.report.nacustomerexperience.citi.com	online-secureuser7654365citi1654654.duckdns.org
4	p.tvpixel.com	online-secureuser7654365citi1654654.duckdns.org
2	b.clarity.ms	online-secureuser7654365citi1654654.duckdns.org
2	c.clarity.ms	1 redirects
2	sr.rlcdn.com	1 redirects online-secureuser7654365citi1654654.duckdns.org
2	resources.digital-cloud-citi.medallia.com	nexus.ensighten.com online-secureuser7654365citi1654654.duckdns.org
2	udc-neb.kampyle.com	online-secureuser7654365citi1654654.duckdns.org
1	c.bing.com	1 redirects
1	www.clarity.ms	bat.bing.com
1	www.googleadservices.com	online-secureuser7654365citi1654654.duckdns.org
1	89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net
1	89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net
1	89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net
1	live.rezync.com
1	20822230p.rfihub.com	1 redirects
1	d.agkn.com
1	c.tvpixel.com	online-secureuser7654365citi1654654.duckdns.org
1	cdn.pbbl.co	nexus.ensighten.com
1	nebula-cdn.kampyle.com	online-secureuser7654365citi1654654.duckdns.org
1	89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net	online-secureuser7654365citi1654654.duckdns.org
1	89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net	online-secureuser7654365citi1654654.duckdns.org
1	89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net	online-secureuser7654365citi1654654.duckdns.org
1	assets.kampyle.com	online-secureuser7654365citi1654654.duckdns.org
1	online.citi.com	online-secureuser7654365citi1654654.duckdns.org
0	contents3.00110.citi.com Failed	online-secureuser7654365citi1654654.duckdns.org
0	www.citi.com Failed	online-secureuser7654365citi1654654.duckdns.org
425	35

This site contains links to these domains. Also see Links.

Domain
online.citi.com
www.citigroup.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
www.citi.com
play.google.com
itunes.apple.com
www.jdpower.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2020-03-13` - `2022-05-14`	2 years	crt.sh
*.tvpixel.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
content22.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-14` - `2022-08-06`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.d.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-04-07` - `2022-04-07`	a year	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2021-11-15` - `2022-10-20`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
prod.report.nacustomerexperience.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-05-05` - `2022-07-04`	2 years	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh

This page contains 38 frames:

Primary Page: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Frame ID: BAE6A764B0B33BD4D9174D643F38FB87
Requests: 180 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Frame ID: 49A5925C2A4AD6BFD5A15FC092795709
Requests: 53 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/425466.html
Frame ID: 05B0996C1FA142AECD002EBC2FB2238A
Requests: 1 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Frame ID: 749A01BA27330AC18B8F678B0F3388AC
Requests: 49 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Frame ID: 089657FBDFFC6D11083D8E11EA9F6F94
Requests: 48 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/pixel.html
Frame ID: F1DF7BF2C723BBEF090CE6B60D0A2BC2
Requests: 1 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
Frame ID: AC01B98CE8CFCE8544274F2CE771A87A
Requests: 7 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(1).html
Frame ID: 8F8CC37F45AE9835D80304858EF0DDD8
Requests: 3 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(1).html
Frame ID: D9BEA0196B42C0A548780CB889A5067E
Requests: 2 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/top_fp(1).html
Frame ID: 38C1BF6989CA3B446AE9DDA36C2995C0
Requests: 1 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(2).html
Frame ID: B8F1BCFF6446B21D4CA5193BEC94697C
Requests: 3 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(2).html
Frame ID: 14B381A3F38E3E0AE5C26BDA63906B5C
Requests: 2 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/top_fp(2).html
Frame ID: FF4DEC198E8BA2BE14A46FF12BCA7575
Requests: 1 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp.html
Frame ID: 7C4237C9B24C24743B5DC372B0CAEC31
Requests: 3 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp.html
Frame ID: 1DDBFF311020398430F2513C721CCD4B
Requests: 2 HTTP requests in this frame

Frame: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/top_fp.html
Frame ID: EED181FFC490BEDB50FE6F8511FFF35D
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
Frame ID: 19D411A5E8F51BECA0E9EA92ABEF9327
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
Frame ID: 1E44A9EE5D4DE47C1C8077F3F72B4C18
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
Frame ID: 4302F62CCB04EC2EA7412176E491B9C9
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
Frame ID: 1D602AD81E06AC6D91CB28A04EE70F3F
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
Frame ID: DE68A8E2ED8249092F8694DA998B36D7
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
Frame ID: DBF2851E494A2AE28DB1699769A67A30
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
Frame ID: DE2335E064A63F2E76F7D594D8A76268
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
Frame ID: 3D033E4DA88B2BABB7690589E1143D34
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
Frame ID: 3E42CEFF65943548800E1D71555BE0E6
Requests: 1 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 03F1A012218E0679F93901C2870E6078
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jb=343926246a736d7d3f4c6b6e77782662716f3f4e6b6e757a2468736a7d3f41607a6f6565266271603d4168706f6565253232313e
Frame ID: AC5BB44CF300D1D51E521288C2C03F85
Requests: 14 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jb=3c39242462716d7d3d4c6b6675702e6a716f354e696c757a266a736a773d4368706d6f65266271603f416a706d6f67253a303936
Frame ID: 0D27AA81ADA043C893B33BA7E44D6C9C
Requests: 14 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jb=363926266873677d3d4c6b6c77782468716d3f4c6b6c757a26627160753d43607a6d6f6d266a7b6a3f4168706d6d652732303b36
Frame ID: 726E084033760601447F0D3FDB9ADF4F
Requests: 14 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
Frame ID: 2E8C5A96E035A74B0B1AF7D272E5D19D
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
Frame ID: 6B89C1B98041C9E76B1E935104ADE2D8
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
Frame ID: B32D30EDD13209EBDC778712D74141C0
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
Frame ID: 7AC85678D1FC2D06AF45D11BE125698C
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
Frame ID: 25B7CD1E23ADBE0706006AE592D4BA3B
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
Frame ID: 9720DF98265168643ADD694DC1633E7D
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
Frame ID: 6FCF1AF30D40DB769364A7938CC0194B
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
Frame ID: 9E6D7F7991ADC101A18DC8005F51A1F2
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
Frame ID: E7C8A7451E6EA60F23F6F0608D9095D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On to Your Citi Account - Citibank

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

425
Requests

38 %
HTTPS

25 %
IPv6

19
Domains

35
Subdomains

28
IPs

3
Countries

19084 kB
Transfer

22539 kB
Size

31
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citi.com/US/ag/forgot-userid-pwd/account-type?fuipFlowInd=userID
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/activate/index
Title: Activate a card

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/forgot-userid-pwd/account-type?fuipFlowInd=pwd
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/bank/registration/set-up-online-access
Title: Register for online access

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits and Services

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/citigold-private-client
Title: Citigold® Private Client

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/small-business-banking
Title: Small Business Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Personal Banking

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=todays_mortgage_rates&type=buy
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=home_equity_rates
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/personal-loans-and-lines-of-credit
Title: Lending

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/helptopic
Title: Help & FAQs

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/security-center
Title: Security Center

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title: Continue

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title: Continue

Search URL Search Domain Scan URL

URL: http://www.jdpower.com/awards
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citibank
Title: Continue

Search URL Search Domain Scan URL

URL: https://twitter.com/Citibank/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title: Continue

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/termsdisclaimer/termsdisclaimerhome
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://online.citi.com/JRS/portal/template.do?ID=Privacy#notice-at-collection
Title: Notice at Collection

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/dataprivacyhub
Title: CA Privacy Hub

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 260

http://www.googletagmanager.com/gtag/js?id=DC-6268858 HTTP 302
https://www.googletagmanager.com/gtag/js?id=DC-6268858

Request Chain 261

http://www.googletagmanager.com/gtag/js?id=DC-6260004 HTTP 302
https://www.googletagmanager.com/gtag/js?id=DC-6260004

Request Chain 303

http://www.googletagmanager.com/gtag/js?id=AW-916451471 HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-916451471

Request Chain 305

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

Request Chain 306

http://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 HTTP 301
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709

Request Chain 309

https://20822230p.rfihub.com/ca.html?rb=648&ca=20822230&ra=769943054&_o=17169175&_t=zx-cookie-match HTTP 302
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1813050708747235577

Request Chain 392

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=A77CCC472B8E440183802C452ED2EC06&RedC=c.clarity.ms&MXFR=250399C276766B0A1F2088D27276657E HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=A77CCC472B8E440183802C452ED2EC06&MUID=1BDAC5EA00FC6E320468D4FA012E6F34

425 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
online-secureuser7654365citi1654654.duckdns.org/secure/ 344 KB
344 KB 379ms
263ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 17 Dec 2021 01:27:00 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK f.txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 37 KB
37 KB 1188ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f.txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 38022

GET
H/1.1 200
OK cool-2.1.15.min.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 14 KB
14 KB 1285ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cool-2.1.15.min.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 13891

GET
H/1.1 200
OK tc.min.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 19 KB
19 KB 138ms
138ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tc.min.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 19498

GET
H/1.1 200
OK js Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 266ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 192342dece60dbba81a5d57f1ee771e2847dc75ca1028c4ff0caaa89ba0269ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 99403

GET
H/1.1 200
OK js(1) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 300ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(1)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ce27e9325578e87d56fb6067cea56737c8a1fec538e1a823a72e5c4c2de4ab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 99403

GET
H/1.1 200
OK js(2) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 360ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(2)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: feb51770e950d4375c64c7045dba448a58adf5363569fa1e1f3e06937aa11007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 99539

GET
H/1.1 200
OK js(3) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 131ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(3)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4c8e7a9b90d81d5546fd28d8dcc95c51329c2eeda5eac8348ce1ee5913e49fdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 99510

GET
H/1.1 200
OK js(4) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 133ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(4)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 193238ab76da5459deca110ce1d66df1e8c4704397e025072eb03b2ea88adf0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 99539

GET
H/1.1 200
OK js(5) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
98 KB 132ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(5)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 51369dbf29e69b578b41d4e58bfd7f7845ff88baa6595c954fa9fddf0dbecf5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 99633

GET
H/1.1 200
OK js(6) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 132ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(6)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf7853273ca8063f3944cca69bc18fdc056db7c373386b4534a9dbc3a9f8c6c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 99539

GET
H/1.1 200
OK js(7) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 133ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(7)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3950c8b755ebd006f07c6f1fd8595ddb482de737b2881e93bd25b4e932ba0832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 99539

GET
H/1.1 200
OK bat.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 35 KB
35 KB 133ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/bat.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 35663

GET
H/1.1 200
OK dpm_pixel_min.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 103 KB
103 KB 132ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/dpm_pixel_min.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 105110

GET
H/1.1 200
OK js(8) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 97 KB
97 KB 134ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(8)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 460d13e70e1f2ee022a7c67fd5ac1c6a3562b358f00a579e40bb89f4dbfe5a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 99518

GET
H/1.1 200
OK js(9) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 87 KB
87 KB 133ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(9)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8af070f2f55051d709a513db37d217d7109ae2150bf226100e6b9c7866844499

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 89356

GET
H/1.1 200
OK js(10) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 87 KB
87 KB 133ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(10)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2861b2d82fec30deb83e23b981db306dfef251b7712576ee2abfe668e1084ac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 89356

GET
H/1.1 200
OK js(11) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 87 KB
87 KB 131ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(11)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 94bd0aa5378cc695113022cf5f09877c2444520fe1e8c1100d7e26f048b25427

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 89356

GET
H/1.1 200
OK js(12) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 87 KB
87 KB 133ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(12)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4617d721a72730b105417ff7d971cad16a84a6fb8da05729ac45f69a02396600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 89356

GET
H/1.1 200
OK js(13) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 87 KB
87 KB 132ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(13)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8c9db6aae864c399cd193941140f47128eb99ef4310795eda5befe70ff7b3d91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 89335

GET
H/1.1 200
OK js(14) Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 87 KB
87 KB 132ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(14)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ff8ab7046d29477deea04c4871c3855e3bd73df92dec600c8b387d9905b62ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 89335

GET
H/1.1 200
OK d33293fff240236324c71f107f7c8dbd.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 4 KB
4 KB 133ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/d33293fff240236324c71f107f7c8dbd.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a52ab14f213aee9dd4812843a9ef65a6f636b6f7ae7120e9b9821ba96af70b4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 4069

GET
H/1.1 200
OK bb61038db92ca743e79ac88a2d977efe.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 340 B
594 B 133ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/bb61038db92ca743e79ac88a2d977efe.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 63a37c8b23a9f3953a94d7887a80395ebeb1c25c1c9561fff6a4991c4a6a8676

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 340

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 396 KB
396 KB 131ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 405607

GET
H/1.1 200
OK c1997fc4285b4ded7a3ef6dce5a65f2b.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 22 KB
23 KB 2589ms
134ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/c1997fc4285b4ded7a3ef6dce5a65f2b.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 88fc4b693b8bbadd822119802f0b7f3039c7fdaffc03c6a4e4c1ee3b2127a674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 22873

GET
H/1.1 200
OK f1d424be7dfd03475beb6dfc2f1cd2ea.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 118 KB
119 KB 2780ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f1d424be7dfd03475beb6dfc2f1cd2ea.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ea443941c23136440c6e80fa8c83e99402564222964f960921476eb82bb431f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 121285

GET
H/1.1 200
OK 468b3e37a21c4198f4939c8aaca98066.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 1 KB
2 KB 2738ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/468b3e37a21c4198f4939c8aaca98066.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 1477

GET
H/1.1 200
OK 51aba9f62787efbaa13e53a8d1ae3892.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 1 KB
2 KB 2751ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/51aba9f62787efbaa13e53a8d1ae3892.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 1322

GET
H/1.1 200
OK a9780b65076b52465fb6be4319e40f20.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 155 KB
156 KB 2732ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/a9780b65076b52465fb6be4319e40f20.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0e0b42f83994ef5771755c73a41bea8af80a20a8f9deb44649ca34ff75863c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 159062

GET
H/1.1 200
OK 3ae5401499ebbfa990c60e4063f9b6af.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 2729ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/3ae5401499ebbfa990c60e4063f9b6af.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 381755f71c74f975a9ac540fe1ede4a3fc9b1fab96d800b86d635d526d27b8a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 1585

GET
H/1.1 200
OK 557566dc60916e3de69e006bef252459.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 554ms
136ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/557566dc60916e3de69e006bef252459.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 2183

GET
H/1.1 200
OK 42d4d669434e7d621371bd59ca097dbf.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 5 KB
5 KB 401ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/42d4d669434e7d621371bd59ca097dbf.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 4796

GET
H/1.1 200
OK d90ce1a791ada193ee0ca4e9ce66632d.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 5 KB
5 KB 452ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/d90ce1a791ada193ee0ca4e9ce66632d.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 4849

GET
H/1.1 200
OK fdf45a7c15c1cee06bb71e10dac4e26e.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 989 B
1 KB 395ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/fdf45a7c15c1cee06bb71e10dac4e26e.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=62
Content-Length: 989

GET
H/1.1 200
OK serverComponent.php Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 263ms
259ms Script
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/serverComponent.php
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 016b0590183f82205fe441fee93850bd80df4d9552cdbd9fbba284b935242f64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 251 KB
251 KB 260ms
257ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/6c8322c7341eac98645c10e3d1d3c7ae.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e83d41b48708d19862e5bd32a6e7d25e7aa9c3bb4f49f967b36f2e93619eb0a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 256678

GET
H/1.1 200
OK tagging.min.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 42 KB
42 KB 267ms
262ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tagging.min.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3d594246baf1e88fe62fc2bf1adf9ff76c53e390731f99455eb71d7441ba8f00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43191

GET
H/1.1 200
OK banner.min.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 15 KB
15 KB 267ms
262ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/banner.min.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e6399fca6cbab33a9b3831e797db3e27e5438340da68f73b02710a3a75f58baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15472

GET
H/1.1 200
OK Bootstrap.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 289 KB
289 KB 267ms
261ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ff723ad535bb51caa4e379125786ca1d328f29faa1bb59733728bf16453053c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 295668

GET Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET
H/1.1 200
OK styles.187a58a1499ec83981b8.css
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 1 MB
1 MB 290ms
131ms Stylesheet
text/css 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 54114d6a66ff9b0a463cb8804b869581eb63483f4a78f5fc4367861bb2267a50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1261653

GET
H/1.1 200
OK tags.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 80 KB
80 KB 403ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tags.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 651ebd4bc6f8839724c4170e4a2a371ec8ef7ec4e84a137f272c7a3c0b405dcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 81693

GET
H/1.1 200
OK 1-es2015.d04d60e16e17d097d528.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 746 KB
746 KB 423ms
134ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/1-es2015.d04d60e16e17d097d528.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8322edb47f5a2f8dc4b8767813922f6918dcfa00d8c93de0017b04db649f63d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 763874

GET
H/1.1 200
OK logo.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 96 B
349 B 518ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/logo.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3fffb8d87957014886c19a6facfef2acbeb84d739b58be7bb01fd963448e2bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 96

GET
H/1.1 200
OK tags.js(1).download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 80 KB
80 KB 399ms
133ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tags.js(1).download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: c64cbd472959e09b0eb3f25f31c09c8e80547071c69abf8db3b66a4a711c77fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 81693

GET
H/1.1 200
OK cedric.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 602 KB
603 KB 296ms
138ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cedric.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 616835

GET
H/1.1 200
OK tags.js(2).download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 80 KB
80 KB 187ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tags.js(2).download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b71ccf6edf4f945fe0cb55240b606077eb77930db0f12fadb5859091a5967102

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 81693

GET
H/1.1 200
OK embed.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 267ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/embed.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 58edfbfc2f0d71cba3b2f3c7e20e86af09b6e7097c76db4e57cd9b4abe106b50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1573

GET
H/1.1 200
OK 16001692.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 0
252 B 135ms
135ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/16001692.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 0

GET
H/1.1 200
OK 16003743.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 0
252 B 131ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/16003743.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 0

GET
H/1.1 200
OK f(1).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 399ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(1).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 24ae3bdb3c016eefc3e7519084cccfe577540cc99624de7f50ecf8f651d100e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1767

GET
H/1.1 200
OK f(2).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 407ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(2).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3fd98b9b4f926fc187f5d96d89e84f6400995dbfca8ddb6ab2e25c983191a672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1787

GET
H/1.1 200
OK f(3).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 431ms
137ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(3).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 66142f608346ab15cd117ab93e2c97168ccbcbdcdf6523bc4fea489a18a852fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1767

GET
H/1.1 200
OK f(4).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 530ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(4).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5eddf6e04b7b4d877bcc41b695bc5ade3cd6dc80b2493fb06ff47f68b5d0eb79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1767

GET
H/1.1 200
OK f(5).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 538ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(5).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 60202d0a881aee000e3ef1b52abe7ce6759a52bdc50b97f60ddcb65783fa8d22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1767

GET
H/1.1 200
OK f(6).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 563ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(6).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 10d1a09ed85bc8ad803a16660940e68736b3a86d27bdaf7d96ca872152d55156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:01 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1767

GET
H/1.1 200
OK f(7).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 661ms
131ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(7).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9222fb53874d578cf7d2b8778f4d06c197a5ad3c6c044d3f4428988da18972f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1767

GET
H/1.1 200
OK f(8).txt Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 676ms
137ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/f(8).txt
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6608f3225dd3f373a0fe2701c42427936eb998509a1271ac52dce3b00af54834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1767

GET
H/1.1 200
OK citilogoredesign.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 286ms
146ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/citilogoredesign.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1799

GET
H/1.1 200
OK 050-location@2x.svg
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 550ms
132ms Image
image/svg+xml 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/050-location@2x.svg
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1752

GET
H/1.1 200
OK icon_globe_med-grey@2x.svg
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 3 KB
4 KB 527ms
132ms Image
image/svg+xml 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/icon_globe_med-grey@2x.svg
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3523

GET
H/1.1 200
OK phone.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 10 KB
10 KB 132ms
131ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/phone.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=61
Content-Length: 9873

GET
H/1.1 200
OK qrsignon.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 741 B
982 B 133ms
133ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/qrsignon.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 741

GET
H/1.1 200
OK laptop-and-phone-pairing.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 3 KB
3 KB 133ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/laptop-and-phone-pairing.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 3044

GET
H/1.1 200
OK laptop-and-phone-success.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
3 KB 133ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/laptop-and-phone-success.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 2544

GET
H/1.1 200
OK 320_Citi-PLT@3x.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 11 KB
12 KB 132ms
131ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/320_Citi-PLT@3x.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 11562

GET
H/1.1 200
OK 1440_Citi-PLT@3x.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 27 KB
28 KB 415ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/1440_Citi-PLT@3x.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 28149

GET
H/1.1 200
OK runtime-es2015.d43ecfa67810809a922a.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
3 KB 134ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/runtime-es2015.d43ecfa67810809a922a.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3a4284fc3091796d852c047a85d6f8d91c95e1bb7b1b2c3bb3e69b1d29064488

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2519

GET
H/1.1 200
OK polyfills-es2015.208e90726d88af943fd8.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 175 KB
176 KB 135ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 627660443b6ba8e5a33bb1c0961f9a628a6b956ac4c9cfb3aca7991797d30bc3

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 179630

GET
H/1.1 200
OK scripts.ccc73c512668b4e837d7.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 49 KB
49 KB 132ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/scripts.ccc73c512668b4e837d7.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 50376

GET
H/1.1 200
OK main-es2015.926484ba20d93e7ff0df.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 3 MB
3 MB 139ms
134ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/main-es2015.926484ba20d93e7ff0df.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1ef8a96213dddc1092922838721a9944760936864f654a7975246e377b6271e6

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3071153

GET
H/1.1 200
OK jquery-3.5.1.min.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 87 KB
88 KB 132ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/jquery-3.5.1.min.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=60
Content-Length: 89476

GET
H/1.1 200
OK xmsdk.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 1 MB
1 MB 136ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/xmsdk.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1331767

GET
H/1.1 200
OK qrlogin.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 6 KB
6 KB 145ms
138ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/qrlogin.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 80ca50c063371e37ab3ed2efb9842c2aac89bd9e2ac64de697950c588d4df7c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6321

GET
H/1.1 200
OK config.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 0
252 B 133ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/config.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 0

GET
H/1.1 200
OK generic1634752371595.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 527 KB
528 KB 133ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/generic1634752371595.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=62
Content-Length: 540128

GET
H/1.1 200
OK 0
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 0
214 B 131ms
131ms Image
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/0
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 0

GET
H/1.1 200
OK 0(1)
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 0
214 B 132ms
132ms Image
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/0(1)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 0

GET
H/1.1 200
OK 0(2)
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 0
214 B 134ms
134ms Image
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/0(2)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 0

GET
H/1.1 200
OK 0(3)
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 0
214 B 132ms
131ms Image
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/0(3)
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=59
Content-Length: 0

GET
H/1.1 200
OK 1592741950571_CTA_Feedback(final).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 2 KB
2 KB 297ms
133ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/1592741950571_CTA_Feedback(final).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 2196

GET
H/1.1 200
OK kloader.gif
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ 19 KB
19 KB 134ms
133ms Image
image/gif 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/kloader.gif
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=62
Content-Length: 19110

GET
H/1.1 200
OK / Show response
online-secureuser7654365citi1654654.duckdns.org/secure/ 344 KB
344 KB 381ms
134ms XHR
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tagging.min.js.download
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061

Request headers

appVersion: CBOLV1.0.0
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
client_id: undefined

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 204
No Content e.gif
nexus.ensighten.com/error/ 0
193 B 50ms
7ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:01 GMT

GET
H/1.1 200
OK serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 1 KB
825 B 65ms
22ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Mon%20Nov%2022%2016:55:07%20GMT%202021&ClientID=1129&PageID=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f8ac7288f6002c57f7d91d97b70108e6debb748f00261aa038f4193c37524477

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:01 GMT

GET
BLOB 200
OK c284482d-ae22-47e8-ac06-43cd781a91f4
http://online-secureuser7654365citi1654654.duckdns.org/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://online-secureuser7654365citi1654654.duckdns.org/c284482d-ae22-47e8-ac06-43cd781a91f4
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 165178

GET
H2 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
108 B 43ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1638132188423&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2841783379&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
548 B 41ms
18ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1638132189660&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4213411889&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1638132189676&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3958380041&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1638132189679&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4165928690&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
108 B 41ms
40ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1638132189841&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2866259313&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1638132189843&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2714526458&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1638132189847&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1975215411&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1638132189849&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1166593377&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LSO_4959.jpg
online.citi.com/nga-lite-signon/ 171 KB
172 KB 78ms
13ms Image
image/jpeg 23.67.141.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/nga-lite-signon/LSO_4959.jpg

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.67.141.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-141-195.deploy.static.akamaitechnologies.com

Software

Resource Hash

48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 01:27:02 GMT
last-modified: Mon, 11 Jan 2021 11:55:43 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 174933
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found Citi-Branding-Sprite.png
online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 522ms
131ms Image
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Citi-Branding-Sprite.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Appstore-Googleplay-JDPower-Sprite.png
online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 547ms
131ms Image
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Appstore-Googleplay-JDPower-Sprite.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found social-media_facebook@3x.png
online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 795ms
133ms Image
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_facebook@3x.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found social-media_twitter@3x.png
online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 395ms
133ms Image
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_twitter@3x.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found social-media_youtube@3x.png
online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 547ms
131ms Image
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_youtube@3x.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 271ms
157ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 293ms
166ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 293ms
160ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
nexus.ensighten.com/citi/na_prod/code/ 989 B
1 KB 7ms
7ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Last-Modified: Tue, 14 May 2019 17:01:42 GMT
Server: nginx
ETag: "5cdaf476-3dd"
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 989

GET
H/1.1 200
OK 42d4d669434e7d621371bd59ca097dbf.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 7ms
7ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/citi/na_prod/code/42d4d669434e7d621371bd59ca097dbf.js?conditionId0=4897099
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 17:28:43 GMT
Server: nginx
ETag: W/"615f2e4b-12bc"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 557566dc60916e3de69e006bef252459.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
1 KB 14ms
9ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 16:59:12 GMT
Server: nginx
ETag: W/"5d656160-887"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK c942fa5b036f63cf515027e22894e5aa.js Show response
nexus.ensighten.com/citi/na_prod/code/ 156 KB
34 KB 17ms
12ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/citi/na_prod/code/c942fa5b036f63cf515027e22894e5aa.js?conditionId0=421908
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1a52e20a2d1a14c0f487d961757fe56caa17d172a64820c54950eba91c50933a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 17:36:41 GMT
Server: nginx
ETag: W/"61a66129-26e38"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK d139e7d35fc18934e03ae7d1eb3769bf.js Show response
nexus.ensighten.com/citi/na_prod/code/ 119 KB
34 KB 22ms
17ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/citi/na_prod/code/d139e7d35fc18934e03ae7d1eb3769bf.js?conditionId0=486757
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e7ef42c5bbd7f8d71f7c0a6b1d7de5aab5ef30619267afd49f0f2d27998cdc93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 17:36:41 GMT
Server: nginx
ETag: W/"61a66129-1da35"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found Interstate-Light.ttf
online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 153ms
132ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 137ms
132ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 228ms
132ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK saved_resource.html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 10 KB
10 KB 193ms
133ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 845fb8a7859de5499a50023135f5863388e4a464fd11a14fa77ac62a05d915b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 9985
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK 425466.html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 05B0 427 B
668 B 202ms
131ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/425466.html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 83234a7ccf9b10289c35549b5528c0a8203e3ea5fa497c42ee556121368e37c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:06 GMT
Accept-Ranges: bytes
Content-Length: 427
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK saved_resource(1).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 10 KB
10 KB 209ms
134ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 410b2c6c4e5d803c112ac15ed2e11db6bb1278ed837fa0259d67feaca2d89e4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 9856
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK saved_resource(2).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 9 KB
10 KB 225ms
131ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e103d45f638ac5174b7428a7b0d2f0440766cb8d17c05886e41ae30e62e8825d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 9660
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK pixel.html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame F1DF 184 B
425 B 222ms
132ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/pixel.html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9c53af1ed22f8e1f67c76c9fc493d32cdfa1c3023a574778833a27e90b88e13b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:06 GMT
Accept-Ranges: bytes
Content-Length: 184
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK form1614870341292.html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame AC01 348 KB
349 KB 226ms
133ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: be3a7fefd0171e451a0610798b1ddebec64cd0457d8a9e571498b417c5f15142

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:06 GMT
Accept-Ranges: bytes
Content-Length: 356697
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 404
Not Found Interstate-Light.woff
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 264ms
132ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 204
No Content perf.rnc
nexus.ensighten.com/citi/na_prod/ 0
193 B 7ms
7ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/citi/na_prod/perf.rnc?cid=1129&ns=1639704420526&ce=117&cs=111&dc=0&dclee=0&dcles=0&di=2168&dl=382&dle=111&dls=1&fs=0&lee=0&les=0&rede=0&reds=0&reqs=117&resps=380&respe=894&scs=0&ues=0&uee=0
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:01 GMT

GET
H/1.1 404
Not Found Interstate-Bold.woff
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 233ms
131ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET cr.png
contents3.00110.citi.com/api/v1/ 0
0

GET
H/1.1 404
Not Found Interstate-Light.ttf
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 186ms
132ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 193ms
130ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 396 KB
396 KB 144ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 405607

GET
H/1.1 200
OK clear.png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 162ms
135ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 0

GET
H/1.1 200
OK clear(1).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 207ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(1).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 0

GET
H/1.1 200
OK clear(2).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 81 B
321 B 836ms
131ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(2).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 81

GET
H/1.1 200
OK clear(3).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 287ms
146ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(3).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK clear3.png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 267ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear(4).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 325ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(4).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 200
OK clear3(1).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 349ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(1).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK clear(5).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 384ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(5).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK clear1(3).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 832ms
131ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear1(3).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 0

GET
H/1.1 200
OK clear3(2).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 387ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(2).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear3(3).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 412ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(3).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(4).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 458ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(4).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear3(5).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 420ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(5).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(6).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 418ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(6).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(7).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 394ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(7).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(8).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(9).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(9).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(10).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(10).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(11).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 397ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(11).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(12).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(12).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(13).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 394ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(13).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(14).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 399ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(14).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(15).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(15).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(16).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(16).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(17).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(17).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(18).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(18).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(19).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 394ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(19).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(20).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(20).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(21).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(21).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(22).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(22).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(23).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(23).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(24).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(24).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 0

GET
H/1.1 200
OK clear3(25).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 394ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(25).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(26).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 399ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(26).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(27).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 393ms
130ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(27).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear3(28).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 0
239 B 334ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(28).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 0

GET
H/1.1 200
OK clear(6).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 81 B
321 B 824ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(6).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 81

GET
H/1.1 200
OK check.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 403 KB
403 KB 326ms
132ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 472083aa55f0ce92f258f53c93181e695338e6c01857ceafbf6ced254b94c56d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 412439

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 396 KB
396 KB 249ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 405607

GET
H/1.1 200
OK clear(7).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 286ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(7).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 200
OK clear(8).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 301ms
135ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(8).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear(9).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 81 B
321 B 1016ms
133ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(9).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 81

GET
H/1.1 200
OK clear(10).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 313ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(10).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(29).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 356ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(29).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 0

GET
H/1.1 200
OK clear(11).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 379ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(11).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear1(4).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 830ms
133ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear1(4).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 0

GET
H/1.1 200
OK clear(12).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 401ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(12).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(30).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 414ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(30).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear3(31).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 419ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(31).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(32).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 398ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(32).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(33).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(34).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(34).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(35).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(35).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(36).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 394ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(36).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(37).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 400ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(37).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(38).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(38).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(39).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(39).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(40).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 397ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(40).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(41).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 397ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(41).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(42).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 395ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(42).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(43).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(43).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(44).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 399ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(44).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(45).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 401ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(45).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(46).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(46).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(47).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(47).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear3(48).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 394ms
130ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(48).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(49).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(49).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(50).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(50).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear3(51).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(51).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(52).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 396ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(52).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(53).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 0
239 B 396ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(53).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 0

GET
H/1.1 200
OK clear(13).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 81 B
321 B 811ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(13).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 81

GET
H/1.1 200
OK check.js(1).download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 403 KB
403 KB 395ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 232e458903366c81298221c77e27a787a9b023b461f4bf041d46cba54dbed529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 412439

GET
H/1.1 200
OK clear(14).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 388ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(14).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 0

GET
H/1.1 200
OK clear(15).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 414ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(15).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 0

GET
H/1.1 200
OK clear(16).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 81 B
321 B 883ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(16).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 81

GET
H/1.1 200
OK clear(17).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 340ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(17).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(54).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 371ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(54).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK clear(18).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 393ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(18).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear1(5).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 745ms
133ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear1(5).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 0

GET
H/1.1 200
OK clear(19).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 414ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(19).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(55).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 427ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(55).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(56).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 433ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(56).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(57).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(57).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(58).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(59).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 397ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(59).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(60).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(60).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(61).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 395ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(61).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(62).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(62).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(63).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(63).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(64).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(64).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(65).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 397ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(65).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(66).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 397ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(66).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(67).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 395ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(67).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(68).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 400ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(68).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(69).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(69).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(70).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 400ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(70).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(71).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(71).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(72).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 396ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(72).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 0

GET
H/1.1 200
OK clear3(73).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 393ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(73).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(74).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 399ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(74).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(75).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 395ms
138ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(75).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear3(76).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 338ms
133ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(76).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 0

GET
H/1.1 200
OK clear3(77).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 388ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(77).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(78).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 0
239 B 376ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(78).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear(20).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 81 B
321 B 794ms
131ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(20).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 81

GET
H/1.1 200
OK check.js(2).download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 403 KB
403 KB 389ms
132ms Script
text/plain 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5aae2cfb75508c7fe149be48fb2de77689242a21e02dae364d4438161349b386

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 412439

GET
H/1.1 204
No Content e.gif
nexus.ensighten.com/error/ 0
193 B 8ms
7ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2532573&did=551970&errorName=ReferenceError
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:02 GMT

GET
H/1.1 204
No Content e.gif
nexus.ensighten.com/error/ 0
193 B 7ms
7ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2670712&did=571630&errorName=ReferenceError
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:02 GMT

GET
H/1.1 204
No Content e.gif
nexus.ensighten.com/error/ 0
193 B 7ms
7ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2670634&did=572752&errorName=ReferenceError
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:02 GMT

GET
H/1.1 404
Not Found Interstate-Light.woff
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 142ms
131ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=84
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 310ms
103ms Preflight 34.235.253.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.253.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-253-107.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://online-secureuser7654365citi1654654.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 17 Dec 2021 01:27:03 GMT
content-length: 0
access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
358 B 299ms
102ms XHR
text/plain 34.235.253.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.253.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-253-107.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
date: Fri, 17 Dec 2021 01:27:04 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK liveform-web-vendor-7a445f15ef.css
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame AC01 739 KB
740 KB 155ms
135ms Stylesheet
text/css 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/liveform-web-vendor-7a445f15ef.css
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b86389100be1332c53c03d4aec32dce30ce00d9f4a803a7c6f7dc6155c4d84c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 757105

GET
H/1.1 200
OK liveform-web-style-bfa52db035.css
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame AC01 176 KB
176 KB 176ms
137ms Stylesheet
text/css 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/liveform-web-style-bfa52db035.css
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e8e8f01dc620e1cd54ce35aa05a1c9c703bf8eede3772537ffb5cc10884bfeac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 179794

GET
H/1.1 200
OK liveform-web-vendor-fba5f1656e.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame AC01 514 KB
514 KB 310ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/liveform-web-vendor-fba5f1656e.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ed000f9034b588160db0f2a7f4213cc23eacfd007d11980f8453b8e50bef87a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 526174

GET
H/1.1 200
OK liveform-web-app-59106c1093.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame AC01 538 KB
539 KB 308ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/liveform-web-app-59106c1093.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 71137b95bc3d14f7a6de2ed96290422b4ae342c57a3ea8ff9ae6914fd7a9792a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 551185

GET
H/1.1 404
Not Found Interstate-Light.ttf
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 158ms
134ms Font
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: http://online-secureuser7654365citi1654654.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Citi_placeholder_CSSv1.css
assets.kampyle.com/clients/nebula/citi/ Frame AC01 4 KB
1 KB 684ms
651ms Stylesheet
text/css 151.101.192.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kampyle.com/clients/nebula/citi/Citi_placeholder_CSSv1.css
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/liveform-web-vendor-fba5f1656e.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e78de330792cb7190d2391e632fef62a7142470694ed01389149b3066bdca04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "3d67ac2ff5a333326d321c83c6c27fed"
Age: 0
Via: 1.1 varnish
X-Cache: MISS
Connection: keep-alive
Content-Length: 652
x-amz-id-2: blS31mo7AEgdYjzobxX+SG5eP0RFZakGNfmg6LOpXSuJX1VE8TnQWV7K+QNfINwOHOHHIaI88q4=
X-Served-By: cache-hhn4029-HHN
Last-Modified: Mon, 01 Jun 2020 23:50:43 GMT
Server: AmazonS3
X-Timer: S1639704424.168264,VS0,VE643
Date: Fri, 17 Dec 2021 01:27:04 GMT
Vary: Accept-Encoding
x-amz-request-id: 417N8CAYF48ARNRA
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Type: text/css
X-Cache-Hits: 0

GET
DATA 200
OK truncated
/ Frame AC01 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29559450cf2b7f8be98987d31923c299e84677b50c284f37ee590401848856a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 204
No Content TagAuditBeacon.rnc
nexus.ensighten.com/citi/na_prod/ 0
193 B 7ms
7ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/citi/na_prod/TagAuditBeacon.rnc?cid=1129&data=[-1|-1|1;358910|3277348|1;-1|-1|1;-1|-1|1;677895|3486390|1;624610|3622409|1;354602|1124213|1;578278|3039001|1;373773|1482837|1;552021|3622410|1;622672|3092996|1;569456|2878472|0;609396|3507512|0;565689|3580754|0;662152|3601337|0;652314|3352749|1;606935|2975859|0;593700|2834829|1;-1|-1|1;510670|2923227|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;495376|2108794|1;-1|-1|1;-1|-1|1;495377|2108795|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;512346|2923041|0;-1|-1|1;-1|-1|0;-1|-1|1;-1|-1|1;692686|3586910|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;697723|3622406|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;693686|3595701|0;-1|-1|1;-1|-1|1;578262|3628390|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;663315|3399158|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;692920|3591912|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;692917|3586912|0;695962|3608094|0;521100|2431984|0;-1|-1|1;-1|-1|1;584566|2776548|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;669327|3454233|0;593103|3553059|1;495374|2108797|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;669381|3454234|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;495375|2108796|1;573017|2670646|1;-1|-1|1;-1|-1|1;522574|2923043|1;669322|3430989|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;588511|2801138|1;692919|3586914|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;542251|3183206|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;670807|3446797|1;632449|3161673|1;663310|3399161|1;522572|2923042|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;490141|2904126|1;-1|-1|1;-1|-1|1;580663|2734578|1;692801|3586911|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;692933|3608072|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;626438|3111536|1;-1|-1|1;-1|-1|1;663313|3399160|1;515853|2923044|1;528144|2923045|0;-1|-1|1;-1|-1|1;-1|-1|1;666421|3525612|0;696250|3608071|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;522576|2923046|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;562734|2742762|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;551962|2532572|1;693696|3608093|1;582775|3283873|1;-1|-1|1;-1|-1|1;578343|2836703|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;689979|3578215|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;486892|2929498|0;531459|3486389|1;609397|3455507|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;600937|2897286|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;551970|2532573|1;571630|2670712|1;385436|2514756|1;359214|3507689|0;488122|2028951|0;369351|3154250|0;359218|3628388|0;572752|2670634|1;572750|2680754|0;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;685268|3622394|0;589752|2801119|0;685767|3533827|0;690641|3574157|0;555592|3622571|1]&idx=0&r=9.1139548382966
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:04 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:03 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 749A 81 B
475 B 106ms
14ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&ck=0&m=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ls_fp(1).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 8F8C 82 KB
83 KB 191ms
133ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(1).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 76262472e3bdc3961a2981c15110635a80b249f424ad28be42366e50f4ffbe03

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84477
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK sid_fp(1).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame D9BE 96 KB
96 KB 198ms
132ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(1).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 488f2e5ca810789b86bf5dcb121eddb5ad06d69914e622971685b56bc8b16354

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 98068
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK top_fp(1).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 38C1 82 KB
82 KB 245ms
132ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/top_fp(1).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3ffeb7001287be5dd60d5a221874e2ea04d0aa6aab1000256616bf0efd82fdc4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84028
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 0896 81 B
474 B 21ms
20ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&ck=0&m=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ls_fp(2).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame B8F1 82 KB
83 KB 135ms
134ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(2).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 21436b362a61dba68828fcad09704f865f1fc169f284ff7383927eead46a9d62

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84477
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK sid_fp(2).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 14B3 96 KB
96 KB 157ms
132ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(2).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 48bbb9a9c2bcf37b69acde0cd56b87591edd09beb8efc629f95757eec1866e7f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html

Response headers

Date: Fri, 17 Dec 2021 01:27:05 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 98068
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK top_fp(2).html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame FF4D 82 KB
82 KB 202ms
133ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/top_fp(2).html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 241e96ead3a633d9b84379afdc244cd93a9b63a786e4ec77f5bc73d5a52a09c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84028
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 49A5 81 B
474 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&ck=0&m=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ls_fp.html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 7C42 82 KB
83 KB 176ms
131ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp.html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f237cc206237c64f01c5eecc39d6a2826b0ffb42ac19bc613fe212ea005870eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84477
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK sid_fp.html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 1DDB 96 KB
96 KB 226ms
132ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp.html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7fb20629e6af659742722f89cf23522dc448d94ca929ca7cc578ad693953992f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 98065
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK top_fp.html Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame EED1 82 KB
82 KB 229ms
131ms Document
text/html 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/top_fp.html
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2de419797226f96c7acae89f033c5fc33491312ea4f305052209f9136632d6f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84028
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK clear(22).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 8F8C 0
239 B 191ms
135ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(22).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 0

GET
H/1.1 200
OK clear1(1).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame D9BE 0
239 B 585ms
131ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear1(1).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(1).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 0

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-6268858
https://www.googletagmanager.com/gtag/js?id=DC-6268858

87 KB
35 KB

80ms
57ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b725189e88d9ad5e015c49b09ab26398e6f55f77e83c4fdc584d54a3e82aa78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 01:27:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35973
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Dec 2021 01:27:06 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-6268858
Date: Fri, 17 Dec 2021 01:27:06 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-6260004
https://www.googletagmanager.com/gtag/js?id=DC-6260004

87 KB
36 KB

42ms
19ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f86159e457515ed44012f031a9bd52caa9bbb256ff36f161296a4a159971483a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 01:27:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35974
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Dec 2021 01:27:06 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-6260004
Date: Fri, 17 Dec 2021 01:27:06 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK clear(23).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame B8F1 0
239 B 148ms
132ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(23).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 0

GET
H/1.1 200
OK clear1(2).png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 14B3 0
239 B 535ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear1(2).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(2).html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 0

GET
H/1.1 200
OK clear(21).png Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 7C42 0
239 B 181ms
131ms Script
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(21).png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 0

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 8F8C 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(1).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear1.png
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 1DDB 0
239 B 455ms
132ms Image
image/png 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear1.png
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp.html
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/sid_fp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 0

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame B8F1 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(2).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 7C42 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 749A 81 B
562 B 45ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/9db673e613bdc659903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Last-Modified: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Etag: 67e2e0eb47124ff0a98716196190d2d0
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://online-secureuser7654365citi1654654.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 16 Dec 2026 01:27:06 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame 19D4 82 KB
13 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

bd6063c15d17891a02f2c3cc33c3f10b9d3a6d370a6348871b4502c15c4d627e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 749A 0
387 B 33ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
h.online-metrix.net/fp/ Frame 1E44 95 KB
14 KB 53ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

feb179e2c4a037cb503adc8c0e0bf7031318f728c1546f2fe1fc52b80c3164d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 749A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jd=3d38242462646c35333824626660353466363b61303a30316365373e3b3339626460616366313a6067373333353134266266746e3d3038393531323138

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame 4302 82 KB
12 KB 16ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9e23b4dad6358ed849ca70f36a6a1c3de98e629525fde32ead37aaa5228d9cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 749A 0
218 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&ja=3a303b312e24613530267835302e6e3d33363832783332323026616e3f313630327a3332303824717a7b3f327a32246478723d312c313438302c3930303024313e30322e393032382c31343830243932323024333632302e313230382e302c30246f763d61303a3063606166613535646c666466396563303431393637303e62316135632e6f6c353426716b64353a34246c603f687674722533412d30462532446d6c6c6966672f71676177706777736d7237363534313e3563617669313e353c3637362666776b6b646c7b2e677a6727324e71656175706525324e616974695d646b6c657b27304471637467665d726d736f75726367203129266a746d64266c723f6a7c76722d3341273a462d3a466d6e646b6e672d716563757a6775736570353435343b3437616b766b333437343e35342e64756163646e7b2c6f726f253a4671676b77706d2532442e706435332470603f373a66303861613e6063666267333333623f313a35636732663160646a32643426686a353562383565356b306a35633b3e633a3b663730696369316361363a3666333161266a73673f4c696e777a246a736a3f416a706d6f672730303136266a736f77354c696677782662736a753f4160706d6565266c6063353c26767a6c3f4576632732465566696e6f776c246f617460703f36323231663361326a6563303265346b63353e3230383a616c3137373c32336e6434373038393c3166366d63613034666339346964626437303133333131346324723f726e776569665f666c61736a56666164716521786c7d676b6c57756b66646f757b5f656d646b6157726c637967725e66696e736521726e776769665d63666d60675d636172676261745e666364736529726c756f69665f73776161697c696d6756666964736721786e7565696c5f736867616b776174675c666164716723726e77656b6c5f7a65616c706c637165725664616c7b6529706e776f6b6c57766c61577064697967725664616e736721706c7d65696e5f666774616c7e705c64636e716723726c7d67696e5f73746f5f76616777657a5e6e616e716d23726475676b665f626976635e6e636c716524657833356037313036603332393b3a3b66363534313161633c3536313836673b32666d6136626e393c3135672e656e57633d756d626f645767624f4e253030332e30253a32284f70676c454c253a324751273032302c32253a304368726f6f61756d215565624f4c2d32324544514e2d3230475b253a38312c302d30302a4f72656e474427323045512730304744514e2730324751273030392e302532304160726f656b756d21576d62496b7c55676a4b69762d32385f65604744434e454c475f696e7b76616e6367665d61727a637b712731402730324550545f626c656c6c5f6d616c6d6170253b42273038475a5c5f636d646f7a576277666e67725d68636c665f6e6e6f6174273140253238475a565d646e6d63765f6a6c656e6425314a25323847585457667a61655d6c67727c6825314a253a38455a54577168636467725f746d7a747572675d6e6f642d3140273032475a565d746d78747572655d6b6f6d787065737b69676e5d607876612d3342273a304d50545d746d7a747772675f636f6572726573716b6d6e5f7a6576612731402730324550545f746578767d72655764696c7c657a5f636c61716d7c726f7261632d3b422732385545404b4b545f4550565f74657a7677726557646b6e7667705d636c697b6f74726f706b6b25334a2732304d585c5f71504f40273b422530384b405a5f72617a636c6e656e5f7368696665725f616d6f706964672731402730324d475357656c656d656c7c5f69666665785775616e76273b40273a304f475b5f6e6a6f5d726d6c6467725d6d69706563702533402730304f4d515d7176636c66637064576465726976637c69766d7125334a253a304d475b5d766d7874777a65576e6c6d617c2733402530304f455b5d746578767770655f6e6e6d63765d6e6b6c67617a253342253232474553577665787c757a655d6a696e6457666c6d69742d3b422732384d45515f766578747d70655f68636e645f66646d63765d6e6b6c6763722d33422532304d4d535f7e6772746d7857617070697b5d67626a676b742d3b42273238554540474e5f636f646d725f62776464657257646e6d6376273140273238574542474c5d6b6f6d787065737b656c5f76677076777a655f637b746b2d3340253a32574742454c5f63676f707265717167645f7c677a767770675d6776632d3342253230554d4247445d636f65707a6571716d665d7c6578767d726d576576633927334025303057454a454c5f636d6f7272657b7167665d76677a7677726d5f73337463273b42253a3257454a4b41545d554d4045445f636d65707a6d7371656c5d746778767572655771337463273140253238554740454e5d616d6f707a65737365645d7c65787c77726557733b74615d7b70656a2533402d32385f454047445d64676277675f726d6c64657267705d696e6e6d2731402730325547424f4c5f64657076605f746d7a74757a652d3340273a32554d424b4b5c5f5f4d42454c57666572746a5f74657076757265273140253238554740454e5d66706377576275666665707b25334a2732305f454a474e5d646d716d5f636d66746d707427334a2732325747424b495c5d574542454e5d6c6f7b675d616d6c76677a76253b4225323057474a474c576f756c7c69576470637f33342e676c5d603d386a3037316b636234323a3031343a3735636561306337653d36643a35603a363466363d3530346526756f6c76354b6e746d6c2d32324b66612c2e77676e7a3d416674676c2d30304b726b732532384d70656e454e2732304d6c656b6c67246161663d3933&jb=3935312464733f456f7a6b646c692d32443526322530302a57696e6c6d77732530324c54253a3233322c3227314027323857696e3634273b42253a3278363c292d32324378726e6d57656043697c2d3244353b352e313627323028434a544d4c2730412532386e6b6967273032456763636f292532304160726f656725324e393e2e322c3c34343c2e39312d32385b6164617a6b2530463733372e3b34

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:06 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net/fp/ Frame 749A 81 B
438 B 937ms
155ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&di=yes

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 0896 81 B
561 B 14ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/1cc475c444d53f08241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Etag: c40e9d0fa8454b02b4ea2b165569a80d
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://online-secureuser7654365citi1654654.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Wed, 16 Dec 2026 01:27:07 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame 1D60 82 KB
13 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

27c51dc90707e69cae2be9668b7d8c465a7707627d3f30b78a2145c266559076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=85
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0896 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
h.online-metrix.net/fp/ Frame DE68 95 KB
15 KB 17ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

f01b5b117b46e4d745d73cb061237a5126d0c04f267147a75a1c58ebaabf3f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0896 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jd=37362626686666353338246864683f3666343163323a3031636d35343933396a6e60616b6639306a67373133353336246a66766e3f303835383138

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame DBF2 82 KB
12 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

d50ae3a02ec280a748e022d9ddd233963dcbc619ddaf0eb6d674cf9f4d1219ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 0896 0
218 B 15ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&ja=3030393224266b353026783f3226643f333432307a333232302e63643d313638387a333a30302e7b7a7b3d327a30266670723f312e313432322e313038302e333430302c333238382c313432322c333032322e313432302e313a32322c302c382e6f76356138303a6360636661373766646666663b65633a363331363f3034603b613761246d663534267161663d3036246e6a3d6a767472253b43273246253a4e6d6c64696e6d25716763777065757165723536373431343761697661313437363635342c647d6b6b646c712c6f70652730447367617570652d30446369746157646b6465732d3a4471617467645f7065736d757063672a302b2e6a7c6d6e2466723d687674782d33412730442530446d6c6e696c672d71656b77706575736d7a35343d34333e3d616b746b333635363635362e66756169666c732c677265273046736561757a6d25324424726c3f3124726a3d353a6630386963346263666a6d33333b62373b3035636532663362666232663424686a3f613666673c383666366133353b333d30393233313235373537336134336730672662716d3d4c69667d7a24627362354b6a706f6f672532323936246a716f773f4e6b6e777026687160753d436a72676565266c6a613d36247678663d47766327324e576c6b6e6f7f66246f6974687a35363230316631633062656130306534616137363238383063663135353630396e6434373a3a3136336634676163303466633136636662643f3a31333b31393e6924723d726e75676b6e5f646c63736a5c64636c716d21726e7767696e5d776166646f75715d6d67666b635d706e637967725664636c736529786e776f696e5769666d62675d6163706f6263745c66636e716721726475656b6c5f71756b63637c696d675c64616e716723726c7765696c5f7b6a6d636b77697e675c6e616c7b6d23726c7765696e5d7265636c726c637b67705e64696c716723706c7565696657766c615d726c637b67705c66636e736721786e7767696e576c6774696c767a5664636c716721706e75676b6e5d7374655d7469677f65705c64616c736721786475676b6c5d6a6374635c64616e7165246570313f623731383c60333a393330316636373431336361343534313a366731306465613e62643b3631376524676457633d756760676e556760454c273030332e38273030284f786d6c45442532384d51273232302e302732304168706f6f6b776f29556d62454e273230474e53442d32304751273232332c322732322a4f726566454e2532304d5b273038474c5b442730304751253232312e32253030416a706d6d6b7d6d2b5567624b6976576d6a4b6976273030556760454e414c454c475f616c7174616e6b6d665d6972726971712733402732304758545d626e656c665d6f696c65617a27314225323245505c5f636d6e6d725d6077646465705d68636c6e5d646c6f617c2d31402d32304d50565d666e6d61745d626c676e662531402730304750545d647061675f6665787c68253140273232475a565d736a636467725776677874757a6d5d6e6764253b4a273030475a545f766578767570655d616d6f70706d73716b6d6e5f6272746b2d3342273032455a565d766778767772675f6b6d6f7072657b7b6b6d665f726f7c612733402732304758545d746778767770675f64616c7667705f616e6b73677c726f726b612531402730325747404b4b5457475a545f746d7076777a655f6e616e7665705d616e6b736f76726d706b61273142273a30475a565f735245422d3b422530324948505d726370616e6e656e5f7b6a63646572576b6d6f78696c6d2d31402530324f45515f656e656f656c765d6b6e666d785d776b6e742531422d3a304f47515d66606d5d70676e6667725d6d61726f6170253b4a2730384f455b577176616c666172665f6467726b7663766b7465712d33402730304f45515f7c6d78747770675f646e6d63762531402530304747515f7465707c77706d5f66646763765f6e6b6e6563722531422732324d47515f766d78767770655f68636c6e57666c6d63762531402730324f47515f766570767772655f60696e6457666c6769765d6c6b6c6561702533402530304d47515d76677a74677a5d61727263795767626a676176253140273032574740474e5f6b6d6e6f725f6a7d64646d725f6e646d6374273142253030574742454c5d616d6f70706d737167665f74657a747d7a655f63717663273140273030554742454c57616d6d70726d7b71676c5f746d70767772675d657461253340253030554740454c5d6b6f6f72706573736764577c6578767770655d677661332531402530305f4740474c5f6b676f727a65737b6d665d74677a747570655f713376632731402732325f4540494b545f5747424f445f636d6f727267717167665f76677876757a675d7333746b2d31402d32305f4d40454c5d616f6d727265717367645d76677a74777a655d713174635f71726f6a253340273030554740454e5f66676277675770676e64657a6d705d616e66672d3140253032574540474c5d646770766a5d76657a7c7570672733422530305f4d424b4b565d574740454e5d646772746a5f7c677a7475726d2d31402d32305f4d40454c5d667261755f62776664657071273142273a30554740474c5f6e6f7b6d5f636d6c76657a76273140253032574742434b565f57454a4f4e5d646f736d57616d6e76677874273342273232574740454e5f6f7d6c766b5d64726175313e2e676c5d6a3f306032373361616034323a303936303535636d6b30633f65353c6e3a35623a3636643435353234672675656e743d4b6674676e273230496c63262e77676e703f496c76676e2732324b726b732d30324f7065664f4e273a3045666f6b6c65246163643f31&jb=333533266e7135456f7a6b6e6e61273044372c302730302a57616c666f77732d3a324c5c25323839322c30273142253030576b6e34342731402732327036362b273230417270646d576560496b742730443731372c31362732382a4948544d442d30412d3230646169672530324765616b6f2b253030416a706d6d672d32443b342e302e36363e3c2e393127303051636463706927304637333f2c3136

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=89
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net/fp/ Frame 0896 81 B
438 B 1011ms
152ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&di=yes

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 49A5 81 B
561 B 13ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/bf12cc12c4406580a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Etag: d3dcaa503f0045dcad4da65ad3de00cc
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://online-secureuser7654365citi1654654.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
Expires: Wed, 16 Dec 2026 01:27:07 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame DE23 82 KB
13 KB 33ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e6fbe4a193b021c1e0163b81b5673c98b5085920304d913b08e9aa9af0c1121b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 49A5 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=88
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
h.online-metrix.net/fp/ Frame 3D03 95 KB
14 KB 39ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

522839a3b1bbd47d86e6569bf4769fafdc9c1edc40cc7fd088aeeaacb6a3f099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 49A5 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jd=353626246a666c353138246a64683d3c66363161323830316167373e31313b6a6e626b6366313a6065373133373b36266a647c663f303234383338

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame 3E42 82 KB
13 KB 32ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a2649f19cc734a78d3514ad70e38bfd5ea21b2be5d327a044c3e829c355ff036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=84
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 49A5 0
218 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&ja=3230383b262661353226783d32266635333632327a3132323224616e353334383878393230382471787b3d3278382664707035392e313e30322c313a38322e333630302e313232382e313430322c313a32302e333430302e3330303824322e382e6d7c3d61303a3061606366633f376464646c6e3b6569383631313c3f32346039613763266d6c3536267163663d323c246c6a3f6a7474722731412d3a44273a4e6f666c6966672f73676377726d757365703f3e37343b363763697c61333437343635362e64776b69646c732c6f726f27324471676375706727324e6b6b76615766616c657b273046716174656c5f726571677d70636d2e6a746d642e66703f687474722533432d30462732446f6e646b6e672f716563777067757b6d70353e3d343b36356b6b7669333637343e35342e667d6b696466732c6f726f2d304471656375706525304e24706e3d312670603f373a64303861633460636e6a6733393b623f33383f636730663360646a3264342460603f356c613438303d3a353161383532353233673b353834366137373c6037333164266a716d3f4c6166777a2e62736a3d4360706d6d672530303136266a71677d3f4c616e777826627b60773f4368726d6d6524666a633f3424747a6c3f457661273246576c696e677f6c2465697460723d3c323233663161326a656330306d3e61633d363230383a69663337353430336664363d3a3833343364366d63613036666339366364626c3f3031393b313136612e723f706e756569665f666c637b605c66696c716521786477656b6e5f776b6e646d7f715f6f6566696157726c637b67725e64636e736d29726e7d6f69665f616c6d60655d616172676261745c6e696e736d21726c756f616c5d737569636974696f6d5c66636c716521786e75656b6c5f736a6d616b7f697467566e6164736529726e7565696c5f7a65616c7264697b657a5e64616c7b6d23726e7567696c5f766e6b5d706e617b65725664616e716721706e776569665766677e696c7e725e6e636e736721726c7d67696e5d7b7e655f7e696777657a5664636e736521726c7565616c5f686174615e6e636c7167246578313f603739383660393a393b38396c363536313361633c3536313a3e6d31326e656136626e313633356526676e5f633f7f6762656c5565624f4e253032332e30273032284778676c4f44253a30455b273030302e32253a3043687067656b7565295565624f44273032474c534e2532324d51253030332e302d30302a4d72656e454e2732384d51273a384744534c2d30324551253030392e302530384b6a72676d6b756d215f67604969745767624b6b7c2732325767624744434e454e475f696c717661666b67665769727a61797b2731422732324550545f626e6d66665f65696c6d61702d3140273230455a545f61676e6f705f6075666e67725d6a636c665d646e6f697c27314a2d323845585c5d646c6d61765f6a6c656e662d3b40253a30475854576e7063655f6465727468273b40253030475854577168636667725f76677a747d7a675d6467642d33422d3032455a545d746d787475706d57616f65707065737b616d6c5d627074612533402d30304758565f746d7a747770675f636d6f72726d7b716b67665f7a67746b2731422732324550545f7467707c77726d5f64696c7c6d705d636e69736d74726d786b63273340253238554540494b545f475a565f7c6d7a767d7a65576669647667725d616c697b6f74726d786161253b422732304d50565d71524742273342273a324b4a525d70617a636c6e676e5f736a6366657a57616d6578696465253b402732324f475357656c656f6d66765f616e666578577d6b6c762533422732304d4d515f64626d5f726d6c6467705d6d69726f63702d3b40273a384f4d535f7b76636e66617064576465726b7e6976697e657125334a2d30324d45535f766578767d70655d666e6f617c2733402730304f47515d746d7076777a6d5f6e6c6f69765d6c6b6e67617a253342273a384d455b5f7665787c7d70675d68616c645f666e6763742733402532384d45515d766578767770655760636e6e5766646f617c5d6e696c6563722d334225303847475357766772746d705d63707261795d6f62686d6174273340253238554540454e5f636d6e6d72576a77646e6d7257666c676376253142273238574542454457616f65707065737b6d665d766578747772655d69717461253142253a32574740454c5f616d6f707a6d71716d6c5f7c65787c7770655d6576632d33422530385f47424f4c5d636f65787067717365645d74657a7c7772675f67746339273340273030574740454c576b6d6f787a657b73656c5d76657a7477726d5f7333766b2d31422d323257454a434b565d574542454c5f61676f7070657173656c5d74677a767572675d71337c6b27314a2d323857454a454e5f616f6f707a657373676c5776657074777265577b3176615f7372656225314a27323257474247445d64676077675f70676c646d7a677057616e6e6f253b402732325747424f4c5f6467787c6a5f7c657a74757a6d2731402532305545424941565f554540474c57666572766a5f74677a76757a6d27314a2d323857454a454e5f6672637757627566646d7a71253b422732305f4d40454e5f6c6f71655f61676c7467787625334a2732325547424b4b565d574d4a454e57646f7b655f6b6d6c74677876253b422532325f4d4047445f6f756c7c615d66706177313426676e576a3d32623235316b636234303a3031363037356b6d6130693f653d346630356038363666363d353034672e7f656c7e3d4b6e746d64273032496e632c26776564703d4b6e76656c2d30304b706b732530324d706d66454e2d3a304d6e67616c67266163663d39&jb=313533246c713f456d7a6b6c6e61253a44352c322732302a556b6e6c6775712d3a304654253a3233302c3027334a25323055616634342d33402532387034362b2532304370706e6d5565604b6b74253a443531352c3336273032284340564f442d324b2532386e6b6b672530304f65636b6d212d30304b68706f6d6d2d30443b362e302c3436343c2c393125303053696461706b2732463731352e3b3e

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=87
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net/fp/ Frame 49A5 81 B
438 B 930ms
155ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&di=yes

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 749A 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jac=1&je=393135242e726f356e6f246a617c7b743f7b2a6e6574656e223a312632302c2271766374757b203820616a6370656b6e6f227d26617566603d63693562396d366d363a336b61636b36663069376b393930393b3433363660356333393539366236663a64643c3a343232313a64673666383366636438363d39

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=86
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
6 KB 26ms
13ms Script
application/javascript 151.101.1.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/generic1634752371595.js.download
Protocol: HTTP/1.1
Server: 151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
Content-Encoding: gzip
ETag: "80dd5e3be5152c5c72d552c6a26ef6ff"
Age: 307729
Via: 1.1 varnish
X-Cache: HIT
Connection: keep-alive
Content-Length: 5197
x-amz-id-2: 2Rqcsnqc7u6qr5RePJPgkBiDQObsrQuT7+satPB20rDqRCp9iEuwtIT4vebpJreufjB6IPMRLZ0=
X-Served-By: cache-hhn4067-HHN
Last-Modified: Sun, 24 Jan 2021 11:03:10 GMT
Server: AmazonS3
X-Timer: S1639704428.537243,VS0,VE0
Date: Fri, 17 Dec 2021 01:27:07 GMT
Vary: Accept-Encoding
x-amz-request-id: T9HXMK5FZ5ARRFW8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 168472

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 19D4 0
388 B 36ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0896 0
388 B 28ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jac=1&je=35362626726d35666f26637766683f616335603967346534383961616163366e3a63356b31393a31313433363462356133313539346236663a66643630363232313866653666383b6663663a36353b

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 49A5 0
388 B 30ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jac=1&je=37362624706d3f666d26637566683d6b6337603b673665343a33636b6961346e3a613f633131303b33343336366a356333333f3134623c643a64643c30343232333866673466323b64636638363539

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
486 B 109ms
97ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC45MyBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYzOTcwNDQyNzc3NSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTdkYzVmZmZjZmQ0ZjgtMDJjZjQ2YTQ5MTc1OGEtOTc4MTUzYy0xZDRjMDAtMTdkYzVmZmZjZmU4NTAiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cDovL29ubGluZS1zZWN1cmV1c2VyNzY1NDM2NWNpdGkxNjU0NjU0LmR1Y2tkbnMub3JnL3NlY3VyZS8iLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYzdmZi04ZjkxLWU0ZWUtMGNlYi0wMWZmLTc0NmItMzI4Ny02MDgwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2Mzk3MDQ0Mjc1MjciLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNDUxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjM5NzA0NDI3NTMyLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/
Protocol: HTTP/1.1
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ME: prod-instance-gatewayservice-blue-z5vq
Date: Fri, 17 Dec 2021 01:27:07 GMT
Via: 1.1 google
Server: Jetty(9.2.11.v20150529)
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: image/gif; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Content-Length: 0
X-Application-Context: application:9090

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 1D60 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame DE23 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 2 KB
1 KB 50ms
6ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by: Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e78fd3a0c79a50c92811c6f4354790115560dd6d4e04ef95429cb5913ea39586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: CJPvc70DIVT8MhtJ23ewwKi8tH4WhNJl
content-encoding: gzip
etag: "e5578e667d049164695baab63fbafd25"
age: 308879
via: 1.1 varnish
x-cache: HIT
content-length: 675
x-amz-id-2: lcmzK/JCcg8iOhstq98EsV0QPzTVVIh76WhFnOCqpsGmSNbIC8s2MeXq6sEoMYRBEgT2ndTeg60=
x-served-by: cache-hhn4032-HHN
last-modified: Tue, 30 Nov 2021 23:08:26 GMT
server: AmazonS3
x-timer: S1639704428.935843,VS0,VE0
date: Fri, 17 Dec 2021 01:27:07 GMT
vary: Accept-Encoding
x-amz-request-id: P2FCA3DQWBD8GNA0
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 18

GET
H/1.1 403
Forbidden 1560.js
cdn.pbbl.co/r/ 0
0 48ms
6ms Script
text/html 13.32.22.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.pbbl.co/r/1560.js
Requested by: Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/na_prod/code/42d4d669434e7d621371bd59ca097dbf.js?conditionId0=4897099
Protocol: HTTP/1.1
Server: 13.32.22.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-87.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-916451471
https://www.googletagmanager.com/gtag/js?id=AW-916451471

97 KB
39 KB

36ms
20ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Protocol

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8459cb104cafb0507aa429253ff2728409ada24e879d92b7696d18ac9ee153bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 01:27:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39582
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Dec 2021 01:27:07 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-916451471
Non-Authoritative-Reason: HSTS

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 54ms
9ms Script
application/javascript 2600:9000:214f:7800:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&comscore=true
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7800:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
age: 76048
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
date: Thu, 16 Dec 2021 04:19:40 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 21QphdYHSHAGm79L8Xylyhl9mAmuRd1pM2veyhfdSwWxjkjdaJRczw==

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

36 KB
11 KB

52ms
31ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 01:27:07 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3745D8D2F61144E18FE2C86FD0AC1D61 Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:07Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS

GET
H2

451

425466.html Show response
sr.rlcdn.com/ Frame 03F1
Redirect Chain

http://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709

0
98 B

144ms
127ms

Document
text/plain

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/c1997fc4285b4ded7a3ef6dce5a65f2b.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Dec 2021 01:27:08 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Location: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Content-Length: 285
Date: Fri, 17 Dec 2021 01:27:07 GMT

GET
H/1.1 204
No Content e.gif
nexus.ensighten.com/error/ 0
193 B 8ms
7ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/error/e.gif?msg=bk_async%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3507512&did=609396&errorName=ReferenceError
Protocol: HTTP/1.1
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Fri, 17 Dec 2021 01:27:06 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/9340/ 43 B
599 B 63ms
9ms Image
image/gif 18.196.159.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9340/?che=2930967877.67696&abid=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.159.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sync
live.rezync.com/
Redirect Chain

https://20822230p.rfihub.com/ca.html?rb=648&ca=20822230&ra=769943054&_o=17169175&_t=zx-cookie-match
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1813050708747235577

30 B
30 B

205ms
157ms

Image
application/javascript

13.32.22.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1813050708747235577
Protocol: H2
Server: 13.32.22.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-112.fra56.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 01:27:08 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
server: lighttpd/1.4.33
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 30
x-amz-cf-id: hCYnSYDAaKEUI3u1HGOx-_KHG3Bjv9jw9Zcat5PC249KpAFtb_nMHg==

Redirect headers

Location: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1813050708747235577
Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK generic1634752371595.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 527 KB
88 KB 15ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1634752371595.js
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/embed.js.download
Protocol: HTTP/1.1
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 6ztX3qWQv7AuHQ8Loe8lhcbddbcREYoc
Content-Encoding: gzip
ETag: "045174c5e0174dd804b9dda17b772d12"
Age: 307608
Via: 1.1 varnish
X-Cache: HIT
Connection: keep-alive
Content-Length: 89242
x-amz-id-2: 4+0wNLnQGdH56fFApk45uBRmJSc1wOWvVSfNHkAYVdj8Jv6VhBFM98C8opnQ9d22gWeC37gFUwE=
X-Served-By: cache-hhn4041-HHN
Last-Modified: Wed, 20 Oct 2021 17:52:53 GMT
Server: AmazonS3
X-Timer: S1639704428.931191,VS0,VE1
Date: Fri, 17 Dec 2021 01:27:07 GMT
Vary: Accept-Encoding
x-amz-request-id: E926CHYYFSJHQ99T
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,must-revalidate
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 1

GET
H/1.1 200
OK cls_report Show response
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 0
691 B 634ms
132ms XHR
text/plain 192.193.179.248
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?_cls_s=56178b7f-0765-4524-af83-d593bcd669ab%3A0&_cls_v=3638b2ad-db67-4c49-9916-d7bac6fb9bea&pv=2&f_cls_s=true

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.248 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains;
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
access-control-allow-credentials: true
Connection: close
Content-Length: 0

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 49A5 396 KB
396 KB 134ms
133ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=61
Content-Length: 405607

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 749A 396 KB
396 KB 135ms
134ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=61
Content-Length: 405607

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ Frame 0896 396 KB
396 KB 132ms
131ms Script
application/javascript 34.106.153.222
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Protocol: HTTP/1.1
Server: 34.106.153.222 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 222.153.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=58
Content-Length: 405607

GET
H/1.1 200
OK check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41 Show response
content22.online.citi.com/fp/ Frame AC5B 403 KB
72 KB 23ms
22ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jb=343926246a736d7d3f4c6b6e77782662716f3f4e6b6e757a2468736a7d3f41607a6f6565266271603d4168706f6565253232313e

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tags.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ca38d8682a98a0ee4a68a944c13a9670b9553d57377fe281c239c3404a790c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: 4f9266dc5b0e4e78
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=97
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame AC5B 81 B
474 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22 Show response
content22.online.citi.com/fp/ Frame 0D27 403 KB
72 KB 23ms
22ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jb=3c39242462716d7d3d4c6b6675702e6a716f354e696c757a266a736a773d4368706d6f65266271603f416a706d6f67253a303936

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tags.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0deec85bec590087e950f1d5827587262e7ae4adb317d932fd439ca487afd83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: cbcc0172b6475b0e
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 0D27 81 B
474 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=83
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5 Show response
content22.online.citi.com/fp/ Frame 726E 403 KB
72 KB 23ms
23ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jb=363926266873677d3d4c6b6c77782468716d3f4c6b6c757a26627160753d43607a6d6f6d266a7b6a3f4168706d6d652732303b36

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/tags.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

16efb25baf2619cbc7ad10c2037057683a9765f40131e81d4df067f88c068a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: b7cb24b499b23050
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 726E 81 B
474 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=82
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame AC5B 81 B
474 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 0D27 81 B
475 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 726E 81 B
474 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:07 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=81
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 112ms
109ms Preflight 34.235.253.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.253.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-253-107.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://online-secureuser7654365citi1654654.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 17 Dec 2021 01:27:08 GMT
content-length: 0
access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
357 B 110ms
109ms XHR
text/plain 34.235.253.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.253.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-253-107.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
date: Fri, 17 Dec 2021 01:27:08 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
486 B 93ms
93ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC45MyBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYzOTcwNDQyNzk5MyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTdkYzVmZmZjZmQ0ZjgtMDJjZjQ2YTQ5MTc1OGEtOTc4MTUzYy0xZDRjMDAtMTdkYzVmZmZjZmU4NTAiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cDovL29ubGluZS1zZWN1cmV1c2VyNzY1NDM2NWNpdGkxNjU0NjU0LmR1Y2tkbnMub3JnL3NlY3VyZS8iLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYzdmZi04ZjkxLWU0ZWUtMGNlYi0wMWZmLTc0NmItMzI4Ny02MDgwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2Mzk3MDQ0Mjc5OTEiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNDUxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjM5NzA0NDI3OTkzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19
Protocol: HTTP/1.1
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ME: prod-instance-gatewayservice-blue-hnst
Date: Fri, 17 Dec 2021 01:27:08 GMT
Via: 1.1 google
Server: Jetty(9.2.11.v20150529)
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: image/gif; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Content-Length: 0
X-Application-Context: application:9090

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame AC5B 81 B
561 B 13ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jb=343926246a736d7d3f4c6b6e77782662716f3f4e6b6e757a2468736a7d3f41607a6f6565266271603d4168706f6565253232313e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/4f9266dc5b0e4e78a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Last-Modified: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Etag: 7e62eee5530b4835b35b129504bd8c2d
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://online-secureuser7654365citi1654654.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 81
Expires: Wed, 16 Dec 2026 01:27:08 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984 Show response
content22.online.citi.com/fp/ Frame 2E8C 82 KB
12 KB 24ms
23ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

cb8bc2724fbb0073e7c2d6bb35c848be74bdd7521d2ecc57733fb5565760edca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame AC5B 0
387 B 20ms
20ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984 Show response
h.online-metrix.net/fp/ Frame 6B89 95 KB
15 KB 34ms
34ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

caee168bf02bca9a6dd37b7b8aeb7db44872a9f65f41b889eb22db200406b5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame AC5B 0
387 B 29ms
29ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jd=353626246a666c353138246a64683d3c66363161323830316167373e31313b6a6e626b6366313a6065373133373b36266a647c663f303234383338

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=80
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984 Show response
content22.online.citi.com/fp/ Frame B32D 82 KB
12 KB 22ms
22ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1b8c4f70dd9b2112ac0dd9f8c05f809563a771a1cf6706660d972dd97f84529b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame AC5B 0
218 B 21ms
21ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&ja=3230343a262661353226783d32266635333632327a3132323224616e353334383878393230382471787b3d3278382664707035392e313e30322c313a38322e333630302e313232382e313430322c313a32302e333430302e3330303824322e382e6d7c3d61303a3061606366633f376464646c6e3b6569383631313c3f32346039613763266d6c3536267163663d323c246c6a3f6a7474722731412d3a44273a4e6f666c6966672f73676377726d757365703f3e37343b363763697c61333437343635362e64776b69646c732c6f726f27324471676375706727324e2e66703560747c70253b43273244253046676e6c696c6d2571656b757065757b6d7035343534333435636b7c6b3134353636353c2c64776169646e712c6d726f2d30442e786c353326786a3f373a66303869613662616e6a67313933603733303f636732643362666232663c24686a3d3764613e3a3037303533633a3730373a3b67313f30363e63373f3660373333642662736f3d4e616677782e6a71623d4b60706d6f6525323239362462716f773d4e696e7d7a26687160753d416a706f656d246c606b3d3c267472663f45766327324e556e6b6c677f6c266561766872353c3232316431633062656138306534636135363832383063663135373632316e6c36373030313c31643e6763613034666331346166606c3f30333933333936692e723f726c75676b6e5f646463736a5e64616c7b6721726e7767696c5d7569666c6d757b576d6d6469695d726c637967725666616c716d29726c7d676b6e5f696c6d60675f6163706f62637c5c66636c716521786e75656b6c5f71776b616b7c616f67566e6164736529726e7565696c5f7b686f63697f6974655666636c736d29726e7767696e5d72656364726c637967725e6e636c716723706c77656b6e577e6e6157786c6979657a5c64616e736721786c75676b665766657e616e7672566e636e716521706e75676b665d7374675d76696d7565705c64616c71672370647d656b66576a6976615664636c7165246570333d62353938366239323b3338316c36353433336361343534393a3667333066656b3462643b3631376724656c576b3f756d6a676457656a454e253030332e382532302a4778676e4f4c2732304d5b273032322e302732304160706f6f69776d295f6762454e273230454e514c2d3a32475b2d3238312e382730302a4f726566474c2530384d51253a30454c53442d30324753253232312e322d30304168706f6d61776d2b5567624b6b7655656a436b762d3a305f65624f4e434e454c475f616e737463666b67645761707261717b2731402532304758545d6a6e656c645d6d69666f617a27314225303247585c57616d6467725762756e6467725d68636c6e5f666c6d697c27334a25303045505c5d646e6f61745d626c6766662531422732304d5a545d647061675d6667707c6027314a2d323845585c5d71686364677257746578767d7a675f646f6625334a2d30324758545f766578767d70655d636d6d707a6773716b6d6e5f607276632d3b40273a384550545f7c677a747772675f6b6f6d70706d7b7169676e5d72677c6b2731402532304758545d7c6778767570655f6e6b6c7667705f616c6b716f7c7a6d72616b253b42253a325545404b4b54574558545d7c6d7a747d72675f6661647667705f616e6b736f767a6d706b632733422d3030475a565f73504540253b4a27303843485a5f706970636c6e656e5f7b686164677a57616f65706b6c652d3b402730304f45515f656e6d6f656c745d696e6c67785d776b6e74273140253a384d475b57666a6f5f7a676c6467725d6d61706d61722d3b40253a304d4553577b76636c646172665f64677a6b7663746b76657b2733402730304f47515d746d7076777a6d5f6e6c6f69762733402530304745535f766d7076757a655d666c6769765d6e696e65637225314a2732324f47535f7c6778767770655f6a636e66576e6e6d697c253b42253a324d45515f766570747572675760636c6e5f646c6f697c5d6e6b6e6561702533402d30304d45515f766d7074677a5d617270637b5f676a68676b7c253b42253a32554540474e5f6b6f6c6f70576a77666e65705f666467637627334225303057474a454c5d636d6d707a67737167665f74677a76757a6d5d637b7c632d33422d3032574742454c57636f6d727a6d71736d645d7465707c7770675f6574612533402d3030554540474c57616f6f727065737167665f7c6d7a767d7a655765746b332733402530305f4542474e576b6d6d78726773736d6c5d766778747570655f713b7663273340253238554540494b545f554740474457616d6578726d73736d665d74677876757a655f73317c6b27334a253030574d4a454e5d636f6d727265717b67645d746778747d70655d713174635d7170676a2d31402d3a305f45424f4e5d64676277675772656e666d7a677257696c666f2d3b40273030574540474c5d6c677076685d74657076757067273342273032574d4a494b5c57574d4247445d666572746a5f7c657874777a6d27334a253030574d4a454e5d647261755f62776e646570732733422d3030554740474c5d6e6d736d57616d667c657074253b402732325747424349545f554d4a454c576c6d7365576b6d6c76657874273342273a32574742454c5f65776c766b5d6472637533362e6f6e5d6035306a30353961636234323a3039343235376b6d613269376735346e3035603a343664343535323c672675676e763d416c74676e2732304b6c612e2e7f656e7a3549667465642730304b726b732d32304f726d66454c2d3232456e6f616c67246363643f31&jb=313533246c713f456d7a6b6c6e61253a44352c322732302a556b6e6c6775712d3a304654253a3233302c3027334a25323055616634342d33402532387034362b2532304370706e6d5565604b6b74253a443531352c3336273032284340564f442d324b2532386e6b6b672530304f65636b6d212d30304b68706f6d6d2d30443b362e302c3436343c2c393125303053696461706b2732463731352e3b3e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net/fp/ Frame AC5B 81 B
438 B 59ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 0D27 81 B
561 B 14ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jb=3c39242462716d7d3d4c6b6675702e6a716f354e696c757a266a736a773d4368706d6f65266271603f416a706d6f67253a303936

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/cbcc0172b6475b0e903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Last-Modified: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Etag: c9db09813b0d4fb0ab60ede9c08049cf
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://online-secureuser7654365citi1654654.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Length: 81
Expires: Wed, 16 Dec 2026 01:27:08 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F Show response
content22.online.citi.com/fp/ Frame 7AC8 82 KB
13 KB 17ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a68a8ff7bdf4e00a6b9c5fca206dd13e479b97d5ba42254c8ffa9e236b25c1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0D27 0
387 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F Show response
h.online-metrix.net/fp/ Frame 25B7 95 KB
14 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

1016424af7076835d7206b76340599acf20d57a2cdf3947402143de73a1dbd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0D27 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jd=3d36242462646c35333824626660353466363b61303a30316365373e3b3339626460616366313a6067373333353134266266746e3d30383c3a3330

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F Show response
content22.online.citi.com/fp/ Frame 9720 82 KB
12 KB 16ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

25c52f4761b79dd90bcc22e298ebbf0fd3027aea8a96874c467c607d9f0a4caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=79
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 0D27 0
218 B 16ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&ja=3a30363a2e24613530267835302e6e3d33363832783332323026616e3f313630327a3332303824717a7b3f327a32246478723d312c313438302c3930303024313e30322e393032382c31343830243932323024333632302e313230382e302c30246f763d61303a3063606166613535646c666466396563303431393637303e62316135632e6f6c353426716b64353a34246c603f687674722533412d30462532446d6c6c6966672f71676177706777736d7237363534313e3563617669313e353c3637362666776b6b646c7b2e677a6727324e71656175706525324e2464723d6a767670253b432730442730446d6c6c616e652d7365617d72657d7165723f363d3431343d616b7c6931343d343e3d342c647d616b666e712e6f726f27324626726e3f3326786a3f353a64303a6363366a6366626531333b62373b3a37616d306c3360666a30663c26686a35356a383767356b326237613b3661383b6437326161633b63633e3036643333612468716f354c696e75782462736235416872676d6d25303231342462736f77354c6166757a26627162773d4168726f6567266e68613f36267472663f477661273044576e636e6f776e266f6974687a3f343038336c3161306a6761383265346b633d3e3032383a63643335373430316e663435383a333631643e676363303666613b36616e6264373233333b31393e63267035706475656b665d646461736a56666964736721786e7565696c5f776966666f77735d6f676469695d726e637b67705c646164736521706c776f696e5763646f6a65576161706760637c5e666364736d29706e756f6b6e5d717769636b7c6b6d655e64636e736529726e77656b6c5d716a6f6b6b776176655c6e616c7b67217064756f696c5d7a676364706c6371657a5666636c7b6721726c7767696e57746c635f726e6379657a5c64636e716723726e756f696e5f646574696c767a5c666164736d21726e7d656b665f73746f5f7e616575657a5c66636c71652170647767696e5d686376615664636e716724677a313d6a3731303462333a3933303b64343f363b3361613c3734393836673b326e6d6334626e3b3433376726676c57613d776560656e57656a454e273032332c32273238284f70656e45442532384753253a303a2e32273a324160726f6f617565215767624f4e253030454c534c2d30304553273032312e382730322a4d72676c454c2d32304553253038474c5b4e253238455b253032392c322d3230416072676569776d215565604b6b7457656a4969742530325565624f4e434c454e475d6b6c737c616e6365645d697272697b73253b422d32324750565d6a6c656c6c5f65616e6f617027334025303045585c5d636f6c6d705d62756e6467705d6a636e645d66646f61742533402d32304d5a545f6e6c6761765d6a6e67666425314a253a38455a5457647263675d6465707c6a25334227303245585c5d716a636667705d766570747572655f6e6764253b402532384550545d766d7a767d72655d6b6f65787267737b6b6f6c5f607074632d3142253232475a545f7c677a767770675d616d6d7872657373696d665f726f7663253b422d32324750565d7c6578767d726d57666b6c7c67725d616c69736f7c706f706961273142253a32554740494b565d47585c5f74657874777a655f6e6b6c746d7257616c6b7b6d767a6f706b6b253b4a2530304d5a545d73504742253b40253230494a505f706970636e6e676e5d716a616c65725f636f6f78696c6d2733422d32384f475157676e6d6d656c7c5f61666467785777696c74273342253a324f45535d64606f5f7a676c6667705d6f6b726d69702533422530384f455b5d7374696e6c6170665766677a6976637c697e6d7327334a2732324f47535f746d7a747572675d646c6f69762731402730324d4753577465787475706d5f66646d6174576c616e67637a27314a25323247455b577467787c7772675f6a616c6657646c6f6176273142253a324d47515d76677a76757a655f68616c6457666c6763745f6469666563702d31402d32304d4d53577e6570746d7a5f63727061795f67606a656376273142253a32554740454e5d616d6c67725f627566646d725f6e6e6f617c253b4227303855474a474c5d6b6f65787267737b67645d74677874757a675f617376612733422d3032554740454e5d616f657072657373676c5f746d7a74757a65576576612d31402d3230554d424f445f616f65727267737165645f7c6778747570675d65746b332731402730325547424f4c5f636f6d727a65737b67645f7c65707477706d5d713b7463273b422d3a3055454a4949565f55454247445d636f6d72706773736d665d76677a767770675f7b3374632533402d32305f474247445f6b6f6f727a67717b65645d7c65707c75706557713376635d7372676a2733422530325545424f4e5d66676077655d70656664657265725d616e66672733422d32385747404f4e5d6c657076605f7c6d7876757a67253142273230574d404b49545d55474247445d666772766a5d7667787c7572652533402d32305f474247445f6c7263755760776e6665707b253b4a2530305f4742454c5d6c6f736d5d636f6e76677a74253b40273032554740494b5457574542474c5d646f736d5d636f66746d7876273b40273a3057474a4744576d776c7c6b5f6672637731362e656c5f683f326030353961636034303a323336323d3563656332633f65353c6438376a383c3666343d37323c6526756f6c7e35496c746d6e2530304b6e632e2e75676c723f4b6c7465642730324b706b712730304770656e474c273a30456665696e6d266b63663f39&jb=3935312464733f456f7a6b646c692d32443526322530302a57696e6c6d77732530324c54253a3233322c3227314027323857696e3634273b42253a3278363c292d32324378726e6d57656043697c2d3244353b352e313627323028434a544d4c2730412532386e6b6967273032456763636f292532304160726f656725324e393e2e322c3c34343c2e39312d32385b6164617a6b2530463733372e3b34

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net/fp/ Frame 0D27 81 B
438 B 72ms
27ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 726E 81 B
561 B 14ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jb=363926266873677d3d4c6b6c77782468716d3f4c6b6c757a26627160753d43607a6d6f6d266a7b6a3f4168706d6d652732303b36

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/b7cb24b499b23050241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Last-Modified: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Etag: a5ee5017cc394627aa7bdaa155f82dfb
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://online-secureuser7654365citi1654654.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Content-Length: 81
Expires: Wed, 16 Dec 2026 01:27:08 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67 Show response
content22.online.citi.com/fp/ Frame 6FCF 82 KB
12 KB 32ms
31ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9d4d19dd520c10ff3db474e5ebb5c60026b6c4f019595ff244f507cf4513c9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=93
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 726E 0
387 B 29ms
28ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=78
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67 Show response
h.online-metrix.net/fp/ Frame 9E6D 95 KB
14 KB 30ms
30ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

7248100210c345cffee1fc48662b578ccf42ab3d2254b3ecba32540532e6e497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 726E 0
387 B 25ms
25ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jd=37362626686666353338246864683f3666343163323a3031636d35343933396a6e60616b6639306a67373133353336246a66766e3f303837383138

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67 Show response
content22.online.citi.com/fp/ Frame E7C8 82 KB
12 KB 19ms
18ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

577ba686bf05b5efa5c5988a4b82ae60cd45fe4681178a5a185613ab40452721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 726E 0
218 B 17ms
17ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&ja=3030343824266b353026783f3226643f333432307a333232302e63643d313638387a333a30302e7b7a7b3d327a30266670723f312e313432322e313038302e333430302c333238382c313432322c333032322e313432302e313a32322c302c382e6f76356138303a6360636661373766646666663b65633a363331363f3034603b613761246d663534267161663d3036246e6a3d6a767472253b43273246253a4e6d6c64696e6d25716763777065757165723536373431343761697661313437363635342c647d6b6b646c712c6f70652730447367617570652d304426647235607676782533492d30442530446f6e6e696e672d71656177706775716d723534373433363763617c69313437363637362c66776369666e712e6770652532462e786e3f3b26706035353a66303a61613462636462673133316035333a3f6167326633626460326c3c26686a3f61346467363a366436633337393b373a3932313b3837373f35316b3c33673067246a736d3d4c6b6e7778246871603d4160726d6f672532303b362e62736f773f4e696c777a24687360773d41687a6d6f65266e606b3f362e747a6c35477663273046556c6b6e6d776c266f63766a723f3c3032316631633260656b383265346161353432323a30616633353734383364643435303033363964366d6963303466613934636662663730333331333b36632e703f726e7567696c5f6e6461736a5c64616e716723726c7765696c5f7f6b6c646f777b576f676c696157786e637967705e66636c736721726c77656b6c5f636c6f60675d6163726d62697c5e66636e716523726e7765696c5d7177696b6976696d65566e636e7b652178647765696c5d73686d636b756174655c64636e736729706e7765696e5f70656964706c637b67725c64636e716523726c7767616c5d766c6357786e63716572566e636e736723706c7767696c5f666574636e74725c6e616e716721706c776761665f7374655d766b677567705e64636c716529726e756769665768637e615e6e696e7165246778333f62373330366233303b31383b6c3435343133636336353e3938366731306667613460643936333767266f6e5d633d776d6a656e5f65624f44273030332c30253030284d70676e454e273030475b253032302e302530304b60726f6f6b776d2b556760454c273030454c5b4e273230455b2d3032392e302d3a322a4f72676e474e2532324551253032454e534e2d32324751253230332e382d3230416a706f6f6b776f2b5767604b6b745f67604b69742d3a32556d624744494c454c475d696e7174616c6367645d637070617b7b253140273230455a54576a6c656c665d6d6b6c6f637a2531402530304d5a565f636f6467705d6a75666e6d705d68636e665f646c6f6374273340273032455a5c5f646e6d61745f606c6d6664253140273232475a565d667063675d646d72766825334a2d30324d5854577b6a636467705f746778747772675f6e6d662733402d3232475a545f7467787c7d72655d616d6d7270677171696d6c5f60707c61273342253a38475a5c5f746d70767772675d636f6f7072677371696d6c5d7067766b253140273230455a54577c6578767770655d646b6e7665705d616c697b6d76726f70616b27314a2532385f47404b4b565f455a545f76657a747770675d666b647467705d616e69716f7c7a6f706b612733402730324758565d7350474a273142253238434a505770617a696e6e656e5d7368636465705f616f6f726b6e65273b422730324f45535d65646d6d656c765d696c66677a5d756b6c7427334a2730304f455b576460675f726d666667725d6f69706f61702733402530324d47535d7b74636c666172645d646d7a697663766b7667712731402530324f47535776677874757a6d5d64646f617c2d31402530324f45515f746778767570675d646c6d69745d6e6b6e656170253b4a2532324d47535d76677a767570675f6a6164645d666c6f697c27314a2532384747515f766778747772655d68636c645d646e6f637c5f6e6b6c65617227334a2d32304d47515f7467707667785d63727061715d6d626a656b7c27314a2532385f4740474e5d636f6e6f725d6277666467705d666e676176273142253232574d4a474c5d616d6d727067717165665d7467787c7770655f617b7c61273b42253a38554742454e5f636d6d707065717367665d76657a7c7570675d65746327334a2d3230554740474e5d616d6f7070677371656c5d766578747d7a675d6d7463392d3140253032574540474c5d636d6d7270677173676c5f76677a747572675f7b3b74632731402530325547404b4b565f55454a454e5f636f657870677b73656c57766778767772655d7333766327334027303257474a474e5d616f6d7070657b7b65645d766778767770675d733176635d737a65602533422d3a32554d4247445766676277655f72676e64677267725d6b6c646f273b42273032574542454c576c6570766a5d74677a767770652731422732385547424b495c5755474a474c576c6772746a5d74657a7475706527334027303257474a474e5d667261775d627d6e66657071273340273032554540454c5d6c6771675f636f667c677a7c25334a2d30325747404b49565f574742454c5d6e6d71655d6b6f6c766778742531422d3a30574740454c5d6f776e76695d66726377393424676c5f603532603835316b696034323a323134303535616561326335673734643037603a363664363735383c652675656e763f4b6c76676c2730304b6e6b2c2477676c7a354b6c7c656c2d3a324b726b712532324f70676e454c273032476e65616e67246163643d33&jb=333533266e7135456f7a6b6e6e61273044372c302730302a57616c666f77732d3a324c5c25323839322c30273142253030576b6e34342731402732327036362b273230417270646d576560496b742730443731372c31362732382a4948544d442d30412d3230646169672530324765616b6f2b253030416a706d6d672d32443b342e302e36363e3c2e393127303051636463706927304637333f2c3136

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:08 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net/fp/ Frame 726E 81 B
438 B 62ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 749A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jac=1&je=3d3924247f67607a74635d6d787c6d726c61645d69723d3338352e3a31322e32312c3338322e756b6f3f75676070766357696e7465726c696c5f65666e73

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 25ms
19ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/js(8)

Protocol

HTTP/1.1

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 17 Dec 2021 01:27:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12503521247758841375
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 14328
X-XSS-Protection: 0
Expires: Fri, 17 Dec 2021 01:27:08 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0896 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jac=1&je=3330302624776d6a7274615d67787667706c636c5d6b703f3130372c323332263a312c3938322e7f6b6f3d7567627276635f6b6e7665706c636e5f6f6c6e712460617473763d732a6c6574676e2238332c32322c20717463747d71203a226360697065616e672a75

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 49A5 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jac=1&je=313030242677676a7074615f6778746d706e636e5d69703f333a35263a3130263a332631383a2475696f3d75656a7274635d616676657a6e636c5f656c6c712462617471743d792a6e6574656e223a392c30322e207374637677732a3220616069726f696e6f207f

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 16001692.js Show response
bat.bing.com/p/action/ 689 B
735 B 199ms
199ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/16001692.js
Requested by: Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78835cfc7d9997cba63b6c30a64e14979ce2bd199a48e04ef93e1946f0449feb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 046E0AFEE7884F2E87C51B032F41BC04 Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:08Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 585

GET
H2 204 0
bat.bing.com/action/ 0
173 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=1a272c01-bcf0-49f6-b542-500da672c838&sid=73817fc05ed811ec8b5be9d2276ece8f&vid=738191b05ed811ecb9c90f0eb47512d5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&r=&lt=7423&evt=pageLoad&msclkid=N&sv=1&rn=358767
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76712F7C8D684EFA9A4E313F35C3F609 Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=1a272c01-bcf0-49f6-b542-500da672c838&sid=73817fc05ed811ec8b5be9d2276ece8f&vid=738191b05ed811ecb9c90f0eb47512d5&vids=0&ea=Application&evt=custom&msclkid=N&rn=408027
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75FC88B22A994AB9A7EA25493F529AC2 Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 16003743.js Show response
bat.bing.com/p/action/ 0
92 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/16003743.js
Requested by: Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Dec 2021 01:27:08 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA163F337B1246AC95622BA41ED22F86 Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:08Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=7cf8cece-59a5-4121-bd3c-bede979fafa7&sid=73817fc05ed811ec8b5be9d2276ece8f&vid=738191b05ed811ecb9c90f0eb47512d5&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&r=&lt=7423&evt=pageLoad&msclkid=N&sv=1&rn=761366
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 98F960E32BD14A36A09F314F0E077002 Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=7cf8cece-59a5-4121-bd3c-bede979fafa7&sid=73817fc05ed811ec8b5be9d2276ece8f&vid=738191b05ed811ecb9c90f0eb47512d5&vids=0&ea=Application&evt=custom&msclkid=N&rn=586888
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F761A96F17C34888961FA3A121DF697E Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame AC5B 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jac=1&je=3131372426706f356c6f24626374737c3f7b206e6776656e2038312638322e2a7b746974757b203822616863726f696e6720752e63756c683f63613f6a3b6734653638336363636b34663061356331313039313431343660376133393f3b346a3c643064643c3a343032333a666d346630316e6b66383c353b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ 2 KB
1 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1639704428622&cv=9&fst=1639704428622&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddfea9fac26ca040a92ce35879f508996f74d3b3f09abbada6be131109c76599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 2 KB
1 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1639704428628&cv=9&fst=1639704428628&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba010c9c1017cbce48fa76eab782e7707bb5f5d196b73e9540c13f99d0a870a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ 2 KB
1 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1639704428629&cv=9&fst=1639704428629&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb3929b7e95f34dbd5c9a2011fc2cf3c734644e8726e618008a7b311b61eb081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 2 KB
1 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1639704428630&cv=9&fst=1639704428630&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d28b7c5e65a65649dc96127bcabcceb6a9c4c0cda13921bd46f8072632351b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 2 KB
2 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1639704428631&cv=9&fst=1639704428631&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d9d39dc3e365bb44bef34d600c5d1c0c5f9ad9e20d74a6a39806410255857a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 2 KB
1 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1639704428632&cv=9&fst=1639704428632&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fae2b207d7f594cda342065cd8f75bada4e98bf0b011aed64450c1b0758b832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ 2 KB
1 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1639704428634&cv=9&fst=1639704428634&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c7065bb9eab6624aa5b8856e6d87bb0a5b201f84dc7ba08a24908b5d763c697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ 2 KB
1 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1639704428635&cv=9&fst=1639704428635&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc59502d732234d3dc96e19f4b9586047e70fb405699567c9ad484cbc049cb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 2E8C 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 7AC8 0
387 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0D27 0
387 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jac=1&je=393135242e726f356e6f246a617c7b743f7b2a6e6574656e223a312632302c2271766374757b203820616a6370656b6e6f227d26617566603d63693562396d366d363a336b61636b36663069376b393930393b3433363660356333393539366236663a64643c3a343232313a64673666383366636438363d39

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 6FCF 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1639704428631&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3171111160&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/830907969/ 42 B
108 B 51ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830907969/?random=1639704428631&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3171111160&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1639704428629&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4187510915&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819500023/ 42 B
108 B 51ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819500023/?random=1639704428629&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4187510915&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1639704428630&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1496617089&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/644574043/ 42 B
548 B 48ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/644574043/?random=1639704428630&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1496617089&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1639704428622&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4273030066&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/959299794/ 42 B
108 B 49ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/959299794/?random=1639704428622&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4273030066&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1639704428632&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1086267765&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
108 B 49ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1639704428632&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1086267765&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1639704428628&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3392806484&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/960621875/ 42 B
108 B 44ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960621875/?random=1639704428628&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3392806484&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 726E 0
387 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jac=1&je=33313726247065356e6f2460637471763f79206c6774656e2232332c30302c2a7b76637c75732a32206168637067696c67227f266375666a3f6161356a396734673638316163696b366630633563333b303b313631363660356b31333739366a3c663a6c6434303e3232333a6465346430336463663836373b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:08 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1639704428634&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1530679927&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/695231162/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695231162/?random=1639704428634&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1530679927&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1639704428635&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=132108991&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975701947/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975701947/?random=1639704428635&cv=9&fst=1639702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fonline-secureuser7654365citi1654654.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=132108991&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.30/ 52 KB
23 KB 259ms
142ms Script
application/javascript 2620:1ec:27::cafe:1377
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.30/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/16001692.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1377 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 01:27:08 GMT
content-encoding: br
etag: "1d7f1f35ff56ab1"
last-modified: Wed, 15 Dec 2021 20:36:02 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0bOe7YQAAAADxKKJOSmn0Trs3PE6YMCYXSEVMMDFFREdFMDYyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=A77CCC472B8E440183802C452ED2EC06&RedC=c.clarity.ms&MXFR=250399C276766B0A1F2088D27276657E
https://c.clarity.ms/c.gif?CtsSyncId=A77CCC472B8E440183802C452ED2EC06&MUID=1BDAC5EA00FC6E320468D4FA012E6F34

42 B
369 B

28ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=A77CCC472B8E440183802C452ED2EC06&MUID=1BDAC5EA00FC6E320468D4FA012E6F34
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 01:27:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6EA2AFEF2271402E9F30F8DD236B8268 Ref B: FRAEDGE1212 Ref C: 2021-12-17T01:27:08Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=A77CCC472B8E440183802C452ED2EC06&MUID=1BDAC5EA00FC6E320468D4FA012E6F34
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame AC5B 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jac=1&je=353926247765607a76635d657a74657a6c616e5d6b703d333a372e3a3b302c3a3b2e3938322e756b6d3f7767627a74635f6b667c677266616e5f6d6c6671

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:09 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
197 B 300ms
100ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
date: Fri, 17 Dec 2021 01:27:08 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0D27 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jac=1&je=3d3924247f67607a74635d6d787c6d726c61645d69723d3338352e3a31322e32312c3338322e756b6f3f75676070766357696e7465726c696c5f65666e73

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:09 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=89
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 726E 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jac=1&je=3739262675656a7a74635d677a7467706c636e5f6b723d33383d2c3033322e3a3b2c333032267f616f3f7767607274615f696c7467726c636e5d6d666673

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 01:27:09 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=88
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame 749A 0
219 B 41ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jac=1&je=30342424786567352537402d323a7e6570253a30253141312532432d3032756e666764696e6d6632324d52564b4d4c302d3232253341273d4266696e73652d324b253030475256414f4e273a322d3a4336253d46253544

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame 0896 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jac=1&je=3a34262672676d3525374027303274677027303227314131253a4127323275666c6764616e656c38324d50564b4f4e3225323025314127374064616e7b652730412532324d505c414f4e27303025304136273744273544

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame 49A5 0
218 B 19ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jac=1&je=3834262470676735273740253032766d70253030273341312730432d3a3077666c656e696e6d6632304d505649474e3025303a2d31412d35406661647b672730432532304f5056414d4e27323025324b36253746273744

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C533620F21A14BCFAEF5BC512D292984 Show response
content22.online.citi.com/fp/ Frame AC5B 0
218 B 15ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jac=1&je=3834262470676735273740253032766d70253030273341312730432d3a3077666c656e696e6d6632304d505649474e3025303a2d31412d35406661647b672730432532304f5056414d4e27323025324b36253746273744

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:12 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=68133A61847C0EB5486689511A41113F Show response
content22.online.citi.com/fp/ Frame 0D27 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jac=1&je=30342424786567352537402d323a7e6570253a30253141312532432d3032756e666764696e6d6632324d52564b4d4c302d3232253341273d4266696e73652d324b253030475256414f4e273a322d3a4336253d46253544

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:12 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67 Show response
content22.online.citi.com/fp/ Frame 726E 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jac=1&je=3a34262672676d3525374027303274677027303227314131253a4127323275666c6764616e656c38324d50564b4f4e3225323025314127374064616e7b652730412532324d505c414f4e27303025304136273744273544

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:12 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame 749A 0
219 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:15 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame 0896 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:15 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame 49A5 0
218 B 19ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:15 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C533620F21A14BCFAEF5BC512D292984 Show response
content22.online.citi.com/fp/ Frame AC5B 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:16 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=68133A61847C0EB5486689511A41113F Show response
content22.online.citi.com/fp/ Frame 0D27 0
218 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:16 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67 Show response
content22.online.citi.com/fp/ Frame 726E 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:16 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame 749A 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jac=1&je=3e3924247a67743531342c3e352439382c373d2e36322e32302c343a2c38362c3b2c34382c3b322c32322e34322c32302436302e30302e3e302e38322c36382e38302e37382c3238

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:17 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame 0896 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jac=1&je=3a38262670657e3531352c36302c37322c32322c36302e3a362430352e32372439322c3b352c3d382c32302e34302e32302c34302c30322e34322e32382c37322c30302c34302638302c34322c30322e34322c30322e36322e3832

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:17 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

POST
H/1.1 200
OK cls_report Show response
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 34 KB
5 KB 684ms
285ms XHR
application/json 192.193.179.248
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?clsjsv=6.6.16B3&_cls_s=56178b7f-0765-4524-af83-d593bcd669ab:0&_cls_v=3638b2ad-db67-4c49-9916-d7bac6fb9bea&pid=fd9d2ffb-5b23-44c2-95bb-7530acc27702&sn=1&cfg&pv=2&aid=

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.248 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

c402d7884af6c3a66cfbf8873dea5dcee51cfa57b640f52df57b6cb4ce48e628

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 17 Dec 2021 01:27:18 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
access-control-allow-credentials: true
Connection: close
content-length: 4363

GET
H/1.1 204
204 clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame 49A5 0
218 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jac=1&je=383826247265743533392c34322c35382c30322e36322e3a342e313e2634352439332636342437322e32302e36382e30302e3e382c30382c34302e38382e37322e30302e36302c38322c34302c30302434302c32322c36322c3230

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:17 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

POST
H/1.1 200
OK cls_report Show response
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 34 KB
5 KB 839ms
440ms XHR
application/json 192.193.179.248
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.248 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

f5ef45bddd2058030500705bc07a449b071338b8f4a08a66bc9bec9b5128ca6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 17 Dec 2021 01:27:19 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
access-control-allow-credentials: true
Connection: close
content-length: 4361

POST
H/1.1 200
OK cls_report Show response
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 34 KB
5 KB 534ms
135ms XHR
application/json 192.193.179.248
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.248 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

e6bcc3f652f95400acf28a38bd034470c6bd485fe3f563f636a946a983540af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 17 Dec 2021 01:27:19 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
access-control-allow-credentials: true
Connection: close
content-length: 4361

GET
H/1.1 204
204 clear3.png;CIS3SID=C533620F21A14BCFAEF5BC512D292984 Show response
content22.online.citi.com/fp/ Frame AC5B 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C533620F21A14BCFAEF5BC512D292984?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jac=1&je=313234242672677e3f31372e32342c3d322e32322e36302c32322c3e382c32382436382e30382e37302c30322c3e302e3032243e322e38302e36302638322e34302e30322c36322632302e36322e30382e36322c32302c34322c30382434322638302436302632322c34302c30382c36302c38382e36382e32302c3e382c3232

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:18 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=68133A61847C0EB5486689511A41113F Show response
content22.online.citi.com/fp/ Frame 0D27 0
218 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=68133A61847C0EB5486689511A41113F?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jac=1&je=393332242e70677e3d32322635392435322e38322c34302c30302c3e322e30302e34322e30382e37322c32322e34322e38302c36302e32382c36382c30302436382e32322434322630302e3e302638302e36382c30322c34302e30382e36302e32322e36302632322e34322c32322e36382e30302c36322630302434302e38302436322c3832

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:18 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 95ms
95ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: http://online-secureuser7654365citi1654654.duckdns.org
date: Fri, 17 Dec 2021 01:27:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 204
204 clear3.png;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67 Show response
content22.online.citi.com/fp/ Frame 726E 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jac=1&je=3333362624726d7e3d323a2c36302e37322c32302e34302c30382e34302e3038243432263030243d322c30322e36302c30302e36322e32322e34302c38302e34322e30302e36382630302e34322e32322e34322e32322c34302632322c36302638322e3e302e38382e34302c32302c34302e32302e36322c32322c34382e32322e36302e3230243e302e3232

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:18 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=89
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame 749A 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:19 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=88
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame 0896 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:19 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=87
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame 49A5 0
219 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: online-secureuser7654365citi1654654.duckdns.org
URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:19 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C533620F21A14BCFAEF5BC512D292984 Show response
content22.online.citi.com/fp/ Frame AC5B 0
218 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=68133A61847C0EB5486689511A41113F Show response
content22.online.citi.com/fp/ Frame 0D27 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=7A86D5A990167C33A3444E4F2F33FE67 Show response
content22.online.citi.com/fp/ Frame 726E 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://online-secureuser7654365citi1654654.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 01:27:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Domain: contents3.00110.citi.com
URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1639704422713-sjn0000722-9ae263e0-889e-4704-b1a3-556294a3703e&muid=1639704422177-1B1006C2-DE08-49CC-94E6-C10DDE58D856

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prod.report.nacustomerexperience.citi.com/glassbox/reporting	1969-12-31 23:59:59	Name: _cls_s Value: 56178b7f-0765-4524-af83-d593bcd669ab:0
prod.report.nacustomerexperience.citi.com/glassbox/reporting	1969-12-31 23:59:59	Name: _cls_v Value: 3638b2ad-db67-4c49-9916-d7bac6fb9bea
.online-secureuser7654365citi1654654.duckdns.org/	1969-12-31 23:59:59	Name: cdContextId Value: 1
.online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: bmuid Value: 1639704422177-1B1006C2-DE08-49CC-94E6-C10DDE58D856
online-secureuser7654365citi1654654.duckdns.org/	1970-01-19 23:28:26	Name: 7830 Value: error
online-secureuser7654365citi1654654.duckdns.org/	1970-01-19 23:28:26	Name: 7018 Value:
online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 01:38:00	Name: 64072 Value:
.online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: cdSNum Value: 1639704422713-sjn0000722-9ae263e0-889e-4704-b1a3-556294a3703e
.tvpixel.com/	1970-01-20 08:14:00	Name: sp Value: 9a7f40d3-34e2-49c9-a4a8-e289598acb99
.online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 01:38:00	Name: _gcl_au Value: 1.1.1518013292.1639704426
online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: mdLogger Value: false
online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: kampyle_userid Value: c7ff-8f91-e4ee-0ceb-01ff-746b-3287-6080
.agkn.com/	1970-01-20 08:14:00	Name: ab Value: 0001%3AimoEvLc73QM0OZOOy5pl%2Fg0Y%2FM%2Bpfdsq
.agkn.com/	1970-01-20 08:14:00	Name: u Value: C\|0CAApTqPrKU6j6wAAAAAAATPZAAAAAA
online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: kampyleUserSession Value: 1639704427991
online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: kampyleUserSessionsCount Value: 2
online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: kampyleSessionPageCounter Value: 1
.bing.com/	1970-01-20 08:50:00	Name: MUID Value: 1BDAC5EA00FC6E320468D4FA012E6F34
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3sDA3MTcyNjU1NxfiM9StLMqLyvSuDHH0dfMCAEwnZCYlAAAA
.rfihub.com/	1970-01-20 08:50:00	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3sDA3MTcyNjU1NxfiM9StLMqLyvSuDHH0dfOS4jU0M7Y0NzAxMbIwsjAGADKRtDQ0AAAA
.online-secureuser7654365citi1654654.duckdns.org/	1970-01-19 23:29:50	Name: _uetsid Value: 73817fc05ed811ec8b5be9d2276ece8f
.online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:50:00	Name: _uetvid Value: 738191b05ed811ecb9c90f0eb47512d5
.doubleclick.net/	1970-01-20 08:50:00	Name: IDE Value: AHWqTUm16qcM8c_gf8Eo0OTxsFkH2ciNiw45Y2EHwt13hGhLiVnECgY8kFZsJla5
.rezync.com/	1970-01-20 03:47:07	Name: zync-uuid Value: a388da9d-cb9c-4507-91af-a7daaf0ed5a2:1639704428.66
live.rezync.com/	1970-01-20 03:47:36	Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjp7IiBiIjoiWVRNNE9HUmhPV1F0WTJJNVl5MDBOVEEzTFRreFlXWXRZVGRrWVdGbU1HVmtOV0V5T2pFMk16azNNRFEwTWpndU5qWT0ifX0.FJ147A.ZuiriXKShHt2XQmUGE8MEqUliCU
.c.bing.com/	1970-01-20 08:50:00	Name: SRM_B Value: 1BDAC5EA00FC6E320468D4FA012E6F34
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 08:50:00	Name: MUID Value: 1BDAC5EA00FC6E320468D4FA012E6F34
.c.clarity.ms/	1970-01-19 23:28:25	Name: ANONCHK Value: 0
.online-secureuser7654365citi1654654.duckdns.org/	1970-01-20 08:14:00	Name: _clck Value: 15t7g4c\|1\|exc\|0
.online-secureuser7654365citi1654654.duckdns.org/	1970-01-19 23:29:50	Name: _clsk Value: x8pgml\|1639704429424\|1\|0\|b.clarity.ms/collect

349 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/ Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff' from origin 'http://online-secureuser7654365citi1654654.duckdns.org' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/ Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff' from origin 'http://online-secureuser7654365citi1654654.duckdns.org' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/ Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff' from origin 'http://online-secureuser7654365citi1654654.duckdns.org' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_twitter@3x.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
deprecation	warning	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/xmsdk.js.download(Line 18) Message: RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Citi-Branding-Sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_youtube@3x.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Appstore-Googleplay-JDPower-Sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
deprecation	warning	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cedric.js.download(Line 7) Message: Plan B SDP semantics, which is used when constructing an RTCPeerConnection with {sdpSemantics:"plan-b"}, is a legacy version of the Session Description Protocol that has severe compatibility issues on modern browsers. The standardized SDP format, "unified-plan", has been used by default since M72 (January, 2019). Dropping support for Plan B is targeted for M93. See https://www.chromestatus.com/feature/5823036655665152 for more details, including the possibility of registering for a Deprecation Trial in order to extend the Plan B deprecation deadline for a limited amount of time.
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_facebook@3x.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/ Message: Access to XMLHttpRequest at 'https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1639704422713-sjn0000722-9ae263e0-889e-4704-b1a3-556294a3703e&muid=1639704422177-1B1006C2-DE08-49CC-94E6-C10DDE58D856' from origin 'http://online-secureuser7654365citi1654654.duckdns.org' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1639704422713-sjn0000722-9ae263e0-889e-4704-b1a3-556294a3703e&muid=1639704422177-1B1006C2-DE08-49CC-94E6-C10DDE58D856 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear.png' because its MIME type ('image/png') is not executable.
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(1).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(7).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(8).png' because its MIME type ('image/png') is not executable.
network	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(14).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(15).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(3).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3.png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(4).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(1).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(5).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(2).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(10).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(29).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(11).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(12).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(30).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(31).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(17).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(54).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(18).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(19).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(55).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(56).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(3).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(4).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(5).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(6).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(7).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(6).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(32).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(31).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(34).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(35).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(36).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(37).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(57).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(56).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(59).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(60).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(61).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(62).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(9).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(10).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(11).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(12).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(13).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(14).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(38).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(39).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(40).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(41).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(42).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(43).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(63).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(64).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(65).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(66).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(67).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(68).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(15).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(16).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(17).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(18).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(19).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(20).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(44).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(45).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(46).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(47).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(48).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(49).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(69).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(70).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(71).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(72).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(73).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(74).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(21).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(22).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(23).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(24).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(25).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(26).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(50).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(51).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(52).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(53).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(75).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(76).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(77).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(78).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(27).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(28).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(1).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(22).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp(2).html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(23).png' because its MIME type ('image/png') is not executable.
security	error	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/ls_fp.html Message: Refused to execute script from 'http://online-secureuser7654365citi1654654.duckdns.org/secure/citi_files/clear(21).png' because its MIME type ('image/png') is not executable.
network	error	URL: http://cdn.pbbl.co/r/1560.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/ Message: The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/ Message: The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://online-secureuser7654365citi1654654.duckdns.org/secure/ Message: The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20822230p.rfihub.com
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net
assets.kampyle.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
c.tvpixel.com
cdn.pbbl.co
content22.online.citi.com
contents3.00110.citi.com
d.agkn.com
googleads.g.doubleclick.net
h.online-metrix.net
live.rezync.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online-secureuser7654365citi1654654.duckdns.org
online.citi.com
p.tvpixel.com
prod.report.nacustomerexperience.citi.com
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
udc-neb.kampyle.com
www.citi.com
www.clarity.ms
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
contents3.00110.citi.com
www.citi.com
13.32.22.112
13.32.22.87
142.250.186.130
151.101.1.175
151.101.130.133
151.101.192.68
18.196.159.27
18.197.253.20
192.193.179.248
192.225.158.3
199.38.167.128
20.75.32.255
23.67.141.195
2600:9000:214f:7800:1d:bf0a:0:93a1
2620:1ec:27::cafe:1377
2620:1ec:c11::200
2a00:1450:4001:80f::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
34.106.153.222
34.235.253.107
35.190.60.146
35.241.45.82
52.142.114.2
91.235.132.130
91.235.133.67
91.235.134.131
016b0590183f82205fe441fee93850bd80df4d9552cdbd9fbba284b935242f64
0ce27e9325578e87d56fb6067cea56737c8a1fec538e1a823a72e5c4c2de4ab0
0deec85bec590087e950f1d5827587262e7ae4adb317d932fd439ca487afd83a
0e0b42f83994ef5771755c73a41bea8af80a20a8f9deb44649ca34ff75863c04
0ff723ad535bb51caa4e379125786ca1d328f29faa1bb59733728bf16453053c
0ff8ab7046d29477deea04c4871c3855e3bd73df92dec600c8b387d9905b62ae
1016424af7076835d7206b76340599acf20d57a2cdf3947402143de73a1dbd02
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
10d1a09ed85bc8ad803a16660940e68736b3a86d27bdaf7d96ca872152d55156
16efb25baf2619cbc7ad10c2037057683a9765f40131e81d4df067f88c068a4d
192342dece60dbba81a5d57f1ee771e2847dc75ca1028c4ff0caaa89ba0269ad
193238ab76da5459deca110ce1d66df1e8c4704397e025072eb03b2ea88adf0b
1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061
1a52e20a2d1a14c0f487d961757fe56caa17d172a64820c54950eba91c50933a
1b8c4f70dd9b2112ac0dd9f8c05f809563a771a1cf6706660d972dd97f84529b
1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf
1ef8a96213dddc1092922838721a9944760936864f654a7975246e377b6271e6
21436b362a61dba68828fcad09704f865f1fc169f284ff7383927eead46a9d62
232e458903366c81298221c77e27a787a9b023b461f4bf041d46cba54dbed529
241e96ead3a633d9b84379afdc244cd93a9b63a786e4ec77f5bc73d5a52a09c2
24ae3bdb3c016eefc3e7519084cccfe577540cc99624de7f50ecf8f651d100e0
24d9d39dc3e365bb44bef34d600c5d1c0c5f9ad9e20d74a6a39806410255857a
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
25c52f4761b79dd90bcc22e298ebbf0fd3027aea8a96874c467c607d9f0a4caf
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c51dc90707e69cae2be9668b7d8c465a7707627d3f30b78a2145c266559076
2861b2d82fec30deb83e23b981db306dfef251b7712576ee2abfe668e1084ac3
29559450cf2b7f8be98987d31923c299e84677b50c284f37ee590401848856a0
2de419797226f96c7acae89f033c5fc33491312ea4f305052209f9136632d6f5
316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
381755f71c74f975a9ac540fe1ede4a3fc9b1fab96d800b86d635d526d27b8a4
3950c8b755ebd006f07c6f1fd8595ddb482de737b2881e93bd25b4e932ba0832
3a4284fc3091796d852c047a85d6f8d91c95e1bb7b1b2c3bb3e69b1d29064488
3d594246baf1e88fe62fc2bf1adf9ff76c53e390731f99455eb71d7441ba8f00
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3fd98b9b4f926fc187f5d96d89e84f6400995dbfca8ddb6ab2e25c983191a672
3ffeb7001287be5dd60d5a221874e2ea04d0aa6aab1000256616bf0efd82fdc4
3fffb8d87957014886c19a6facfef2acbeb84d739b58be7bb01fd963448e2bcc
410b2c6c4e5d803c112ac15ed2e11db6bb1278ed837fa0259d67feaca2d89e4d
460d13e70e1f2ee022a7c67fd5ac1c6a3562b358f00a579e40bb89f4dbfe5a86
4617d721a72730b105417ff7d971cad16a84a6fb8da05729ac45f69a02396600
472083aa55f0ce92f258f53c93181e695338e6c01857ceafbf6ced254b94c56d
48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a
488f2e5ca810789b86bf5dcb121eddb5ad06d69914e622971685b56bc8b16354
48bbb9a9c2bcf37b69acde0cd56b87591edd09beb8efc629f95757eec1866e7f
48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593
4c8e7a9b90d81d5546fd28d8dcc95c51329c2eeda5eac8348ce1ee5913e49fdc
51369dbf29e69b578b41d4e58bfd7f7845ff88baa6595c954fa9fddf0dbecf5d
51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a
522839a3b1bbd47d86e6569bf4769fafdc9c1edc40cc7fd088aeeaacb6a3f099
54114d6a66ff9b0a463cb8804b869581eb63483f4a78f5fc4367861bb2267a50
577ba686bf05b5efa5c5988a4b82ae60cd45fe4681178a5a185613ab40452721
58edfbfc2f0d71cba3b2f3c7e20e86af09b6e7097c76db4e57cd9b4abe106b50
5aae2cfb75508c7fe149be48fb2de77689242a21e02dae364d4438161349b386
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
5eddf6e04b7b4d877bcc41b695bc5ade3cd6dc80b2493fb06ff47f68b5d0eb79
60202d0a881aee000e3ef1b52abe7ce6759a52bdc50b97f60ddcb65783fa8d22
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
627660443b6ba8e5a33bb1c0961f9a628a6b956ac4c9cfb3aca7991797d30bc3
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
63a37c8b23a9f3953a94d7887a80395ebeb1c25c1c9561fff6a4991c4a6a8676
651ebd4bc6f8839724c4170e4a2a371ec8ef7ec4e84a137f272c7a3c0b405dcb
6608f3225dd3f373a0fe2701c42427936eb998509a1271ac52dce3b00af54834
66142f608346ab15cd117ab93e2c97168ccbcbdcdf6523bc4fea489a18a852fa
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
71137b95bc3d14f7a6de2ed96290422b4ae342c57a3ea8ff9ae6914fd7a9792a
7248100210c345cffee1fc48662b578ccf42ab3d2254b3ecba32540532e6e497
76262472e3bdc3961a2981c15110635a80b249f424ad28be42366e50f4ffbe03
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b
78835cfc7d9997cba63b6c30a64e14979ce2bd199a48e04ef93e1946f0449feb
7c7065bb9eab6624aa5b8856e6d87bb0a5b201f84dc7ba08a24908b5d763c697
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fae2b207d7f594cda342065cd8f75bada4e98bf0b011aed64450c1b0758b832
7fb20629e6af659742722f89cf23522dc448d94ca929ca7cc578ad693953992f
80ca50c063371e37ab3ed2efb9842c2aac89bd9e2ac64de697950c588d4df7c2
8322edb47f5a2f8dc4b8767813922f6918dcfa00d8c93de0017b04db649f63d6
83234a7ccf9b10289c35549b5528c0a8203e3ea5fa497c42ee556121368e37c5
8459cb104cafb0507aa429253ff2728409ada24e879d92b7696d18ac9ee153bd
845fb8a7859de5499a50023135f5863388e4a464fd11a14fa77ac62a05d915b5
88fc4b693b8bbadd822119802f0b7f3039c7fdaffc03c6a4e4c1ee3b2127a674
8af070f2f55051d709a513db37d217d7109ae2150bf226100e6b9c7866844499
8c9db6aae864c399cd193941140f47128eb99ef4310795eda5befe70ff7b3d91
915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec
9222fb53874d578cf7d2b8778f4d06c197a5ad3c6c044d3f4428988da18972f6
94bd0aa5378cc695113022cf5f09877c2444520fe1e8c1100d7e26f048b25427
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba010c9c1017cbce48fa76eab782e7707bb5f5d196b73e9540c13f99d0a870a
9c53af1ed22f8e1f67c76c9fc493d32cdfa1c3023a574778833a27e90b88e13b
9d4d19dd520c10ff3db474e5ebb5c60026b6c4f019595ff244f507cf4513c9cb
9e23b4dad6358ed849ca70f36a6a1c3de98e629525fde32ead37aaa5228d9cd8
9e78de330792cb7190d2391e632fef62a7142470694ed01389149b3066bdca04
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a2649f19cc734a78d3514ad70e38bfd5ea21b2be5d327a044c3e829c355ff036
a52ab14f213aee9dd4812843a9ef65a6f636b6f7ae7120e9b9821ba96af70b4e
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
a68a8ff7bdf4e00a6b9c5fca206dd13e479b97d5ba42254c8ffa9e236b25c1da
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
b71ccf6edf4f945fe0cb55240b606077eb77930db0f12fadb5859091a5967102
b725189e88d9ad5e015c49b09ab26398e6f55f77e83c4fdc584d54a3e82aa78f
b86389100be1332c53c03d4aec32dce30ce00d9f4a803a7c6f7dc6155c4d84c1
bb3929b7e95f34dbd5c9a2011fc2cf3c734644e8726e618008a7b311b61eb081
bd6063c15d17891a02f2c3cc33c3f10b9d3a6d370a6348871b4502c15c4d627e
be3a7fefd0171e451a0610798b1ddebec64cd0457d8a9e571498b417c5f15142
bf7853273ca8063f3944cca69bc18fdc056db7c373386b4534a9dbc3a9f8c6c7
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29
c402d7884af6c3a66cfbf8873dea5dcee51cfa57b640f52df57b6cb4ce48e628
c64cbd472959e09b0eb3f25f31c09c8e80547071c69abf8db3b66a4a711c77fc
c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
ca38d8682a98a0ee4a68a944c13a9670b9553d57377fe281c239c3404a790c7c
caee168bf02bca9a6dd37b7b8aeb7db44872a9f65f41b889eb22db200406b5ed
cb8bc2724fbb0073e7c2d6bb35c848be74bdd7521d2ecc57733fb5565760edca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d28b7c5e65a65649dc96127bcabcceb6a9c4c0cda13921bd46f8072632351b75
d50ae3a02ec280a748e022d9ddd233963dcbc619ddaf0eb6d674cf9f4d1219ce
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
ddfea9fac26ca040a92ce35879f508996f74d3b3f09abbada6be131109c76599
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e103d45f638ac5174b7428a7b0d2f0440766cb8d17c05886e41ae30e62e8825d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
e6399fca6cbab33a9b3831e797db3e27e5438340da68f73b02710a3a75f58baf
e6bcc3f652f95400acf28a38bd034470c6bd485fe3f563f636a946a983540af7
e6fbe4a193b021c1e0163b81b5673c98b5085920304d913b08e9aa9af0c1121b
e78fd3a0c79a50c92811c6f4354790115560dd6d4e04ef95429cb5913ea39586
e7ef42c5bbd7f8d71f7c0a6b1d7de5aab5ef30619267afd49f0f2d27998cdc93
e83d41b48708d19862e5bd32a6e7d25e7aa9c3bb4f49f967b36f2e93619eb0a7
e8e8f01dc620e1cd54ce35aa05a1c9c703bf8eede3772537ffb5cc10884bfeac
ea443941c23136440c6e80fa8c83e99402564222964f960921476eb82bb431f4
ed000f9034b588160db0f2a7f4213cc23eacfd007d11980f8453b8e50bef87a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01b5b117b46e4d745d73cb061237a5126d0c04f267147a75a1c58ebaabf3f55
f237cc206237c64f01c5eecc39d6a2826b0ffb42ac19bc613fe212ea005870eb
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
f5ef45bddd2058030500705bc07a449b071338b8f4a08a66bc9bec9b5128ca6d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86159e457515ed44012f031a9bd52caa9bbb256ff36f161296a4a159971483a
f8ac7288f6002c57f7d91d97b70108e6debb748f00261aa038f4193c37524477
fc59502d732234d3dc96e19f4b9586047e70fb405699567c9ad484cbc049cb23
feb179e2c4a037cb503adc8c0e0bf7031318f728c1546f2fe1fc52b80c3164d3
feb51770e950d4375c64c7045dba448a58adf5363569fa1e1f3e06937aa11007

online-secureuser7654365citi1654654.duckdns.org Open in urlscan Pro 34.106.153.222 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

425 Requests

38 %HTTPS

25 %IPv6

19 Domains

35 Subdomains

28 IPs

3 Countries

19084 kBTransfer

22539 kBSize

31 Cookies

35 Outgoing links

Redirected requests

425 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

online-secureuser7654365citi1654654.duckdns.org Open in urlscan Pro
34.106.153.222 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

425
Requests

38 %
HTTPS

25 %
IPv6

19
Domains

35
Subdomains

28
IPs

3
Countries

19084 kB
Transfer

22539 kB
Size

31
Cookies

425 HTTP transactions
1 data transactions