activatecit1.com Open in urlscan Pro
111.90.156.40 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://activatecit1.com/
Effective URL:
https://activatecit1.com/login/
Submission: On May 10 via automatic, source certstream-suspicious (May 10th 2022, 4:10:42 pm UTC) — Scanned from DE

Summary HTTP 251 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 25 domains to perform 251 HTTP transactions. The main IP is 111.90.156.40, located in Seremban, Malaysia and belongs to VERDINA, BZ. The main domain is activatecit1.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 10th 2022. Valid for: a year.

This is the only time activatecit1.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 110	111.90.156.40 111.90.156.40	201133 (VERDINA) (VERDINA)
9	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1 4	52.213.35.75 52.213.35.75	16509 (AMAZON-02) (AMAZON-02)
2	52.43.32.23 52.43.32.23	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.31.67.18 52.31.67.18	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	52.49.14.51 52.49.14.51	16509 (AMAZON-02) (AMAZON-02)
4	18.215.10.128 18.215.10.128	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.175 151.101.193.175	54113 (FASTLY) (FASTLY)
2	2600:9000:231... 2600:9000:2315:c00:a:6cdf:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:d000:1e:54f1:26c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:231... 2600:9000:2315:9600:13:ab57:d440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.141.218.213 52.141.218.213	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:a00:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	13.224.198.56 13.224.198.56	16509 (AMAZON-02) (AMAZON-02)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1 8	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.198.193.48 18.198.193.48	16509 (AMAZON-02) (AMAZON-02)
42	91.235.133.67 91.235.133.67	30286 (THM) (THM)
1 3	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.193.200.243 192.193.200.243	32287 (SOLANA-CI...) (SOLANA-CITIPLEX)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	91.235.132.130 91.235.132.130	30286 (THM) (THM)
3	91.235.134.131 91.235.134.131	30286 (THM) (THM)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
251	32

110 111.90.156.40 (Seremban, Malaysia) 1 redirects

ASN201133 (VERDINA, BZ)
PTR: server1.kamon.la

activatecit1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.35.75 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-35-75.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.43.32.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-32-23.us-west-2.compute.amazonaws.com

ci-mpsnare.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.67.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-67-18.eu-west-1.compute.amazonaws.com

citi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

metrics1.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.14.51 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-14-51.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.215.10.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-10-128.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:c00:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.a79ab95c1589a13f8a4cab612bc71f9f7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:d000:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.b406929acabac9b095f124c81bdfcf57f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:9600:13:ab57:d440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.c81358859121583b7adf2ace89cb39f44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.141.218.213 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

contents3.00110.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a00:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.198.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-56.fra2.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.193.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-193-48.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 91.235.133.67 (United States)

ASN30286 (THM, US)

content22.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.193.200.243 (United States)

ASN32287 (SOLANA-CITIPLEX, US)

prod.report.nacustomerexperience.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.134.131 (United States)

ASN30286 (THM, US)

89oebq5kpvishrqv7q6hkiwxhnv7b2gwaipjfon4b19de19be346047eam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kulbvvkh7et6ufr3r5zl3hrrmbd5fgk6m9d88b12300a3e458am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5krjf5rug7a7mkitpkbiuhopyaodfbv6epb845e0f899776179am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
110	activatecit1.com 1 redirects activatecit1.com	4 MB
46	citi.com www.citi.com Failed online.citi.com — Cisco Umbrella Rank: 26694 metrics1.citi.com — Cisco Umbrella Rank: 28028 contents3.00110.citi.com — Cisco Umbrella Rank: 43984 content22.online.citi.com — Cisco Umbrella Rank: 44949 prod.report.nacustomerexperience.citi.com — Cisco Umbrella Rank: 21877	506 KB
16	google.com www.google.com — Cisco Umbrella Rank: 20	2 KB
9	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 4439 89oebq5kpvishrqv7q6hkiwxhnv7b2gwaipjfon4b19de19be346047eam1.e.aa.online-metrix.net 89oebq5kulbvvkh7et6ufr3r5zl3hrrmbd5fgk6m9d88b12300a3e458am1.e.aa.online-metrix.net 89oebq5krjf5rug7a7mkitpkbiuhopyaodfbv6epb845e0f899776179am1.e.aa.online-metrix.net	48 KB
9	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3645	156 KB
8	google.de www.google.de — Cisco Umbrella Rank: 3632	996 B
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	10 KB
8	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 605 c.bing.com — Cisco Umbrella Rank: 379	14 KB
5	tvpixel.com p.tvpixel.com — Cisco Umbrella Rank: 2396 c.tvpixel.com — Cisco Umbrella Rank: 10136	32 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 283 citi.demdex.net — Cisco Umbrella Rank: 55834	7 KB
3	clarity.ms 1 redirects c.clarity.ms — Cisco Umbrella Rank: 926	897 B
3	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4982 udc-neb.kampyle.com — Cisco Umbrella Rank: 3452	6 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	117 KB
2	medallia.com resources.digital-cloud-citi.medallia.com — Cisco Umbrella Rank: 34922	89 KB
2	c81358859121583b7adf2ace89cb39f44.com 1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 41671	4 KB
2	b406929acabac9b095f124c81bdfcf57f.com 1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 41900	4 KB
2	a79ab95c1589a13f8a4cab612bc71f9f7.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 41638	4 KB
2	iovation.com ci-mpsnare.iovation.com — Cisco Umbrella Rank: 84022	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 810	595 B
1	pbbl.co cdn.pbbl.co — Cisco Umbrella Rank: 12591
1	rlcdn.com sr.rlcdn.com — Cisco Umbrella Rank: 15571	98 B
1	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5963	610 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1413	517 B
0	Failed function sub() { [native code] }. Failed
251	25

	Domain	Requested by
110	activatecit1.com	1 redirects activatecit1.com
42	content22.online.citi.com	activatecit1.com content22.online.citi.com
16	www.google.com	activatecit1.com
9	nexus.ensighten.com	activatecit1.com
8	www.google.de
8	googleads.g.doubleclick.net	www.googleadservices.com
7	bat.bing.com	activatecit1.com bat.bing.com
6	h.online-metrix.net	content22.online.citi.com
4	p.tvpixel.com	activatecit1.com
4	dpm.demdex.net	1 redirects activatecit1.com
3	c.clarity.ms	1 redirects bat.bing.com
3	www.googletagmanager.com	activatecit1.com
2	resources.digital-cloud-citi.medallia.com	activatecit1.com
2	udc-neb.kampyle.com	activatecit1.com
2	1.c81358859121583b7adf2ace89cb39f44.com	activatecit1.com 1.c81358859121583b7adf2ace89cb39f44.com
2	1.b406929acabac9b095f124c81bdfcf57f.com	activatecit1.com 1.b406929acabac9b095f124c81bdfcf57f.com
2	1.a79ab95c1589a13f8a4cab612bc71f9f7.com	activatecit1.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
2	ci-mpsnare.iovation.com	activatecit1.com ci-mpsnare.iovation.com
1	89oebq5krjf5rug7a7mkitpkbiuhopyaodfbv6epb845e0f899776179am1.e.aa.online-metrix.net
1	89oebq5kulbvvkh7et6ufr3r5zl3hrrmbd5fgk6m9d88b12300a3e458am1.e.aa.online-metrix.net
1	89oebq5kpvishrqv7q6hkiwxhnv7b2gwaipjfon4b19de19be346047eam1.e.aa.online-metrix.net
1	www.googleadservices.com	activatecit1.com
1	prod.report.nacustomerexperience.citi.com	activatecit1.com
1	c.bing.com	1 redirects
1	d.agkn.com
1	cdn.pbbl.co	activatecit1.com
1	sr.rlcdn.com	activatecit1.com
1	c.tvpixel.com	activatecit1.com
1	contents3.00110.citi.com	activatecit1.com
1	nebula-cdn.kampyle.com	activatecit1.com
1	mpsnare.iesnare.com	activatecit1.com
1	cm.everesttech.net	1 redirects
1	metrics1.citi.com	activatecit1.com
1	citi.demdex.net	activatecit1.com
1	online.citi.com	activatecit1.com
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	content22.online.citi.com
0	www.citi.com Failed	activatecit1.com
251	37

This site contains links to these domains. Also see Links.

Domain
online.citi.com
www.citi.com
www.citigroup.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
play.google.com
itunes.apple.com
www.jdpower.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.activatecit1.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-10` - `2023-05-10`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
ci-mpsnare.iovation.com DigiCert SHA2 High Assurance Server CA	`2022-04-19` - `2023-05-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2022-05-03` - `2023-05-16`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
metrics1.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-02` - `2022-08-30`	2 years	crt.sh
*.tvpixel.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 Extended Validation Server CA	`2021-04-27` - `2022-05-24`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-22` - `2023-03-26`	a year	crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-04` - `2023-04-04`	a year	crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-04-07`	a year	crt.sh
*.c81358859121583b7adf2ace89cb39f44.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-04-07`	a year	crt.sh
contents1.00110.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-08-10` - `2022-08-10`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.pbbl.co Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2021-11-15` - `2022-10-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
content22.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-14` - `2022-08-06`	2 years	crt.sh
prod.report.nacustomerexperience.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-05-05` - `2022-07-04`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 01	`2022-02-08` - `2023-02-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://activatecit1.com/login/
Frame ID: 77A22772305F3AE3941378918A4FDD38
Requests: 177 HTTP requests in this frame

Frame: https://activatecit1.com/KNYGHT/a/425466.htm
Frame ID: 1AFF4C7DA824E23F13BE574184F28665
Requests: 1 HTTP requests in this frame

Frame: https://activatecit1.com/KNYGHT/a/a.htm
Frame ID: C0A44C243E91594D908FDBF9BC8E93DC
Requests: 1 HTTP requests in this frame

Frame: https://activatecit1.com/KNYGHT/a/a.htm
Frame ID: 88CEF51D6C1FF398F21BE660C99738EF
Requests: 1 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: 4AE054593F2BFF05E6409C46B108A04D
Requests: 1 HTTP requests in this frame

Frame: https://activatecit1.com/KNYGHT/a/a.htm
Frame ID: D5857DFF0441F51E1893309D2AB84610
Requests: 1 HTTP requests in this frame

Frame: https://activatecit1.com/KNYGHT/a/pixel.htm
Frame ID: 805B6FA2A6467B4ABA9C945BAD8B45F2
Requests: 1 HTTP requests in this frame

Frame: https://activatecit1.com/KNYGHT/a/a.htm
Frame ID: 5A979F692ADABFFAC093CD5000CA9B9B
Requests: 1 HTTP requests in this frame

Frame: https://activatecit1.com/KNYGHT/a/63068.htm
Frame ID: 04BC093A8ED65535A5BA0E719691857C
Requests: 1 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 3622C89CFC569D6DBBFC436FF3727662
Requests: 2 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: 8BD926BB6C5D1C5CA2360DA0D2302EE4
Requests: 2 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: DE38F69881F4545CBBA5FE963D39D074
Requests: 2 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: FCCC48A81A5CBF1EF7B9712A9149AB0C
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=B8C3A2CD2B3E3CBE0A66CF4044F4101B?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jb=3530262468716f753f4c616c757a2e62716d3f4c696e777a246a7362773f436a726d6f6526687b6a3d4368706f6f67253030313233
Frame ID: 46FF97A895AE953539849C1ED06BB97B
Requests: 14 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=01B599D9096E3BC6050A0075406A6F7A?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jb=3538262e68716f773f44696c75782468716d3d4c616c777a24687360773f416a706f6f67266871603d4b68706f6d67273230393033
Frame ID: D79244D636335BBD2E64B6C9F8EBB61A
Requests: 14 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=77C6FC77D1EB1BF813C36210FCE0D804?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jb=3730242668716d753f4e616e77782e68716d3f4c6b6c75782e687360753d4360706f6d65266873623f4368706d6f6d273230313031
Frame ID: A1D4FB85370632C35E3A8DEB116B86E6
Requests: 14 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1
Frame ID: 2857779FF0C4C5653F069C4EDC93CE57
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1
Frame ID: C325DFF4807C3BFCEB2F9B1C6FEF5C27
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1
Frame ID: FD0444F52E35A7D0FDBD6FD9207AF6C1
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1
Frame ID: C362534CE8E77D34A9BC708F03235C70
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1
Frame ID: 5266B951D08E4C0CD063EE8F43AC757D
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1
Frame ID: 3EC77754A0402B5F3844DD032F0D236F
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1
Frame ID: 5ADBA3FAAE2CB054344677F37A677E92
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1
Frame ID: 4A4F47B63DFB2C3F674F34D38FB3CD72
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1
Frame ID: 5142BFB1707E5045668BCB334C2EC9C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On to Your Citi Account - Citibank

Page URL History Show full URLs

https://activatecit1.com/ HTTP 302
https://activatecit1.com/login/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

251
Requests

96 %
HTTPS

28 %
IPv6

25
Domains

37
Subdomains

32
IPs

5
Countries

4900 kB
Transfer

17013 kB
Size

40
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citi.com/US/ag/citibank-location-finder
Title: ATM / BRANCH

Search URL Search Domain Scan URL

URL: https://www.citi.com/login
Title: Continuar

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits and Services

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/citigold-private-client
Title: Citigold® Private Client

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/small-business-banking
Title: Small Business Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Personal Banking

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=todays_mortgage_rates&type=buy
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=home_equity_rates
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/personal-loans-and-lines-of-credit
Title: Lending

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/helptopic
Title: Help & FAQs

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/security-center
Title: Security Center

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title: Continue

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title: Continue

Search URL Search Domain Scan URL

URL: http://www.jdpower.com/awards
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citibank
Title: Continue

Search URL Search Domain Scan URL

URL: https://twitter.com/Citibank/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title: Continue

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/termsdisclaimer/termsdisclaimerhome
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://online.citi.com/JRS/portal/template.do?ID=Privacy#notice-at-collection
Title: Notice at Collection

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/dataprivacyhub
Title: CA Privacy Hub

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://activatecit1.com/ HTTP 302
https://activatecit1.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1652199033326 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1652199033326

Request Chain 112

https://cm.everesttech.net/cm/dd?d_uuid=53977321189557714460476298124886788676 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnqOeQAAADmBogN6

Request Chain 159

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=D5D1761122E348E1AB4E7280C5686304&RedC=c.clarity.ms&MXFR=269F7CCFC1B1681F1C526D6FC5B166CC HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=D5D1761122E348E1AB4E7280C5686304&MUID=2F2780C6DDCA6FBF107B9166DCA16E95

251 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
activatecit1.com/login/
Redirect Chain

https://activatecit1.com/
https://activatecit1.com/login/

344 KB
58 KB

214ms
213ms

Document
text/html

111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed / PHP/7.4.29
Resource Hash: db83816d749cf03412287119483151a345f43b8932f90fc00721033399797c4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 16:10:32 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.29

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 16:10:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: login/
pragma: no-cache
server: LiteSpeed
x-powered-by: PHP/7.4.29

GET
H2 200 tc.js Show response
activatecit1.com/KNYGHT/a/ 19 KB
6 KB 32ms
32ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/tc.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5846
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 clarity.js Show response
activatecit1.com/KNYGHT/a/ 53 KB
18 KB 33ms
33ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/clarity.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18113
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 conversion_async.js Show response
activatecit1.com/KNYGHT/a/ 39 KB
14 KB 46ms
32ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/conversion_async.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 9cb0e1f9c2424fa8326d7aa035e1cc92073377c81cae82aa9eb8ce41eec4020e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14484
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 bat.js Show response
activatecit1.com/KNYGHT/a/ 38 KB
11 KB 46ms
33ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/bat.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10922
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 cool-2.js Show response
activatecit1.com/KNYGHT/a/ 14 KB
5 KB 68ms
53ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/cool-2.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4945
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 js_005 Show response
activatecit1.com/KNYGHT/a/ 99 KB
100 KB 72ms
58ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_005
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 335994132acef63f53147f0f6bf5f4421f66dd70bd84ea120182a86f9b9068ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101833

GET
H2 200 js_012 Show response
activatecit1.com/KNYGHT/a/ 99 KB
100 KB 75ms
61ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_012
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 0f201d18b97ad141d91e1d40e3476d46bb7e1535fd7b0e7efdcbc394099b482e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101833

GET
H2 200 js_010 Show response
activatecit1.com/KNYGHT/a/ 100 KB
100 KB 84ms
70ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_010
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ad0944936a4f38ac26d845c6403dae69e06bd17684e139779b86f6aa955ddddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101969

GET
H2 200 js_002 Show response
activatecit1.com/KNYGHT/a/ 99 KB
100 KB 84ms
70ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_002
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: be9647349f9a4d924c173e3ff53b1269cc9766e0f7ead94f3cdea2df6c1def46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101833

GET
H2 200 js_006 Show response
activatecit1.com/KNYGHT/a/ 100 KB
100 KB 84ms
71ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_006
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: bda48a440a32d7c7230c44472cb8980e4ebc19a76af480ba9f0ab113e1f3c12d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101969

GET
H2 200 js_007 Show response
activatecit1.com/KNYGHT/a/ 100 KB
100 KB 85ms
71ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_007
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 91ed661bb99b1cccfde639ec7a69f3de3cca9ce1b20910587fce184a071810d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 102063

GET
H2 200 js_008 Show response
activatecit1.com/KNYGHT/a/ 100 KB
100 KB 85ms
72ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_008
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f083a0e3e32ce7608c583ee3784b05ceae13c373562a7558e7da10612cedf7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101969

GET
H2 200 js_013 Show response
activatecit1.com/KNYGHT/a/ 100 KB
100 KB 85ms
72ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_013
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: dd3794df24715ee01ec08c106f834c3b9d5ec237556f7e28671c88ce4f97cb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101969

GET
H2 200 dpm_pixel_min.js Show response
activatecit1.com/KNYGHT/a/ 103 KB
30 KB 85ms
72ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/dpm_pixel_min.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30786
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 bk-coretag.js Show response
activatecit1.com/KNYGHT/a/ 51 KB
15 KB 86ms
73ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/bk-coretag.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15120
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 js_004 Show response
activatecit1.com/KNYGHT/a/ 100 KB
100 KB 87ms
74ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_004
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 7bd2f4b81489169257063e2ca1aeba5244bcddb0a51f49ad9ad3941bb2ce3d6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 101947

GET
H2 200 js_011 Show response
activatecit1.com/KNYGHT/a/ 89 KB
90 KB 88ms
75ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_011
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 41ce591befcea0c2f640e7c8a898ff346fa7e1cae4a9a5342eba4bd806794278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 91638

GET
H2 200 js_009 Show response
activatecit1.com/KNYGHT/a/ 89 KB
90 KB 89ms
77ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_009
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 0ac219408607765a421cb88f4d875019e7eb3a29a4289d1e596365911cd973a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 91638

GET
H2 200 js_014 Show response
activatecit1.com/KNYGHT/a/ 89 KB
90 KB 89ms
77ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_014
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 6a058157c9ec4b1ea4d694cb65f633fc9e0e8fba3e3804a84c47df555f90fa97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 91638

GET
H2 200 js Show response
activatecit1.com/KNYGHT/a/ 89 KB
90 KB 90ms
77ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 73c3b7e57ba0acbfb16780ed66211620b33f7a87ba6f2086c75e232424935676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 91638

GET
H2 200 js_015 Show response
activatecit1.com/KNYGHT/a/ 89 KB
90 KB 91ms
78ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_015
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f492dbcce03c5a29721bb47554dd31ff680a3990038024cbf0bf8c1907417782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 91616

GET
H2 200 js_003 Show response
activatecit1.com/KNYGHT/a/ 89 KB
90 KB 91ms
79ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/js_003
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 8a47f293055815657fc9550afe26cffa8e4cbb944dcb26ecca201ba52d962d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 91616

GET
H2 200 3fac67bbed26d3e121bb84cefe395515.js Show response
activatecit1.com/KNYGHT/a/ 4 KB
813 B 92ms
80ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/3fac67bbed26d3e121bb84cefe395515.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 780
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 8e31a20960f50a1c34f7ccb1cd9737ec.js Show response
activatecit1.com/KNYGHT/a/ 340 B
238 B 92ms
80ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/8e31a20960f50a1c34f7ccb1cd9737ec.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 206
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
activatecit1.com/KNYGHT/a/ 396 KB
114 KB 92ms
80ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 117008
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 fb5dd1201f281250801b0d9c5b73ac92.js Show response
activatecit1.com/KNYGHT/a/ 35 KB
7 KB 92ms
81ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/fb5dd1201f281250801b0d9c5b73ac92.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 9946d53fd289535b32d7d2fa1bf8c251337dda6ccf582dfe2764bf5101d09081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7409
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 e047f7a400b1380b9dd4b041c45aed8c.js Show response
activatecit1.com/KNYGHT/a/ 133 KB
35 KB 93ms
81ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/e047f7a400b1380b9dd4b041c45aed8c.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ffb651309250e9ce8ca4d6a354d9403cb80ec23ef11eebc6d518163948061c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35379
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 468b3e37a21c4198f4939c8aaca98066.js Show response
activatecit1.com/KNYGHT/a/ 1 KB
604 B 94ms
82ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/468b3e37a21c4198f4939c8aaca98066.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 571
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 51aba9f62787efbaa13e53a8d1ae3892.js Show response
activatecit1.com/KNYGHT/a/ 1 KB
596 B 94ms
83ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/51aba9f62787efbaa13e53a8d1ae3892.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 563
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 15eb60d913408b4cf3ecb1e8f6b61f03.js Show response
activatecit1.com/KNYGHT/a/ 157 KB
31 KB 95ms
83ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/15eb60d913408b4cf3ecb1e8f6b61f03.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: e293d8492e75e7e94e3b286e229847b988f61001f7cfe84e5e4aa2e3f119535e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32052
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 d74f82b561a6aa5d9247eaf72394131a.js Show response
activatecit1.com/KNYGHT/a/ 2 KB
628 B 95ms
84ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/d74f82b561a6aa5d9247eaf72394131a.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 595
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 557566dc60916e3de69e006bef252459.js Show response
activatecit1.com/KNYGHT/a/ 2 KB
690 B 95ms
84ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/557566dc60916e3de69e006bef252459.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 657
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 da6191c2b2959a15b37bb1f025a35ecd.js Show response
activatecit1.com/KNYGHT/a/ 5 KB
1 KB 95ms
85ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/da6191c2b2959a15b37bb1f025a35ecd.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1440
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 d90ce1a791ada193ee0ca4e9ce66632d.js Show response
activatecit1.com/KNYGHT/a/ 5 KB
1 KB 96ms
85ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/d90ce1a791ada193ee0ca4e9ce66632d.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1085
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
activatecit1.com/KNYGHT/a/ 989 B
493 B 96ms
85ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/fdf45a7c15c1cee06bb71e10dac4e26e.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 460
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 serverComponent.php Show response
activatecit1.com/KNYGHT/a/ 2 KB
742 B 63ms
62ms Script
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/serverComponent.php
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed / PHP/7.4.29
Resource Hash: 09eb96104befe4409ccb5871141c088329e8802a819bd1f1f68a1ba1d7043fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.29
content-length: 703
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
activatecit1.com/KNYGHT/a/ 232 KB
120 KB 32ms
31ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2bb8aabf5567f3e57f59857bf9c3efd63ce531d35e0983446cf20fc91880d0c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 122966
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 tagging.js Show response
activatecit1.com/KNYGHT/a/ 44 KB
10 KB 94ms
92ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/tagging.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ceb1270a7b48491bdf0997e41e324c482cdab7047734e1ba1e89ead5ee60d8a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10186
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 banner.js Show response
activatecit1.com/KNYGHT/a/ 15 KB
4 KB 94ms
92ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/banner.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 66e0a4b3019f0e19c99a314095a7e13932cd8afcb82a236475abf3f8723ea69d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4574
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 Bootstrap.js Show response
activatecit1.com/KNYGHT/a/ 229 KB
67 KB 95ms
93ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: e1a39ee890f6fedadd629d5d0a3f913194f34aeaf9aad37e9f09ce625712eb6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 68195
expires: Tue, 17 May 2022 16:10:33 GMT

GET Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET
H2 200 snare.js Show response
activatecit1.com/KNYGHT/a/ 38 KB
10 KB 96ms
86ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/snare.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: c05a6d621d11074021ee182c230296723ea5e617d95f73a7f603a5765983ddad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10552
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 styles.css
activatecit1.com/KNYGHT/a/ 1 MB
137 KB 61ms
59ms Stylesheet
text/css 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/styles.css
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 259ef712180a5ec807f5a4782b6257a7a77280649dbe8dc4afe66e44f0085935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 140547
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 tags_003.js Show response
activatecit1.com/KNYGHT/a/ 87 KB
11 KB 97ms
86ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/tags_003.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 4f4e0e6bb783845d87ca3273021c58a559400e78ec68246328c7541927fe3809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10761
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 1-es2015.js Show response
activatecit1.com/KNYGHT/a/ 750 KB
70 KB 94ms
92ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/1-es2015.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f09e591b45606435dcafa0af8dee93b066cf3c2ec7cae6fff023ac7f117d28ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 71718
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 logo.js Show response
activatecit1.com/KNYGHT/a/ 96 B
126 B 95ms
93ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/logo.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: c521114642185bbe2e4d8e5f9cdab7692919257302c56b0a5391f5a3fb16300a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 96
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 tags.js Show response
activatecit1.com/KNYGHT/a/ 87 KB
11 KB 99ms
89ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/tags.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: e425c7db4b557a0a3d11cc12d380e1a03a9592c21180438b267f51f2edba46f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10767
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 embed.js Show response
activatecit1.com/KNYGHT/a/ 2 KB
611 B 96ms
93ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/embed.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: b5d1c26722742c44e62a4fbb4b67117d2587aa320f61784a27fea9d66d9f62b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 578
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 cedric.js Show response
activatecit1.com/KNYGHT/a/ 602 KB
106 KB 96ms
94ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/cedric.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 108844
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 tags_002.js Show response
activatecit1.com/KNYGHT/a/ 87 KB
10 KB 99ms
89ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/tags_002.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: b73ac937457b12918c1db52a7f0849791d25d92a406902e9df7aa44cecd09d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10636
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 404 16003743.js
activatecit1.com/KNYGHT/a/ 0
0 100ms
90ms Script
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/16003743.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 16001692.js Show response
activatecit1.com/KNYGHT/a/ 775 B
414 B 100ms
90ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/16001692.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 755cf63ccbfa4cc741fa57e964453c5ccaf71af0bea52cd90ca85766972915fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 381
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 a_006 Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 96ms
94ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a_006
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: d23cfd911f68fb1e977822c83e914624905cf8bf281de9adddc292206bb03de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1726

GET
H2 200 a_003 Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 96ms
94ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a_003
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: dce3cc2da10598623878df6cbf95b375e30344d9bbef36e2567a820372cb84a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1726

GET
H2 200 a Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 96ms
94ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: bb2b59f84275dbbe371df99d13f932181aeedc099b1abf08046e229d7c4fc80d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1726

GET
H2 200 a_005 Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 96ms
95ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a_005
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 3263f23dbf8cee69a998ca25840d28d6c3efd1a42fbf97d173d16e57943218b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1726

GET
H2 200 a_007 Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 99ms
97ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a_007
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: fbe3d6908d3e8ed253322936920a4c28b963726ba6af7517c6829093bd20ca66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1746

GET
H2 200 a_002 Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 99ms
98ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a_002
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 1ce6b8de9770878e9addb91ab530e3a4de53118586a2d47891614dba325f4bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1726

GET
H2 200 a_004 Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 99ms
98ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a_004
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 4fc48fd2c06024a93378991ceda718bb5fdf080a61c50990860d9a9f91a5c596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1726

GET
H2 200 a_008 Show response
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 99ms
98ms Script
text/plain 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a_008
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 78940a523e04bc0cbcd0940ffef99e54b0d7a8f90abe31e4fd93436184464c6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 1726

GET
H2 200 citilogoredesign.png
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 101ms
91ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/citilogoredesign.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1799
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 050-location2x.svg
activatecit1.com/KNYGHT/a/ 2 KB
746 B 101ms
91ms Image
image/svg+xml 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/050-location2x.svg
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 701
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 icon_globe_med-grey2x.svg
activatecit1.com/KNYGHT/a/ 3 KB
1 KB 111ms
102ms Image
image/svg+xml 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/icon_globe_med-grey2x.svg
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1371
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 phone.png
activatecit1.com/KNYGHT/a/ 10 KB
10 KB 112ms
102ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/phone.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9873
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 qrsignon.png
activatecit1.com/KNYGHT/a/ 741 B
773 B 112ms
103ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/qrsignon.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 741
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 laptop-and-phone-pairing.png
activatecit1.com/KNYGHT/a/ 3 KB
3 KB 112ms
103ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/laptop-and-phone-pairing.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3044
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 laptop-and-phone-success.png
activatecit1.com/KNYGHT/a/ 2 KB
3 KB 113ms
104ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/laptop-and-phone-success.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2544
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 EqualHousing.png
activatecit1.com/KNYGHT/a/ 2 KB
2 KB 113ms
104ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/EqualHousing.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1606
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 googlePlay3x.png
activatecit1.com/KNYGHT/a/ 24 KB
25 KB 113ms
104ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/googlePlay3x.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25077
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 appStore3x.png
activatecit1.com/KNYGHT/a/ 20 KB
20 KB 113ms
105ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/appStore3x.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20047
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 social-media_facebook3x.png
activatecit1.com/KNYGHT/a/ 445 B
481 B 114ms
106ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/social-media_facebook3x.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 445
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 social-media_twitter3x.png
activatecit1.com/KNYGHT/a/ 1 KB
1 KB 115ms
106ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/social-media_twitter3x.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1277
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 social-media_youtube3x.png
activatecit1.com/KNYGHT/a/ 1 KB
1 KB 115ms
107ms Image
image/png 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/social-media_youtube3x.png
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1175
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 fp.js Show response
activatecit1.com/KNYGHT/a/ 19 KB
4 KB 115ms
107ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/fp.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4537
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 runtime-es2015.js Show response
activatecit1.com/KNYGHT/a/ 2 KB
1 KB 38ms
26ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/runtime-es2015.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 0d10d1c5dec8b1201603dd15a9490c2edb196204050a8c03a10718da71a94162

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1127
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 polyfills-es2015.js Show response
activatecit1.com/KNYGHT/a/ 178 KB
58 KB 43ms
29ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/polyfills-es2015.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 77392e295dc8c9f809057beb5deb988e93ff53a4a1190a59d92c66f459fe2f4c

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 59064
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 scripts.js Show response
activatecit1.com/KNYGHT/a/ 49 KB
13 KB 115ms
107ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/scripts.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12833
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 main-es2015.js Show response
activatecit1.com/KNYGHT/a/ 3 MB
623 KB 45ms
30ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/main-es2015.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 70750d17f43c319aa181fc8f4ada1d473455ec7d179b950f03b42f1d6d39fe54

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 637698
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 jquery-3.js Show response
activatecit1.com/KNYGHT/a/ 87 KB
30 KB 116ms
108ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/jquery-3.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30280
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 xmsdk.js Show response
activatecit1.com/KNYGHT/a/ 1 MB
286 KB 45ms
31ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/xmsdk.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 292505
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 200 generic1645813044147.js Show response
activatecit1.com/KNYGHT/a/ 532 KB
81 KB 118ms
110ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/generic1645813044147.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 05a45e5c705e5fa8b22c243d3461520e64f75236b702335764bed044e763e25e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 83244
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 404 0_004.txt
activatecit1.com/KNYGHT/a/ 1 KB
1 KB 118ms
111ms Image
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/0_004.txt
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 0.txt
activatecit1.com/KNYGHT/a/ 1 KB
1 KB 119ms
111ms Image
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/0.txt
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 0_002.txt
activatecit1.com/KNYGHT/a/ 1 KB
1 KB 119ms
112ms Image
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/0_002.txt
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 0_003.txt
activatecit1.com/KNYGHT/a/ 1 KB
1 KB 119ms
112ms Image
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatecit1.com/KNYGHT/a/0_003.txt
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 qrlogin.js Show response
activatecit1.com/KNYGHT/a/ 6 KB
2 KB 46ms
31ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/qrlogin.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 80ca50c063371e37ab3ed2efb9842c2aac89bd9e2ac64de697950c588d4df7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1938
expires: Tue, 17 May 2022 16:10:33 GMT

GET
H2 404 config.js
activatecit1.com/KNYGHT/a/ 0
0 120ms
112ms Script
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/config.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/citi/na_stage/ 231 KB
70 KB 54ms
24ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3efca157844c00e54b4bafa060f117ab667ea88b7a771de28777fa556989dd73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:07:24 GMT
server: nginx
etag: W/"6279828c-39c4c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1652199033326
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1652199033326

363 B
1 KB

36ms
36ms

XHR
application/json

52.213.35.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1652199033326

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

HTTP/1.1

Server

52.213.35.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-35-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d0fecaa01983895dc1e41c780de6f1b8917b475281515037449a694000ad3473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-0f70629dd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: erI0eEgxS4A=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://activatecit1.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 306
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v031-03cb74759.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://activatecit1.com
X-TID: VhOHCzkLRKk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1652199033326
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK snare.js Show response
ci-mpsnare.iovation.com/ 38 KB
13 KB 647ms
157ms Script
text/javascript 52.43.32.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ci-mpsnare.iovation.com/snare.js?_=4725906336979189

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.32.23 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-32-23.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1d34e33bbf1cb9c88c67c2d554c6e7ac3d30ad19f2ae8a136b2619246a3803be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:33 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
108 B 53ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1646901429593&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1523529431&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
548 B 49ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1646901429633&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2412428559&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
108 B 50ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1646901429638&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1745509707&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
108 B 51ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1646901429644&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2577897329&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
108 B 50ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1646901429655&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3738528404&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
108 B 52ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1646901429674&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2075934078&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
108 B 29ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1646901429684&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3442052249&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
108 B 25ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1646901429691&cv=9&fst=1646899200000&num=1&bg=ffffff&guid=ON&u_h=926&u_w=428&u_ah=926&u_aw=428&u_cd=24&u_his=4&u_tz=330&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&ref=https%3A%2F%2Fwww.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2118452681&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 Interstate-Light.woff
activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 91ms
90ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
BLOB 200
OK 4a7d2fe8-3202-4532-abd1-6ab54ad71fe1
https://activatecit1.com/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://activatecit1.com/4a7d2fe8-3202-4532-abd1-6ab54ad71fe1
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 165178

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 1 KB
739 B 24ms
20ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Mon%20Mar%2007%2018:42:29%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Factivatecit1.com%2Flogin%2F
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fa640310f1a697ebd8243e2ea0339afeb86c5debb2a4c04c4230877a190ce8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Tue, 10 May 2022 16:10:32 GMT

GET
H2 200 LSO_4959.jpg
online.citi.com/nga-lite-signon/ 171 KB
172 KB 149ms
34ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/nga-lite-signon/LSO_4959.jpg

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Mon, 11 Jan 2021 11:55:43 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 174933
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 404 Interstate-Bold.woff
activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 231ms
221ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 Interstate-Bold.woff
activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/ 0
0 143ms
142ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 425466.htm Show response
activatecit1.com/KNYGHT/a/ Frame 1AFF 321 B
185 B 130ms
129ms Document
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/425466.htm
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 5f67d8631df0c3364dbd9730cde570d51cfddc04dc4234db3a48db8bc18e862f

Request headers

Referer: https://activatecit1.com/login/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 154
content-type: text/html
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 a.htm Show response
activatecit1.com/KNYGHT/a/ Frame C0A4 108 B
136 B 130ms
130ms Document
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a.htm
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1

Request headers

Referer: https://activatecit1.com/login/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 108
content-type: text/html
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed

GET
H2 200 a.htm Show response
activatecit1.com/KNYGHT/a/ Frame 88CE 108 B
133 B 129ms
129ms Document
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a.htm
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1

Request headers

Referer: https://activatecit1.com/login/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 108
content-type: text/html
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed

GET
H2 404 Interstate-Light.ttf
activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 98ms
98ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H/1.1 200
OK dest5.html Show response
citi.demdex.net/ Frame 4AE0 7 KB
3 KB 144ms
29ms Document
text/html 52.31.67.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.demdex.net/dest5.html?d_nsid=0

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.67.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-67-18.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v031-0b0a61837.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vctCYrO0TFk=
content-encoding: gzip
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Wed, 27 Apr 2022 09:30:13 GMT
vary: accept-encoding

GET
H2 200 id Show response
metrics1.citi.com/ 89 B
674 B 115ms
18ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&mid=48489726971725413331098804261134136295&ts=1652199033674

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a3c8d9afc66c4d1e2a15cf31dc91ee5c535e0e8d735cab8280c436a964cb290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4b698fcd-bpfh9
vary: Origin
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://activatecit1.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 89
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YnqOeQAAADmBogN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=53977321189557714460476298124886788676
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnqOeQAAADmBogN6

42 B
945 B

32ms
31ms

Image
image/gif

52.213.35.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnqOeQAAADmBogN6

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/login/

Protocol

HTTP/1.1

Server

52.213.35.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-35-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-0dfae4012.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JqI9PtVITr4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnqOeQAAADmBogN6
Date: Tue, 10 May 2022 16:10:33 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
nexus.ensighten.com/citi/na_prod/code/ 989 B
1 KB 21ms
13ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Tue, 14 May 2019 17:01:42 GMT
server: nginx
etag: "5cdaf476-3dd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 989

GET
H2 200 da6191c2b2959a15b37bb1f025a35ecd.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 18ms
14ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:19:28 GMT
server: nginx
etag: W/"621e63b0-12ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 557566dc60916e3de69e006bef252459.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
961 B 20ms
16ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:59:12 GMT
server: nginx
etag: W/"5d656160-887"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 c8915c0456ac59db91587a2676ff6b5a.js Show response
nexus.ensighten.com/citi/na_prod/code/ 157 KB
34 KB 18ms
14ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/c8915c0456ac59db91587a2676ff6b5a.js?conditionId0=421908
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6eb3e0f2c60ca313bb61c9827b440ef9ab65bea139e0cbec6719d087b8ed63e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 21:10:36 GMT
server: nginx
etag: W/"6269b14c-275e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 51aba9f62787efbaa13e53a8d1ae3892.js Show response
nexus.ensighten.com/citi/na_prod/code/ 1 KB
847 B 16ms
12ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 17:19:01 GMT
server: nginx
etag: W/"612e6485-52a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 be7ae5b086e78ddff6fd8cac30864b8e.js Show response
nexus.ensighten.com/citi/na_prod/code/ 138 KB
38 KB 19ms
16ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/be7ae5b086e78ddff6fd8cac30864b8e.js?conditionId0=486757
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e5b7b282621489a17d2310df61f0066d69de6a8b543f56a44cab231b1f222f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 20:18:16 GMT
server: nginx
etag: W/"62718e08-2274a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 5fd7947ab55632ac507d81e300d4330a.js Show response
nexus.ensighten.com/citi/na_prod/code/ 38 KB
9 KB 16ms
13ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/5fd7947ab55632ac507d81e300d4330a.js?conditionId0=467299
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 607f80b8d2a3179ded6b0695e73d11a4e169493d807a41a58de16721d7605639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 20:18:16 GMT
server: nginx
etag: W/"62718e08-9790"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 a.htm Show response
activatecit1.com/KNYGHT/a/ Frame D585 108 B
133 B 31ms
31ms Document
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a.htm
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1

Request headers

Referer: https://activatecit1.com/login/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 108
content-type: text/html
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed

GET
H2 200 pixel.htm Show response
activatecit1.com/KNYGHT/a/ Frame 805B 108 B
133 B 31ms
31ms Document
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/pixel.htm
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1

Request headers

Referer: https://activatecit1.com/login/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 108
content-type: text/html
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed

GET
H2 200 a.htm Show response
activatecit1.com/KNYGHT/a/ Frame 5A97 108 B
133 B 31ms
31ms Document
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/a.htm
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1

Request headers

Referer: https://activatecit1.com/login/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 108
content-type: text/html
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed

GET
H2 200 63068.htm Show response
activatecit1.com/KNYGHT/a/ Frame 04BC 151 B
179 B 31ms
31ms Document
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/63068.htm
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 63df17793920dab4d4626b0f84fd3f47afb053335e84231668da9210b366b3a7

Request headers

Referer: https://activatecit1.com/login/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 151
content-type: text/html
date: Tue, 10 May 2022 16:10:33 GMT
last-modified: Thu, 10 Mar 2022 12:07:58 GMT
server: LiteSpeed

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
328 B 282ms
94ms XHR
text/plain 18.215.10.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/dpm_pixel_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.10.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-10-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://activatecit1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://activatecit1.com
date: Tue, 10 May 2022 16:10:34 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 294ms
94ms Preflight 18.215.10.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.10.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-10-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://activatecit1.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://activatecit1.com
access-control-max-age: 5
content-length: 0
date: Tue, 10 May 2022 16:10:33 GMT
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 46ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f92fa4c8d834bf3dc1b4dfda2fbad2c293bc9fb934648e56a3c81623f5fda5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38265
x-xss-protection: 0
last-modified: Tue, 10 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 16:10:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 53ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61adc85a0e6602a3020697991b4026e180f6729bb2a2f51b302d8751736b5f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38265
x-xss-protection: 0
last-modified: Tue, 10 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 16:10:33 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/script/ 96 B
610 B 141ms
33ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/snare.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2f0ecdb0457415e52fbdeea735ef9417bace3c7d544728ee013eca0f3a6acb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Wed, 10 May 2023 16:10:33 GMT

GET
H2 404 Interstate-Bold.ttf
activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 31ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/login/
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 Interstate-Bold.ttf
activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/ 0
0 32ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 Interstate-Light.woff
activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/ 0
0 32ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 363 B
1 KB 31ms
31ms XHR
application/json 52.213.35.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=48489726971725413331098804261134136295&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%01313D473C82A330CF-400011879ECEC41D&ts=1652199034090

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/polyfills-es2015.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.35.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-35-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1c748c561cb6547b8829d3576a6c6bae2e726fc922df214bd4c27c32c7a46b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://activatecit1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v031-0267e2bef.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: CCxulcQFT3g=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://activatecit1.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 247ms
16ms Script
application/javascript 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/generic1645813044147.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 199997
via: 1.1 varnish
x-cache: HIT
content-length: 5197
x-amz-id-2: mOnTP01OPyv8ok6M8l5vTCmE93jsWk2Jjx4WAuf3w588ifcXEqMeI0JB3ezY3XXUkzBirmcAOhY=
x-served-by: cache-cdg20782-CDG
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1652199034.440107,VS0,VE0
date: Tue, 10 May 2022 16:10:34 GMT
vary: Accept-Encoding
x-amz-request-id: CTR2VZG56WAKVB3X
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2554

GET
H2 404 Interstate-Light.ttf
activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/ 0
0 32ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 Interstate-Bold.woff
activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/ 0
0 31ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 crossdomain.html Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 3622 221 B
537 B 86ms
10ms Document
text/html 2600:9000:2315:c00:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c00:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32577
content-length: 221
content-type: text/html
date: Tue, 10 May 2022 07:07:38 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-id: Qs8xA10W9i0p70mwsH-i4gF97vuIBIGE3sRReKEqYYhbEjhwhrsZLg==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 8BD9 221 B
537 B 48ms
7ms Document
text/html 2600:9000:21f3:d000:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d000:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72640
content-length: 221
content-type: text/html
date: Mon, 09 May 2022 19:59:55 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-id: qQLcBuHS3oeFDjvhy3FtwEtHXv1XzGxZeJFe1IINarbP--MnvYzHgA==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame DE38 221 B
536 B 76ms
9ms Document
text/html 2600:9000:2315:9600:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9600:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9971
content-length: 221
content-type: text/html
date: Tue, 10 May 2022 13:24:24 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id: _znP22aJb--m_iJFPyXzjXnlxggb4pzIzHRy1_YZh02u7EzRA1k2BA==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront

GET
H/1.1 200
OK cr.png Show response
contents3.00110.citi.com/api/v1/ 4 B
345 B 465ms
128ms XHR
application/json 52.141.218.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1652199034086-sjn0000266-8739e7b9-9917-490d-9770-7a6b39a85ded&muid=1652199033399-C7FAFC93-34BE-4DFD-8944-289AC93C492E
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.141.218.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 10 May 2022 16:10:34 GMT
Server: nginx
tail-id: a4d787f7-e70f-40bf-b690-d6c7634e6549
Content-Type: application/json
access-control-allow-origin: https://activatecit1.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 4

GET
H2 404 Interstate-Light.woff
activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/ 0
0 31ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H/1.1 200
OK logo.js Show response
ci-mpsnare.iovation.com/script/ 96 B
610 B 160ms
160ms Script
text/javascript 52.43.32.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ci-mpsnare.iovation.com/script/logo.js

Requested by

Host: ci-mpsnare.iovation.com
URL: https://ci-mpsnare.iovation.com/snare.js?_=4725906336979189

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.32.23 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-32-23.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

931c5d43fcaa23d18fbd8bc090f81cf748c3598cf9ae6dea51a38b834e5d5062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Wed, 10 May 2023 16:10:34 GMT

GET
H2 404 Interstate-Bold.ttf
activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/ 0
0 31ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 Interstate-Light.ttf
activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/ 0
0 32ms
31ms Font
text/html 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://activatecit1.com/KNYGHT/a/styles.css
Origin: https://activatecit1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 8BD9 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:d000:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.b406929acabac9b095f124c81bdfcf57f.com
URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d000:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 18:40:05 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 77430
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: GoeSVlKmx10za9pQcvH6IMq_secbje0I4d23A_B4p3YmumWV2vSpSQ==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame DE38 3 KB
3 KB 9ms
9ms Script
application/javascript 2600:9000:2315:9600:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.c81358859121583b7adf2ace89cb39f44.com
URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9600:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 11:51:52 GMT
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 15523
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: sWYPOST1MIv_pJ31iLZUHRAQ_pYW-0WjVItvr9A_HsfA1BsXK8lFhA==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 3622 3 KB
3 KB 10ms
10ms Script
application/javascript 2600:9000:2315:c00:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c00:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 17:49:03 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 80492
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: yMTqIjhlADtH3cqurnA97hhmjCGLrk1OnApuAtnm7nCZfJSsVYRbNA==

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
317 B 128ms
96ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNDEgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiTGludXggeDg2XzY0IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NTIxOTkwMzU0ODUiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4MGFlYmM5MjViYWJhLTBkNzNlODQwMmYwYmZiLTEyMzMzMjcyLTFkNGMwMC0xODBhZWJjOTI1Y2E2OSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL2FjdGl2YXRlY2l0MS5jb20vbG9naW4vIiwid2Vic2l0ZUlkIjogNTAsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjg4NDItMTdmYy0wYjgyLWRlYmYtNjkyNy1iOTk4LWNkZjYtZGQ1MyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjUyMTk5MDM0MjA1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDkzNywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY1MjE5OTAzNDIwOCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-blue-h1jv
date: Tue, 10 May 2022 16:10:35 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 73ms
8ms Script
application/javascript 2600:9000:21f3:a00:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&comscore=true
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
age: 37737
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
date: Tue, 10 May 2022 05:41:39 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jW2fcZc2iiTxkHgfCon4Jk9ifi3utTyY4pN4HP-RTngKUmykex6gVg==

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame FCCC 0
98 B 180ms
115ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/fb5dd1201f281250801b0d9c5b73ac92.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 10 May 2022 16:10:35 GMT
via: 1.1 google

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddd37540b553c465d08c436f1c67f1ac1786bead441512a1bff1c2edc5f47bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42230
x-xss-protection: 0
last-modified: Tue, 10 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 16:10:35 GMT

GET
H2 403 1560.js
cdn.pbbl.co/r/ 0
0 67ms
7ms Script
text/html 13.224.198.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/1560.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/51aba9f62787efbaa13e53a8d1ae3892.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-56.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 2 KB
1 KB 72ms
6ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/fdf45a7c15c1cee06bb71e10dac4e26e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e4b9796ee8cd7b3051b4e4c31e36e6ba548247a0220e424d47be62e429b768b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: lDrDqsA4Ni6RD9EpJCp94SDLnyCoV8xt
content-encoding: gzip
etag: "a3277e3fcfbc4360667c8d2b5235a890"
age: 53072
via: 1.1 varnish
x-cache: HIT
content-length: 675
x-amz-id-2: +z++KfBHul+OlOeX8ewzdb92QmMdmHyK5CjpTmlyapAA+gd8v9boQv2yBjPxZKG3nreQ3wMlCHY=
x-served-by: cache-hhn4059-HHN
last-modified: Mon, 09 May 2022 06:59:54 GMT
server: AmazonS3
x-timer: S1652199036.694761,VS0,VE0
date: Tue, 10 May 2022 16:10:35 GMT
vary: Accept-Encoding
x-amz-request-id: 1NF65GQN7TWA1MAT
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 36

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 54ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23469211222B45DC80574B5CD5C8764E Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 10 May 2022 16:10:35 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK /
d.agkn.com/pixel/9340/ 43 B
595 B 42ms
9ms Image
image/gif 18.198.193.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9340/?che=1242549736.907581&abid=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.193.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-193-48.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 generic1645813044147.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 532 KB
88 KB 189ms
150ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1645813044147.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05a45e5c705e5fa8b22c243d3461520e64f75236b702335764bed044e763e25e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: n9np7L1i8NPYVmXlDkA6OOYu.Ggu5g4q
content-encoding: gzip
etag: "b6b583d1c21fe708664599f47fe6d042"
age: 119489
via: 1.1 varnish
x-cache: HIT
content-length: 89444
x-amz-id-2: Kn47li4k6By04Y2bHnsHxWUNvt4I2M8I2MeWZYBgPZpD6rEMJwEzSw59Wkq7rmVcAEjU+7L+cSE=
x-served-by: cache-hhn4059-HHN
last-modified: Fri, 25 Feb 2022 18:17:26 GMT
server: AmazonS3
x-timer: S1652199036.694886,VS0,VE143
date: Tue, 10 May 2022 16:10:35 GMT
vary: Accept-Encoding
x-amz-request-id: 056J809S380304SD
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK check.js;CIS3SID=B8C3A2CD2B3E3CBE0A66CF4044F4101B Show response
content22.online.citi.com/fp/ Frame 46FF 448 KB
78 KB 123ms
24ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=B8C3A2CD2B3E3CBE0A66CF4044F4101B?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jb=3530262468716f753f4c616c757a2e62716d3f4c696e777a246a7362773f436a726d6f6526687b6a3d4368706f6f67253030313233

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/tags_003.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

198732d8e812546daf7364126ee4d74aa53ce3e2048d5412a97ae297e1f6093d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: 9d88b12300a3e458
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 46FF 81 B
475 B 113ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 46FF 81 B
475 B 111ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=D5D1761122E348E1AB4E7280C5686304&RedC=c.clarity.ms&MXFR=269F7CCFC1B1681F1C526D6FC5B166CC
https://c.clarity.ms/c.gif?CtsSyncId=D5D1761122E348E1AB4E7280C5686304&MUID=2F2780C6DDCA6FBF107B9166DCA16E95

42 B
369 B

35ms
34ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=D5D1761122E348E1AB4E7280C5686304&MUID=2F2780C6DDCA6FBF107B9166DCA16E95
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:35 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 681AA1F621F24938BF7B428E5C9B8969 Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=D5D1761122E348E1AB4E7280C5686304&MUID=2F2780C6DDCA6FBF107B9166DCA16E95
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK check.js;CIS3SID=01B599D9096E3BC6050A0075406A6F7A Show response
content22.online.citi.com/fp/ Frame D792 448 KB
78 KB 101ms
23ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=01B599D9096E3BC6050A0075406A6F7A?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jb=3538262e68716f773f44696c75782468716d3d4c616c777a24687360773f416a706f6f67266871603d4b68706f6d67273230393033

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/tags.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

de7e301f755dfbc85162b5d0126298489c2ea1454d60910914f207aaf4d8d102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: b19de19be346047e
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame D792 81 B
475 B 81ms
14ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame D792 81 B
475 B 80ms
14ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=77C6FC77D1EB1BF813C36210FCE0D804 Show response
content22.online.citi.com/fp/ Frame A1D4 448 KB
78 KB 24ms
24ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=77C6FC77D1EB1BF813C36210FCE0D804?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jb=3730242668716d753f4e616e77782e68716d3f4c6b6c75782e687360753d4360706f6d65266873623f4368706d6f6d273230313031

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/tags_002.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8fb1309f1c5771dcc2ec513ba88802e7229ceb76cef596f7d7fc6d1934f928f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: b845e0f899776179
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame A1D4 81 B
474 B 14ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame A1D4 81 B
474 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cls_report Show response
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 39 KB
5 KB 799ms
124ms XHR
application/json 192.193.200.243
SOLANA-CITIPLEX

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?_cls_s=1e466d47-00bb-4a23-8425-6225a317e878%3A0&_cls_v=9ad44779-590f-4b7f-b7b8-504867d505d7&pv=2&f_cls_s=true

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/polyfills-es2015.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.200.243 , United States, ASN32287 (SOLANA-CITIPLEX, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

c6b18696b4c5b4263811c4e959e0ae84b508ce7229c270257bbb849f3492afd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: SWDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: https://activatecit1.com
access-control-allow-credentials: true
Connection: close
content-length: 4472

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
activatecit1.com/KNYGHT/a/ Frame 46FF 396 KB
114 KB 332ms
31ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/96e0eb995483e83e7b3f71968eedeed1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:35 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 117008
expires: Tue, 17 May 2022 16:10:35 GMT

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
activatecit1.com/KNYGHT/a/ Frame D792 396 KB
114 KB 396ms
95ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/96e0eb995483e83e7b3f71968eedeed1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:35 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 117008
expires: Tue, 17 May 2022 16:10:36 GMT

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
activatecit1.com/KNYGHT/a/ Frame A1D4 396 KB
114 KB 426ms
125ms Script
application/javascript 111.90.156.40
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL: https://activatecit1.com/KNYGHT/a/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/96e0eb995483e83e7b3f71968eedeed1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.156.40 Seremban, Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:35 GMT
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:07:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 117008
expires: Tue, 17 May 2022 16:10:36 GMT

GET
H2 204 16003743.js Show response
bat.bing.com/p/action/ 0
118 B 183ms
182ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16003743.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0CA164ECADFC4AEBB215F201D496C2C0 Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
date: Tue, 10 May 2022 16:10:35 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
119 B 82ms
81ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=e1fb8372-012c-4c8c-b6df-297a72d4b942&sid=b9b997e0d07b11eca1962f5ed8339c8e&vid=b9b9b030d07b11ec8542eb50741ed728&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Factivatecit1.com%2Flogin%2F&r=&lt=3050&evt=pageLoad&msclkid=N&sv=1&rn=663541

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C65F28F302594673AE0EC354C50F6112 Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
date: Tue, 10 May 2022 16:10:35 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F11BBC1FB10848CFA35C8A72304F2556 Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
date: Tue, 10 May 2022 16:10:35 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 16001692.js Show response
bat.bing.com/p/action/ 1 KB
1 KB 311ms
311ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16001692.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

35dc4f3ffc20d8d29ab5f7cbbf2792bb37867a23eb7e07335fff668a7d97fae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A83E980A9EE14CFF80AEC60C86D5038F Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
date: Tue, 10 May 2022 16:10:35 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 914

GET
H2 204 0
bat.bing.com/action/ 0
120 B 71ms
70ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=68d57478-8d6f-4fd3-b329-db76d3096105&sid=b9b997e0d07b11eca1962f5ed8339c8e&vid=b9b9b030d07b11ec8542eb50741ed728&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Factivatecit1.com%2Flogin%2F&r=&lt=3050&evt=pageLoad&msclkid=N&sv=1&rn=635885

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 677A929C9DC749C0979F277AE5C11B7E Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
date: Tue, 10 May 2022 16:10:35 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 71ms
70ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 05C0DA71780E496793F7E3F394AE56D6 Ref B: FRAEDGE1515 Ref C: 2022-05-10T16:10:35Z
date: Tue, 10 May 2022 16:10:35 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 94ms
94ms Preflight 18.215.10.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.10.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-10-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://activatecit1.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://activatecit1.com
access-control-max-age: 5
content-length: 0
date: Tue, 10 May 2022 16:10:35 GMT
server: nginx

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
327 B 94ms
94ms XHR
text/plain 18.215.10.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.10.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-10-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://activatecit1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://activatecit1.com
date: Tue, 10 May 2022 16:10:35 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 66ms
43ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: activatecit1.com
URL: https://activatecit1.com/KNYGHT/a/js_013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 May 2022 16:10:35 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame D792 81 B
532 B 40ms
14ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=01B599D9096E3BC6050A0075406A6F7A?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jb=3538262e68716f773f44696c75782468716d3d4c616c777a24687360773f416a706f6f67266871603d4b68706f6d67273230393033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/b19de19be346047ed8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89
Referer: https://activatecit1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:35 GMT
Last-Modified: Tue, 10 May 2022 16:10:35 GMT
Server: Apache
Etag: 351d5a40e5a9450383fa852953c7eff7
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://activatecit1.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 09 May 2027 16:10:35 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971 Show response
content22.online.citi.com/fp/ Frame 2857 89 KB
13 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

5581a16a0d578e05e0fcf204b0478c4f2363c665db7475cb3a63465b0c1d12f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:35 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D792 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971 Show response
h.online-metrix.net/fp/ Frame C325 102 KB
15 KB 53ms
17ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

c15c2ced1549ae0624ef07893d4c1a0ea4877ed406de5697fe9e23a076d1bb9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:35 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D792 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jd=3530262e68646e3f3130266866683f3666343363383a3231616737343b313b6064626161663b3a60653d3133373334246a667c6e3f32383136303a313a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame D792 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971 Show response
content22.online.citi.com/fp/ Frame FD04 89 KB
13 KB 18ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0968db0461abc4ff0e881c73df5a1917c9e5e95540698e562134f3786513f85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame D792 0
218 B 15ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&ja=3130383b2424633f322e7a3f3026643f3334303070333032322461643f333432327833303032247178713d3278302466707235312e333430322e31303230243936383024333030322e393632302c333032322c313e32322e333030322e322e32246d763f613a3a30616a63666337356664666c663b6763383633313635303e6a39693769246f6e3f362e7361643d3036246e683d60767672712733432730442730466361746b7463746d636b74312c616f6d2d32446e6d676b6c253044266c7a3d2e70643f3126726a35373a66323a63633462636e60673333316235313a35636730663162666030643c266a683d363039633b36646431643360663137383a69346d366e3a323534373c663764302468716d3d4c616c777a246873603f416a706d6d672732323332312e6a716f753f4e696e7d7824687162773f436a706f656d2666686b3f36266c66653d3a267478663f4774632d3044576c696e6d756c246f63746a703d363232336c31613262676130326d3661613736323238306364393d353c3039646634373a30313631643467636332346c613b36636462663530313331313b346124723f70647565696e5d646c617b685c64636c716721726e756f616e5777616c666f7571576d676469635d726e61796d705c64636e736723726e7765696c5d61666d6065576161726f6063745e6e616e716721726e75656b6e577975616363766b6d675c6e616e736523726e776769665d716a6d616b756374675c64616e716523726e756f696c5f7267636c7064617b67705e64636c7167217864756f69665d746c615d786c637965705c64636c736d23726e7765696c5d666774636c74705e64636e736d21726c75656b6e5f7b76655d7469677565705c666964736d21786e77676b6c576a6376615c64636e73652e656e5d613f776760656e556762454e253032332e38253030284d72656e4f4c2730324551273232302e382d32384360706d6d6b776529556562454e2730304744514e2730324551273032332c302730302a4d726566474e2532324753253a30454e514c2730304751253a383126302d3032436a70676d6b756d2b5567604b697c556760496b74273032556760474e434e454e475f616e7174616c616564576170706379712733402732384d585c5f6a6e676e665d65696c6d617a273140253238475a565d616f6e6d705d6077666467725d6a636c6e5f646c6f637625334a2530324758565d666e6d617c576264656666273340273a304758545d647063675f6c6772766a273340273032475a545d71686366677257746778747770655f646f66273142273030475a54577c6570747d70675f616d6570706573716b6d6c5f62787661273140253032475a565d74677a747770675f6b6f6f707267717369676e5d706574612733402732384d585c5f7c677a7477706d5f64696c7667705d616e61716d76706d706b61273140273232554540494b5457455a545f766778747d72675d64696e7665705d6166617367747a6d726961273b42273230475a565d73524f402731402732324d47515d676c676f656c765d69666467785f776b6e742d33402730304d47535d64626757726d6e6c67705f6f6b786d63702531402730304f4d515d7176636e666370665d6665706b7663766b766d732733422730304f4d535d766778767772675d666467617c253b402732324d4d535d74657a767770655f6e6e6d63765d6c6b6c6763702733402732324d475357746778747770655f60616e645d666e6d617627334a2d32384f4d515d74677a7c7570655f6a636e645f66646d63765d6e696c6763702731422730304d47515f7e657074657a5d61727a617b5d6d626867637627334a2d3238574d40454c5d61676c6d725f60776464657257646e6d6376253140273032554540454c5d616d6d787267737367665f746d78767770655d63737661253b4a253a305f4740474e5d6b6f6f707267717167645f7c677a767770655d67766127314227303055474047445f616f6d727065737b65665d76657a767570675f6d7c6339253b40273232554d42454c5f616d6f7272657b7167665d76657a767770675d73317663273140253a30554542494b545f5f4540454e5f616d6d7270657b7b656c5f7c677a7477706d5f71337461273140253238554740454e5f616d6f727067737167645d7667787c7570655f713174635773706560253140253032574d4a47445f6c676075655d7a656c64657067705d696e6e6d273140273232554740454e5f666770766a5d746d78767572672733422d3232554742494b545d55454a4f4c57646d7276685d766d7876757267273140253238554740454e5f667063755d6075646465707127334a253030574740474c576c6d71675f616d6e7667787c2d334a253a325545404941545d574540454e5d6c6f7b675d616d6c74677a76273140253032574740454c576d776c746b5d64726977333424676e5d683f313938383638653d67373531316e376461666037326334616d32373336646634303a6336313163612675656e7635496c74656e273230416e612c2477656e723f4b6e7c6d6c2d32384b706971273a304d70656c454e2732304d6c656b6c67266161663f36&jb=313d342e6e733d4f6d72696e6c61273044372e302d30322a556b6e666d75712730304c562530323330263027334227303057616e34362733402732327a363c21253a304972726c67556d6249697427304437333726313427303228494a564f4e2732412732326e6b6b6d2530304767616b6f212530324168706d6d6727324e3930392e382c363937332634332532325163646172612730443731372c3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kpvishrqv7q6hkiwxhnv7b2gwaipjfon4b19de19be346047eam1.e.aa.online-metrix.net/fp/ Frame D792 81 B
438 B 63ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kpvishrqv7q6hkiwxhnv7b2gwaipjfon4b19de19be346047eam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ 2 KB
1 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1652199036117&cv=9&fst=1652199036117&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bb83f158863aaf5ee0e33ac704708d3cd9842fb4ac905996c05c9e089846846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ 2 KB
2 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1652199036138&cv=9&fst=1652199036138&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05b2915e55e298788d787bc80e3a1fc3b150e02bfb25cb6952b0b7842976ee37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1652199036159&cv=9&fst=1652199036159&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a01ae419df5553459d153653afdea42428f662d0dd69d42c0fdf9453f2ebd61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1652199036162&cv=9&fst=1652199036162&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

525a923253fb0a158956eaa9418f732b6722a656cf05cfc427cc0b33bdfa0408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1652199036164&cv=9&fst=1652199036164&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25f533381095fcfe10a4a320987555b2bd6781949f7e37db1659b220153ff90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1652199036168&cv=9&fst=1652199036168&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

935719f984362a20a9c13b443c3de72fe68b6f78b3c56ec1673bf7c2dc9e9c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 2 KB
1 KB 74ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1652199036170&cv=9&fst=1652199036170&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a094318a0fa7c1cce1854903ee639585bd781a90bfafe13a107653a6a6efcde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ 2 KB
1 KB 70ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1652199036173&cv=9&fst=1652199036173&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f3ef154b49e05307b8c9d6b2d3e6e8606f19eb557303d0e573b297bce23fb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 46FF 81 B
531 B 13ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=B8C3A2CD2B3E3CBE0A66CF4044F4101B?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jb=3530262468716f753f4c616c757a2e62716d3f4c696e777a246a7362773f436a726d6f6526687b6a3d4368706f6f67253030313233

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/9d88b12300a3e4585ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346
Referer: https://activatecit1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:36 GMT
Last-Modified: Tue, 10 May 2022 16:10:36 GMT
Server: Apache
Etag: 582d82b39e214b7b999278b7a96f9027
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://activatecit1.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Sun, 09 May 2027 16:10:36 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F Show response
content22.online.citi.com/fp/ Frame C362 89 KB
13 KB 17ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b97f32c9dffeb85ea0eda24e1d29d4af61737c70fb12743fbf3ae79e1ba30f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 46FF 0
387 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F Show response
h.online-metrix.net/fp/ Frame 5266 102 KB
15 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

c19e68f5a3f57c64184fc94c9fb47d11050e8fc020cb5a051867f7e5b264c3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 46FF 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jd=3536262468646e3d31382e68666a353c6634316330383231616537363b31396066606163663b306a65353133373134266866746c3f323a38383138

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 46FF 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F Show response
content22.online.citi.com/fp/ Frame 3EC7 89 KB
14 KB 17ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

5abce2839e222efcc15559cdf930d502cfd916f2aee47ada79b209080c37835d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 46FF 0
218 B 16ms
16ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&ja=313838312424633d3226723f30246e353334323078313032322661663f333632307a333230322e7b78793d327832246472723d332e333630322e313032322c333630302e333030302e313e32302e393a32322e313630322e333230302e322c32266f763d613a303a6162636663353564666664643b676138363331363532366039613763246f6e3d36267b61643f3a3c246e6a3d68747672712533412730462732446363746b7e697465636b74332c636d6d2530446e6f676b6c2530442464703d26706e3f3126706a3d3f3a66303069633460636662673333336237313a37636532663362666a3a6434266a683f333461323667323a346661666535373137636238353a603236353435316632342e62716d3f4c696e777a246a73623f4168706f6f67253232393831266a716f773f4c6b6e757a24687362773f436a706d6d67266e68613f36266e666d353a2676726c3f477663253244576c6b6e6f756c266f61766a723d36383833643161326067633232653461613536323238306366313735343033646634353a38393631663e6d6363303464633b36636662643530333333333b3661247835706c7565696c5d666e61736a5c64616c716721726e77676b6e5f776b6c666f77715f6567646b6957726e637965725c64636c736523726c77676b6c5f6166676a655f6161726d6061765e66636e716521726e75656b6c5f7375696369766b6d655c66696e736729786e7765696e5f716a6d636b776374655c66636e73652378647567696c5f7067616e706c637b67725e64636c716723706e7567696c5d746c635d70646379677a5664636e736521726e7767696e5d666574616e74725e646964736521726c7765696c5f7374655d7669677565705c64616e736521726e7767696c5f62637663566e636e716526676e5d613d776560656c556560454c253038392e302530302a4d70676e474e2730304551273232302c30273230436a706d6d69776d215565604f44273032474c534e2730304553273030332e322732302a4778656e474e2530324551253232454e534c2730304751273232312e302730324368706f656b756f215f6760496974576760496974253032576762454e414e45444d5f696e7174636c6367645f6370706179712733402730304758545f606e676e645d6d616c6d63702d3140273230455a565d636f6c6d705f6075646465725d60696c665f646c6d63742733422730324558565d666e6d63745d626c656c66273342273238475856576e7063655f646572766a2533422730304758565d7368636c6d725f746778767772675f6c6d66273342273030475a565f766578747770675f636d6d787065717b616d6c5d627074612731422532324758565f76677874777a6d5f636f6f7070677371696f6c5d706774612733402730304758545f76677a747570655764696e7c6d705d636e69736d76706f7069612733402530325745404341545f455a545d76657a747570675d66696e7665705d636e6b736f74706d72696327334a2732324d50565d715247422731402532304d47535d656e676d656c7c57696e6467785d77696c742531402732304d47535d64606f5d72656e6667705f6d6b70656370273b4a2730324f45535d7176616e646370645d6467706976637c617665732733402732324f45515d766578767772675d646c6d61742531402732304d455b5d7467707c7770675f666c6d63765f6c696c676170253140253232474d535f746778767772675f68636e645f666e6d61762731422732304f47515d74657a747d70655d60696e645d666c6f63765d6c696e6763722733402732304d4d5b5f76657074677a5f637272637b5d6f6268676376273142273230574740454c5f616f646d725d6a7d646467725f666e6d6374253340273232574740474c5d6b676d707267737167645d74657a767772655d63737661273340253230554740474c5d63676f70706d7b7167665f74657a767772655f677663273340273230554d4a474c5f616f6f727267737367665d74657a767570675d6576633125314027323055454a454c5d6b676f727065737367665d746578767772675f71317463273b4a2532305545404949565f574740454c5f616d6d727067737165645f76677a74757065577133766b2d3140273230574740454c5f636d6f707065717165645d7c6d78747570655d713376635f71706562253140253032554540474c5f66676075675d726d6c64677a6d705d6b6e666f273140253230554742454c5d66657076605774657876757067253142253032554542494b545d554742454c5f64677276685f7665707675706d2d3140273230574740454c5f647063775d6277646665707b2d3342253030554742454c5f6e6d71655f616d6e76677a7427334225303255454249495c5d57474a4f4e5d6e6f73655d616d6e74657a7625314227303057474a4f4c5f6d776c766b5f66726175333426676e5d683f313b3032363065376737353331663f6461646a3d326336616530373336666636303a61363333636326756f64763d496c74676e253030496c612c2677656e723f4b6c74676c2532324b7069732732384d7067664f4e273030456e656b6c65266361663d33&jb=313534246e733d4d6d7a616e6c632d3a44372c302532322a55696e646d75732732324c5425303839302e3027334027323257696c34362533402732327a34342b2532304372726c6555656a4969762d3a443731372e3334273030284b4a564d4e25304125323264616b65253030456763696f292730324368706d6d672730463330312e322c363935332e3c332530385b63646372692530443733372e3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kulbvvkh7et6ufr3r5zl3hrrmbd5fgk6m9d88b12300a3e458am1.e.aa.online-metrix.net/fp/ Frame 46FF 81 B
438 B 66ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kulbvvkh7et6ufr3r5zl3hrrmbd5fgk6m9d88b12300a3e458am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame A1D4 81 B
531 B 13ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=77C6FC77D1EB1BF813C36210FCE0D804?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jb=3730242668716d753f4e616e77782e68716d3f4c6b6c75782e687360753d4360706f6d65266873623f4368706d6f6d273230313031

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/b845e0f899776179fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1
Referer: https://activatecit1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:36 GMT
Last-Modified: Tue, 10 May 2022 16:10:36 GMT
Server: Apache
Etag: 4aa794906f504f33a5797783a433c867
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://activatecit1.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
Expires: Sun, 09 May 2027 16:10:36 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=C964221255CC828186844283786FD36B Show response
content22.online.citi.com/fp/ Frame 5ADB 89 KB
14 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

efdcf653bbcd7ae069734a6f85404a8b1e9be402ed1d4e3827b61e84e6518384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame A1D4 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=C964221255CC828186844283786FD36B Show response
h.online-metrix.net/fp/ Frame 4A4F 102 KB
15 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

6dd7c4d644c7c9350b57e636e951f5c17932b8f74042a26303620280bb8e08fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame A1D4 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jd=3736242668646c3d313a2e6a6468353666343163323a30336b6737343933396a64626363663b38626735313335313e246a66746e3d323838323338

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame A1D4 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=C964221255CC828186844283786FD36B Show response
content22.online.citi.com/fp/ Frame 5142 89 KB
14 KB 16ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4585fe708940ba3b8d2662557703e28fee9312530544847d78cf3dd69265e2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatecit1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 May 2022 16:10:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame A1D4 0
218 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&ja=33383a332424613d3224723d32266e3f333432307a333230382461643d31363832783132303226737a793d327a322e6670723d312c333430382c313232322c313430322c333032302e333e30322c393032322e313432302c393030322c302c38246d743d613a38326362636661353f6664666466396763383c313134353236623b613561246f6c3d36247b63663d3a36246e6a3d6a7674707b2733432532462d30466163746b76617665636b763326616f6d2532466e6d67616e2532442464723f26726c3f3124706a3f3f38643230636334606364606531393162353338376967306433626662326634266a6a3f316164353730393336333e343463343a3735606264333036316137616c3136392e68716d3f4c6b6c75782e6873603d43687a6d6d65253232313033266a716d77354e696e7578266871627d3d4368706d6d65246e6a633f36246e666f3538247472663f4776632730465566696e6d776e2665637468723d3630303164316130606d613032653663613736383038326366313537343231646636353a3a393433643e6763633034666139346964626637323339313139366124703d726c75656b6c57646c6173685e64636c7b6521706e7767696c5f75696c666d77715d65656669695d726e637967705e66696e736721706c7d65696e5f61666f62675f6161706d6a63745e66616c716721786c75676b6c5f717769616b766b6f655c64696c716529726e7765696c5d736867616b756176655664616c736523706c7767696c5d706d636c706c617967705e6e616c736723706c77676b6e5d746e635d7264617b657a5c64636e736723706c7d65696c5f64657e636c76725e64616c716521726e776f6b6e5f7376675d74696d7765725c64616c716523706e7765696c5d626174615664636e716524656c5f6b3f776762676c5f6762474c253030312c302530322a4772656e474c253032455b253230302c302530304168706d6f69776f215767624f4e273032474e514c253a324551253230392c302532302a4f70676e474e2730384753253230474e514c2d32304551273230332e322530324168706d6569776d21556760496976556562436b74273230576d60474c414e454c455d696e717663666165645f61727063797b253342273030455a545d626e676c645d6f616e6f617027314027323247585457616f6e6f725f6a77666665725d68616e665f646e6d697625334225323247585c5f666c6d63745f606c676e66273142273038455a5457647063655f66677074602733402532304d5a545f7368636465705f74677a767d70655f6c6f642731422d3230455a565f746778767570675d636d6f787267737b6b6d6c5d62727663253b4025303045585c5d746578747772655d636f6f72706d7173696f6e5f7065746b253342273030455a545d74677a7675706757666b6c7c67705d636e6b716f747a6d706b6325334a2732305745404b49565f455a565d7c6778747572655d6469647465725d636e69716f76726d726b6327314a2530304d5a565d7152454025334a2732324f455357676c656d656c745f6b6e64677a5d7d6b6e742533422730304745535f64606f5f70656c6467705d6d6b72656172253b402730324f47515f737c636e666172645766657269766374697465732731402d30304f45535f7667787c7572655d646c6f63742733402730304d475b5f766570767770675f646e6f617c5d6c6b6e65617a2733422532324f45515f74677a767d70655f68616c645d66646f61742731422530304d45515d76657a767d72675f60636e645d666e6d6174576e696c6561722d31422532304d45535d7665707667705d61727261795d6d6262656374273142253030554540454e5f616d646f705f6a77646467725d646c6f6976253142253238554542474c5d636f6f70726771716d665f746578747770655761737461273342273232574740454c5d61676d72726d717167665f766778747d70655d6574632d3142253230554542454c5f616d6f787065737365645d766570747572675d6574613127334027303055474a474e5f6b6d6f727065717165645776657a7475726d5d73337463273342273230554740434b545f574542454e5f6b6f6d707067737367645d74677a76757067577331746b2731402732325545424f4e5f616f6d707a67737365645d74657a747570675d7b3174635f73726560253b42253232554542454c5d64676077675d706d6e66657a67705d6b6e646d25334a2732325745424f4e5f64657076685f7665787677706d2733422532305547424349545f554742474e5f666572766a5f7667707477726d2731402732325545424f4e5f667261775760756666657073253142253032554d40474c5f6c6f71675f6b6f6e74677a74253142273232554742494b5c5f55454a454e5d6e6f71675f63676c74677874253b40253230574742474e5f6d776e76615d6472617731342467645f683d313b3030343067356737373331643f6663666a3732633661673235313c6466343238613c313161632675676c743d496c766764273230496e632c24776f6c723d4b6c74656e2530304b706b732730384f726566454e273030476c67696667266163643d3b&jb=333536266e733f4d6d78616c6e612d3044372c30273030285f6b6e666f77732d30304e5425303031322e302731402d303057696e363627334a2532307a3434292732324172726e6555676a4b6b742d30443731372c3136253a32284948544d442732432532326c696965253032456d616b6f2925323241687a6f6d652730463132312c302c363b35332c3c3127323851636463726b2732463d31372c3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5krjf5rug7a7mkitpkbiuhopyaodfbv6epb845e0f899776179am1.e.aa.online-metrix.net/fp/ Frame A1D4 81 B
438 B 55ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5krjf5rug7a7mkitpkbiuhopyaodfbv6epb845e0f899776179am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 2857 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 121ms
121ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNDEgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiTGludXggeDg2XzY0IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NTIxOTkwMzY1NTEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4MGFlYmM5MjViYWJhLTBkNzNlODQwMmYwYmZiLTEyMzMzMjcyLTFkNGMwMC0xODBhZWJjOTI1Y2E2OSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL2FjdGl2YXRlY2l0MS5jb20vbG9naW4vIiwid2Vic2l0ZUlkIjogNTAsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjg4NDItMTdmYy0wYjgyLWRlYmYtNjkyNy1iOTk4LWNkZjYtZGQ1MyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjUyMTk5MDM2NTQ4Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDEzNjMsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NTIxOTkwMzY1NTEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-blue-0cjs
date: Tue, 10 May 2022 16:10:36 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H2 200 c.gif
c.clarity.ms/ 42 B
104 B 27ms
26ms Image
image/gif 52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/16001692.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D792 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jac=1&je=313e332e24726d3f7b6d732462617671763f7b22646774676e203a332c32322e20737663747771203a2a636a6172656b6e672a7d246377646a3f63633562316d366d363033616363613e6630613761333b3039333e3136346037633133353b346034663a6466363a363830313866673666303b6661663a34373b26677a33356a3739303c6033323b3130396634373431316163343d34333a346733306467613460663b36313567

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
64 B 40ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1652199036117&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=35215103&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819500023/ 42 B
548 B 42ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819500023/?random=1652199036117&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=35215103&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame C362 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 5ADB 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=89
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 46FF 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jac=1&je=3136322424726d3d6c6f2e6061767b7c3f79206c6576676e203a312e32322c207376637475712a322263686372656b6e65227d24637764683f616135603b6534653638336161616334663a6337613931303b31363334346037633331353b366034663a646436303e3030333a6667366632336661663a34353b24657a313f623531303460333039333a396c3637343b3b6161363536313a346733326667613660663b36313767

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=88
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1652199036138&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3268656122&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/959299794/ 42 B
64 B 42ms
22ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/959299794/?random=1652199036138&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3268656122&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1652199036159&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4106992670&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/644574043/ 42 B
64 B 41ms
23ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/644574043/?random=1652199036159&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4106992670&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1652199036162&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2762542385&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
64 B 36ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1652199036162&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2762542385&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1652199036164&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3385450177&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/695231162/ 42 B
64 B 38ms
21ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695231162/?random=1652199036164&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3385450177&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1652199036168&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3371424710&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/830907969/ 42 B
64 B 36ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830907969/?random=1652199036168&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3371424710&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1652199036170&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=32851128&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/960621875/ 42 B
64 B 33ms
18ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960621875/?random=1652199036170&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=32851128&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1652199036173&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1230098282&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/975701947/ 42 B
64 B 35ms
21ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975701947/?random=1652199036173&cv=9&fst=1652198400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa370&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Factivatecit1.com%2Flogin%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1230098282&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame A1D4 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jac=1&je=3336312624726f3d7b677b2660617c71763f79226e67766564203a332e30302420737461747773223822636a63706f6b6e67227d26637764603d636135603965346534383361616161346e3263376b333b303b33343134366a3763313137393e6034643864663438343030313a646d366630336663663a343d3926657a313d623531323460333039313a316436373e3131616134373431383e6733306665633e60663934313565

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=87
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=680835083583FC6C3FE9294ADD18ED0F
content22.online.citi.com/fp/ Frame 46FF 0
400 B 16ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jf=34313624716b645f706e6c3f74667a57406141495836554b4d4947544445623a26716b645f66697c653d3134353033393b303334247169645d767972673f7767623a65616671612671696c5d6b67713531323739333033313236303730633834343a61653366383a30313034303a30613a36343a616733643231303332353031343230323236336264336e3230633e6d37633b66633531673b6230313b643161333a3531623b3e6b3132613b383a33353033323b64663038363a6333603331373039363b3464343367363b3264343a3b36336037313063306164633535333435336664353463386a3061636062663a363a623331373530363664633b6433623b3164373a3b3226736b6457716965353b32363730323233323264393931303567663a63343233693e626264636237376263343167633166356333663732313660663037333330303030323b3737366b6a363766383036366130303232323665333837326638353d313266303b663033333733353a3567323230603834316461646264633b3b37326336333f333563306c616163343862313b603837386724736b66703f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=86
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=C964221255CC828186844283786FD36B
content22.online.citi.com/fp/ Frame A1D4 0
400 B 16ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jf=36313426716b665f706c6c3d76647a5d7776576e765b61485c3431585642735f247369645f666174673d31343730393b3930333626716b6457747970673f7765603a676366716326716b6c5f6965713f3132373931323133383430353261383e363863653366303232313034323a3a6338363438636731643833303132353033363232303236353636356d3660333e3332643464666035353e6636643532636c3a37626536373232326135336332303332643034373563376e6531626360343035343b36603630323231303660636b6337356039603a33643b663733303430396766396538343163673565643460306031336565393464646934313137326538613530383b3024736b6657736b67353132363730303030336d6438326662363866353139323037343462333263366c64363331636463303138356364643a33666136363964326362603a3a6566303b643b373a39316366303a3031323066643d603138306364383264383334663a3b36386434653931323731383165346633383b3831613566663633666d646338393533606736633135323b3364353726736164723d30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=42C16CF0C262DDF37B0A9CAB8E5786FD
h.online-metrix.net/fp/ Frame 5266 0
400 B 15ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=42C16CF0C262DDF37B0A9CAB8E5786FD?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jf=34313824716b645f706e6c3f74667a575731767059747540705144424655755826716b645f66697c653d3134353033393b303334247169645d767972673f7767623a65616671612671696c5d6b67713531323739333033313236303730633834343a61653366383a30313034303a30613a36343a61673364323130333235303134323032323633353632693037376a306063666564316436323834323a343163633a323730616b6d3538383a383134616735663033366637663439373664353536646464303638393a3139343235313e32616362633161323b6138623230623066613a3435316a6e3464636164336365333263363a6339376330373b36673931663863663a6026736b6457716965353b323634303232333232633432636636323836303032353939623262313137673661306260676665383060613b6631373364663536343a383534303d6336616c6a34313a66643260603530323233323061333b336131673c6a3439386039633164603332343b6439363a37316167356260303965363b34323863326a6731673f3132336363366630333232323560336224736b64723d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971
content22.online.citi.com/fp/ Frame D792 0
400 B 17ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jf=3439362e716b645d7066643f7464705d767130504b3771557a3634445374635824736b665f666376653531343532333b39303b3624716b645d767972673d7f6d6232656b667161247161645d6b657b3f313235393b3233313234303530633a343638616733663230303930343038306338363c3861673164323130333237383b343a303832366466663c353a33633a616464313669373337333a363b633331356735663565676634326d37346231366163313f31616630633260363737383d6c616a306c353b64603a69313a35633636346733663d3730636160623263373a673231303638373363613a30663962613063666c3631343738673b613232333e69633d616b346026716b6c5f7169673f31323635303a303332326637646130613036343a6138663b35306c39303663676635343e62666361363034333164353c3c3639633f373b3961313e386439376464636436336a37336335323230323534366431313464666330363e396134633a6062613163316732626067346434356a39373c3931603061356738333a38303635643b65363f316360613438633624716b64723f32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=F1B0196727B447D05B11FF39C1D64DA1
h.online-metrix.net/fp/ Frame C325 0
400 B 25ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=F1B0196727B447D05B11FF39C1D64DA1?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jf=3439342e716b645d7066643f7464705d403564456b6873413b504b684061605524736b665f666376653531343532333b39303b3624716b645d767972673d7f6d6232656b667161247161645d6b657b3f313235393b3233313234303530633a343638616733663230303930343038306338363c3861673164323130333237383b343a303832363267373a653762663433353263326c673061303a376363673b3a35373b6038636064396e613a3139613631666b36373a63373660383b34343b396569326e3b3431613639346361636433633630613e3160636732636060673167643367356531663a356e39646363646735663b3436633b633561663737343e31666c3569336426716b6c5f7169673f31323634303a30323134633034373a353a3635636362363637386d32636132366337656a63333033396135653563393f3b626c323c37303363303932646166333131673264316063323030303632613a326062606033366131383938333133603263323e3864643136366464643730383c613f303f3b353361353b646631623a37363b62623a30366435343724716b64703f31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=28B09FD9C015FA7DE8F62D2FD99A2849
h.online-metrix.net/fp/ Frame 4A4F 0
400 B 40ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=28B09FD9C015FA7DE8F62D2FD99A2849?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jf=36313a26716b665f706c6c3d76647a5d31413a71474b5459657844326b33595a247369645f666174673d31343730393b3930333626716b6457747970673f7765603a676366716326716b6c5f6965713f3132373931323133383430353261383e363863653366303232313034323a3a6338363438636731643833303132353033363232303236346637663c3732653b663a36303266373530393a37373038323a356265353736356635326436673a6b6135623136306135623137633064346162323663363732373630333d3361343f3736633164316138643c67653038303931606463663134653036336331646038373966373066336039303036373a34333167366063326624736b6657736b6735313236343030303130383b33333134356e36656232333a35653b33653b63616d6438323535633635366b3635656031626263313a66633b3638663a316131653c67343631643a6639383e3232303130306934613137363739363532656663363f6165653737326061626d6639666663396636353b633564346336616a6463626d6630316638306634356e64663b3738352e716966723d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D792 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 46FF 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame A1D4 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 16:10:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971 Show response
content22.online.citi.com/fp/ Frame D792 0
219 B 39ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C5A0ACCDD59FE9DD588C72736885B971?org_id=89oebq5k&session_id=d8082347b9ab1e676fa59fcccbecc6f634b6ab2349db0df3e494c66dffac3d89&nonce=b19de19be346047e&pageid=1&jac=1&je=383c262e7265653f273f422732327467702732322d314331273043273030776c6665646b6e67663230475056494f4c3225323a25314327354064616e71652d3a432d323a4d52544b4d46253032253041362735442d3546

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=680835083583FC6C3FE9294ADD18ED0F Show response
content22.online.citi.com/fp/ Frame 46FF 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=680835083583FC6C3FE9294ADD18ED0F?org_id=89oebq5k&session_id=5ea2f3ad258c0788c2fadab7615ec6431cc44388da060360b047f350cfa3f346&nonce=9d88b12300a3e458&pageid=1&jac=1&je=383426247265653d27374a2732307e6d7027303225334331273243253030756c646764696e676c38304f5056494d4c3027323227314325354064616e71672530432532304d5254494d4e2d3032273a4b36273744253746

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C964221255CC828186844283786FD36B Show response
content22.online.citi.com/fp/ Frame A1D4 0
218 B 15ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C964221255CC828186844283786FD36B?org_id=89oebq5k&session_id=fec036346b9e6e8f3261b74d925305e83a0ea205cdec26820e450cb59d1e72a1&nonce=b845e0f899776179&pageid=1&jac=1&je=3a3424267265673d27354a2530327e6770273032273141332d30432732327566666566696e676430324f50564b4d463225323225334327354a66616c71672532412530324d5256494d4c2d3230253a4136273744273544

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activatecit1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 16:10:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

489 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prod.report.nacustomerexperience.citi.com/glassbox/reporting	1969-12-31 23:59:59	Name: _cls_s Value: 1e466d47-00bb-4a23-8425-6225a317e878:0
prod.report.nacustomerexperience.citi.com/glassbox/reporting	1969-12-31 23:59:59	Name: _cls_cfgver Value: 88c8bb25
prod.report.nacustomerexperience.citi.com/glassbox/reporting	1969-12-31 23:59:59	Name: _cls_v Value: 9ad44779-590f-4b7f-b7b8-504867d505d7
activatecit1.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3a78cc0fa30235f619c1220dc1b2bcdb
.activatecit1.com/	1969-12-31 23:59:59	Name: cdContextId Value: 1
.activatecit1.com/	1970-01-20 11:42:15	Name: bmuid Value: 1652199033399-C7FAFC93-34BE-4DFD-8944-289AC93C492E
.demdex.net/	1970-01-20 07:15:51	Name: demdex Value: 53977321189557714460476298124886788676
activatecit1.com/	1969-12-31 23:59:59	Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1
.activatecit1.com/	1970-01-20 02:56:40	Name: _dpm_ses.1fa9 Value: *
.everesttech.net/	1970-01-20 11:42:15	Name: everest_g_v2 Value: g_surferid~YnqOeQAAADmBogN6
.citi.com/	1970-01-20 20:27:51	Name: s_vi Value: [CS]v1\|313D473C82A330CF-400011879ECEC41D[CE]
.citi.com/	1970-01-20 20:27:51	Name: s_ecid Value: MCMID%7C48489726971725413331098804261134136295
ci-mpsnare.iovation.com/	1970-01-20 11:42:15	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: XySE4ilp07kw67lJgUjIm0c7kjmjVeufS9Qz4cmwkII=
.dpm.demdex.net/	1970-01-20 07:15:51	Name: dpm Value: 53977321189557714460476298124886788676
activatecit1.com/	1970-01-20 02:56:40	Name: 7830 Value: error
activatecit1.com/	1970-01-20 02:56:40	Name: 7018 Value:
activatecit1.com/	1970-01-20 05:06:15	Name: 64072 Value:
activatecit1.com/	1970-01-20 11:42:15	Name: mdLogger Value: false
activatecit1.com/	1970-01-20 11:42:15	Name: kampyle_userid Value: 8842-17fc-0b82-debf-6927-b998-cdf6-dd53
.activatecit1.com/	1970-01-21 22:44:39	Name: _cls_v Value: 9ad44779-590f-4b7f-b7b8-504867d505d7
.activatecit1.com/	1969-12-31 23:59:59	Name: _cls_s Value: 1e466d47-00bb-4a23-8425-6225a317e878:0
.activatecit1.com/	1970-01-20 11:42:15	Name: cdSNum Value: 1652199034086-sjn0000266-8739e7b9-9917-490d-9770-7a6b39a85ded
.tvpixel.com/	1970-01-20 11:42:15	Name: sp Value: 51ad0e61-10e9-4a54-b830-45b74d1040d4
.activatecit1.com/	1970-01-20 05:06:15	Name: _gcl_au Value: 1.1.1896132663.1652199034
activatecit1.com/	1970-01-20 20:29:17	Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C19123%7CMCMID%7C48489726971725413331098804261134136295%7CMCAAMLH-1652803834%7C6%7CMCAAMB-1652803834%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1652206233s%7CNONE%7CMCAID%7C313D473C82A330CF-400011879ECEC41D%7CMCSYNCSOP%7C411-19130%7CvVersion%7C3.1.2
.activatecit1.com/	1970-01-20 11:42:15	Name: cd_user_id Value: 180aebc925baba-0d73e8402f0bfb-12333272-1d4c00-180aebc925ca69
.bing.com/	1970-01-20 12:18:15	Name: MUID Value: 2F2780C6DDCA6FBF107B9166DCA16E95
.agkn.com/	1970-01-20 11:42:15	Name: ab Value: 0001%3AIHTnFuNO5lG3EVqov%2FmfipvBwKtmKcFU
.agkn.com/	1970-01-20 11:42:15	Name: u Value: C\|0CAAqDUr7Kg1K-wAAAAAAATPZAAAAAA
.activatecit1.com/	1970-01-20 02:58:05	Name: _uetsid Value: b9b997e0d07b11eca1962f5ed8339c8e
.activatecit1.com/	1970-01-20 12:18:15	Name: _uetvid Value: b9b9b030d07b11ec8542eb50741ed728
.activatecit1.com/	1970-01-20 11:42:15	Name: _dpm_id.1fa9 Value: c83c8243-0db7-4dee-b165-43e3a6801e20.1652199034.1.1652199036.1652199034.eadf99c3-7515-4239-afe8-5978c83e80d3
.c.bing.com/	1970-01-20 12:18:15	Name: SRM_B Value: 2F2780C6DDCA6FBF107B9166DCA16E95
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:18:15	Name: MUID Value: 2F2780C6DDCA6FBF107B9166DCA16E95
.c.clarity.ms/	1970-01-20 02:56:39	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-20 12:18:15	Name: IDE Value: AHWqTUm4ApuuKGUt1bTr_k96QoiUVyCYrTy-iuhDRk7wAaWKVnjz-4LnxrYXC7RY
activatecit1.com/	1970-01-20 11:42:15	Name: kampyleUserSession Value: 1652199036548
activatecit1.com/	1970-01-20 11:42:15	Name: kampyleUserSessionsCount Value: 2
activatecit1.com/	1970-01-20 11:42:15	Name: kampyleSessionPageCounter Value: 1

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://activatecit1.com/KNYGHT/a/16003743.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/0_004.txt Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/0.txt Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/0_002.txt Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/0_003.txt Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/config.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://activatecit1.com/login/(Line 518) Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff' from origin 'https://activatecit1.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://activatecit1.com/login/(Line 518) Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff' from origin 'https://activatecit1.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://activatecit1.com/login/(Line 518) Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff' from origin 'https://activatecit1.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/cds-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatecit1.com/KNYGHT/a/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.pbbl.co/r/1560.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://activatecit1.com/login/ Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://activatecit1.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://activatecit1.com/login/ Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://activatecit1.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://activatecit1.com/login/ Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://activatecit1.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
89oebq5kpvishrqv7q6hkiwxhnv7b2gwaipjfon4b19de19be346047eam1.e.aa.online-metrix.net
89oebq5krjf5rug7a7mkitpkbiuhopyaodfbv6epb845e0f899776179am1.e.aa.online-metrix.net
89oebq5kulbvvkh7et6ufr3r5zl3hrrmbd5fgk6m9d88b12300a3e458am1.e.aa.online-metrix.net
activatecit1.com
bat.bing.com
c.bing.com
c.clarity.ms
c.tvpixel.com
cdn.pbbl.co
ci-mpsnare.iovation.com
citi.demdex.net
cm.everesttech.net
content22.online.citi.com
contents3.00110.citi.com
d.agkn.com
dpm.demdex.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
h.online-metrix.net
metrics1.citi.com
mpsnare.iesnare.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online.citi.com
p.tvpixel.com
prod.report.nacustomerexperience.citi.com
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
udc-neb.kampyle.com
www.citi.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
www.citi.com
104.111.238.178
111.90.156.40
13.224.198.56
13.36.218.177
142.250.186.34
151.101.193.175
151.101.66.133
18.197.253.20
18.198.193.48
18.215.10.128
192.193.200.243
2600:9000:21f3:a00:1d:bf0a:0:93a1
2600:9000:21f3:d000:1e:54f1:26c0:93a1
2600:9000:2315:9600:13:ab57:d440:93a1
2600:9000:2315:c00:a:6cdf:4440:93a1
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
35.190.60.146
35.241.45.82
52.141.218.213
52.142.114.2
52.213.35.75
52.31.67.18
52.43.32.23
52.49.14.51
54.228.71.178
91.235.132.130
91.235.133.67
91.235.134.131
05a45e5c705e5fa8b22c243d3461520e64f75236b702335764bed044e763e25e
05b2915e55e298788d787bc80e3a1fc3b150e02bfb25cb6952b0b7842976ee37
0968db0461abc4ff0e881c73df5a1917c9e5e95540698e562134f3786513f85e
09eb96104befe4409ccb5871141c088329e8802a819bd1f1f68a1ba1d7043fb3
0a01ae419df5553459d153653afdea42428f662d0dd69d42c0fdf9453f2ebd61
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
0ac219408607765a421cb88f4d875019e7eb3a29a4289d1e596365911cd973a9
0d10d1c5dec8b1201603dd15a9490c2edb196204050a8c03a10718da71a94162
0f201d18b97ad141d91e1d40e3476d46bb7e1535fd7b0e7efdcbc394099b482e
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
198732d8e812546daf7364126ee4d74aa53ce3e2048d5412a97ae297e1f6093d
1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf
1c748c561cb6547b8829d3576a6c6bae2e726fc922df214bd4c27c32c7a46b98
1ce6b8de9770878e9addb91ab530e3a4de53118586a2d47891614dba325f4bdd
1d34e33bbf1cb9c88c67c2d554c6e7ac3d30ad19f2ae8a136b2619246a3803be
259ef712180a5ec807f5a4782b6257a7a77280649dbe8dc4afe66e44f0085935
25f533381095fcfe10a4a320987555b2bd6781949f7e37db1659b220153ff90a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bb8aabf5567f3e57f59857bf9c3efd63ce531d35e0983446cf20fc91880d0c1
2f0ecdb0457415e52fbdeea735ef9417bace3c7d544728ee013eca0f3a6acb53
2f92fa4c8d834bf3dc1b4dfda2fbad2c293bc9fb934648e56a3c81623f5fda5a
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
3263f23dbf8cee69a998ca25840d28d6c3efd1a42fbf97d173d16e57943218b0
335994132acef63f53147f0f6bf5f4421f66dd70bd84ea120182a86f9b9068ad
35dc4f3ffc20d8d29ab5f7cbbf2792bb37867a23eb7e07335fff668a7d97fae5
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3efca157844c00e54b4bafa060f117ab667ea88b7a771de28777fa556989dd73
41ce591befcea0c2f640e7c8a898ff346fa7e1cae4a9a5342eba4bd806794278
4585fe708940ba3b8d2662557703e28fee9312530544847d78cf3dd69265e2b2
48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a
48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593
4f4e0e6bb783845d87ca3273021c58a559400e78ec68246328c7541927fe3809
4fc48fd2c06024a93378991ceda718bb5fdf080a61c50990860d9a9f91a5c596
51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a
525a923253fb0a158956eaa9418f732b6722a656cf05cfc427cc0b33bdfa0408
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
5581a16a0d578e05e0fcf204b0478c4f2363c665db7475cb3a63465b0c1d12f3
5abce2839e222efcc15559cdf930d502cfd916f2aee47ada79b209080c37835d
5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
5f67d8631df0c3364dbd9730cde570d51cfddc04dc4234db3a48db8bc18e862f
607f80b8d2a3179ded6b0695e73d11a4e169493d807a41a58de16721d7605639
61adc85a0e6602a3020697991b4026e180f6729bb2a2f51b302d8751736b5f58
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
63df17793920dab4d4626b0f84fd3f47afb053335e84231668da9210b366b3a7
66e0a4b3019f0e19c99a314095a7e13932cd8afcb82a236475abf3f8723ea69d
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
6a058157c9ec4b1ea4d694cb65f633fc9e0e8fba3e3804a84c47df555f90fa97
6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17
6dd7c4d644c7c9350b57e636e951f5c17932b8f74042a26303620280bb8e08fa
6e4b9796ee8cd7b3051b4e4c31e36e6ba548247a0220e424d47be62e429b768b
6eb3e0f2c60ca313bb61c9827b440ef9ab65bea139e0cbec6719d087b8ed63e1
70750d17f43c319aa181fc8f4ada1d473455ec7d179b950f03b42f1d6d39fe54
73c3b7e57ba0acbfb16780ed66211620b33f7a87ba6f2086c75e232424935676
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
755cf63ccbfa4cc741fa57e964453c5ccaf71af0bea52cd90ca85766972915fe
77392e295dc8c9f809057beb5deb988e93ff53a4a1190a59d92c66f459fe2f4c
78940a523e04bc0cbcd0940ffef99e54b0d7a8f90abe31e4fd93436184464c6b
7bb83f158863aaf5ee0e33ac704708d3cd9842fb4ac905996c05c9e089846846
7bd2f4b81489169257063e2ca1aeba5244bcddb0a51f49ad9ad3941bb2ce3d6c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80ca50c063371e37ab3ed2efb9842c2aac89bd9e2ac64de697950c588d4df7c2
84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8a094318a0fa7c1cce1854903ee639585bd781a90bfafe13a107653a6a6efcde
8a47f293055815657fc9550afe26cffa8e4cbb944dcb26ecca201ba52d962d03
8f3ef154b49e05307b8c9d6b2d3e6e8606f19eb557303d0e573b297bce23fb63
8fb1309f1c5771dcc2ec513ba88802e7229ceb76cef596f7d7fc6d1934f928f7
91ed661bb99b1cccfde639ec7a69f3de3cca9ce1b20910587fce184a071810d1
931c5d43fcaa23d18fbd8bc090f81cf748c3598cf9ae6dea51a38b834e5d5062
935719f984362a20a9c13b443c3de72fe68b6f78b3c56ec1673bf7c2dc9e9c8d
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9946d53fd289535b32d7d2fa1bf8c251337dda6ccf582dfe2764bf5101d09081
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb0e1f9c2424fa8326d7aa035e1cc92073377c81cae82aa9eb8ce41eec4020e
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
a3c8d9afc66c4d1e2a15cf31dc91ee5c535e0e8d735cab8280c436a964cb290d
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
ad0944936a4f38ac26d845c6403dae69e06bd17684e139779b86f6aa955ddddb
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
b5d1c26722742c44e62a4fbb4b67117d2587aa320f61784a27fea9d66d9f62b4
b73ac937457b12918c1db52a7f0849791d25d92a406902e9df7aa44cecd09d8b
b97f32c9dffeb85ea0eda24e1d29d4af61737c70fb12743fbf3ae79e1ba30f69
bb2b59f84275dbbe371df99d13f932181aeedc099b1abf08046e229d7c4fc80d
bda48a440a32d7c7230c44472cb8980e4ebc19a76af480ba9f0ab113e1f3c12d
be9647349f9a4d924c173e3ff53b1269cc9766e0f7ead94f3cdea2df6c1def46
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c05a6d621d11074021ee182c230296723ea5e617d95f73a7f603a5765983ddad
c15c2ced1549ae0624ef07893d4c1a0ea4877ed406de5697fe9e23a076d1bb9c
c19e68f5a3f57c64184fc94c9fb47d11050e8fc020cb5a051867f7e5b264c3a7
c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29
c521114642185bbe2e4d8e5f9cdab7692919257302c56b0a5391f5a3fb16300a
c6b18696b4c5b4263811c4e959e0ae84b508ce7229c270257bbb849f3492afd9
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
ceb1270a7b48491bdf0997e41e324c482cdab7047734e1ba1e89ead5ee60d8a4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fecaa01983895dc1e41c780de6f1b8917b475281515037449a694000ad3473
d23cfd911f68fb1e977822c83e914624905cf8bf281de9adddc292206bb03de8
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
db83816d749cf03412287119483151a345f43b8932f90fc00721033399797c4e
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
dce3cc2da10598623878df6cbf95b375e30344d9bbef36e2567a820372cb84a0
dd3794df24715ee01ec08c106f834c3b9d5ec237556f7e28671c88ce4f97cb9e
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
ddd37540b553c465d08c436f1c67f1ac1786bead441512a1bff1c2edc5f47bc0
de7e301f755dfbc85162b5d0126298489c2ea1454d60910914f207aaf4d8d102
e1a39ee890f6fedadd629d5d0a3f913194f34aeaf9aad37e9f09ce625712eb6a
e293d8492e75e7e94e3b286e229847b988f61001f7cfe84e5e4aa2e3f119535e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e425c7db4b557a0a3d11cc12d380e1a03a9592c21180438b267f51f2edba46f6
e5b7b282621489a17d2310df61f0066d69de6a8b543f56a44cab231b1f222f0d
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdcf653bbcd7ae069734a6f85404a8b1e9be402ed1d4e3827b61e84e6518384
f083a0e3e32ce7608c583ee3784b05ceae13c373562a7558e7da10612cedf7dd
f09e591b45606435dcafa0af8dee93b066cf3c2ec7cae6fff023ac7f117d28ba
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
f492dbcce03c5a29721bb47554dd31ff680a3990038024cbf0bf8c1907417782
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa640310f1a697ebd8243e2ea0339afeb86c5debb2a4c04c4230877a190ce8eb
fbe3d6908d3e8ed253322936920a4c28b963726ba6af7517c6829093bd20ca66
ffb651309250e9ce8ca4d6a354d9403cb80ec23ef11eebc6d518163948061c82

activatecit1.com Open in urlscan Pro 111.90.156.40 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

251 Requests

96 %HTTPS

28 %IPv6

25 Domains

37 Subdomains

32 IPs

5 Countries

4900 kBTransfer

17013 kBSize

40 Cookies

33 Outgoing links

Page URL History

Redirected requests

251 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

activatecit1.com Open in urlscan Pro
111.90.156.40 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

251
Requests

96 %
HTTPS

28 %
IPv6

25
Domains

37
Subdomains

32
IPs

5
Countries

4900 kB
Transfer

17013 kB
Size

40
Cookies

251 HTTP transactions
0 data transactions