linkflytoapplycardd.curls.biz.id Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

33 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request log.html Show response linkflytoapplycardd.curls.biz.id/	537 KB 61 KB	374ms 135ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 127997b09ed6fe35d5a363d608590d516c3507c87e0bbd82fe9f5b5915c288ef Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80f5cc447ae50624-IAD content-encoding br content-type text/html date Sun, 01 Oct 2023 15:39:21 GMT last-modified Sun, 27 Aug 2023 01:15:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DD%2BeW%2BIdqreRGpEq%2Fpp0sP%2FdqFQvZXuncBDFhha%2Bmo7pECqKSDsn6pCCwQgfwD5BmCc8TB0qbANbff78gH%2BL8cySzFUJyMd3JO7h264iK9YjLDfNiI4WjPsvoaq6U1wyO1RRGVYOOZtzXTVs7mmILISn9DLfiV%2F5d7BTiUkbXw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H/1.1	200 OK	c1a4aa7be6a1555bf6f96086ea852669dd0011213c3f Show response www.citi.com/public/	157 KB 56 KB	139ms 29ms	Script application/javascript	104.102.55.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.citi.com/public/c1a4aa7be6a1555bf6f96086ea852669dd0011213c3f Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.102.55.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-55-191.deploy.static.akamaitechnologies.com Software / Resource Hash de30ce055c48c5670e01861f4525298275f6abe9cefe4a05f169bcf8d33ddff0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Sun, 01 Oct 2023 15:39:21 GMT Content-Encoding gzip Content-MD5 GbwImYBOBMTnX/aJhgaO3w== Connection keep-alive Content-Length 56220 Last-Modified Thu, 28 Sep 2023 19:53:45 GMT ETag 0x8DBC05C9FCF492B Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, HEAD Content-Type application/javascript Access-Control-Allow-Origin https://citimobile.citibankonline.com Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control max-age=600 Access-Control-Allow-Credentials true Timing-Allow-Origin * Expires Sun, 01 Oct 2023 15:49:21 GMT
GET H2	200	Interstate-Light.woff linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	74 KB 74 KB	150ms 148ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296 Request headers Referer https://linkflytoapplycardd.curls.biz.id/log.html Origin https://linkflytoapplycardd.curls.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:21 GMT cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfTNXSKNTyqijq27t817uT62dvNeWJ3urKgnwl4TPli7Ozlyxp2HmqEUyQXryYUi6NO1ljeG8h2n%2B884Dz26KycuR99GtliZIukeOu4I4ku%2BoWThps2S1%2BU3x639qu80oax2CeU69tFJjPypQ7ZcAkRhZDEPIF6GO4Aww8jM6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc455bec0624-IAD alt-svc h3=":443"; ma=86400 content-length 75538
GET H2	200	Interstate-Bold.woff linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	70 KB 71 KB	211ms 210ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7 Request headers Referer https://linkflytoapplycardd.curls.biz.id/log.html Origin https://linkflytoapplycardd.curls.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:21 GMT cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsTm5%2FqJ%2BPgxXHDq5nYMzwcuHVZ8LqQrMCjVv%2FsaDorCDWN3c%2BWsy3CmAvWmz6sQ11GuTQjeclvLV7ibevedwzPvJHzVVtPh0FGicvWS2aLKueC06Oaa3w35BXm8DqPh6OFR3yESw27JJgf5%2B8q1%2FRdUj%2B%2BbuadhOpjwVK6lJw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc455bef0624-IAD alt-svc h3=":443"; ma=86400 content-length 71874
GET H2	200	Interstate-Regular.woff linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	77 KB 77 KB	207ms 206ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe Request headers Referer https://linkflytoapplycardd.curls.biz.id/log.html Origin https://linkflytoapplycardd.curls.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:21 GMT cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BHaZlcQUrBrEG03dj1YrvYdMu9PcDjDEgGp9eQfr%2BeZBoEwBnORsBbqCecoj1%2BYbL0AG2xzJL5HwJWIegWYjthCzLVPUBDHHr0VNKNXWtek2Q8If2p8DoKUOfvgKbxWcUibBhXrx0kqU2a8LS%2BZQTvIk4P0gvLweZV89wfqBQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc455bf00624-IAD alt-svc h3=":443"; ma=86400 content-length 78762
GET H2	200	styles.ef077b606b931a6e.css linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/	2 MB 188 KB	224ms 224ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/styles.ef077b606b931a6e.css Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c3f1eb8ed51e1ad8fd3d55c9d3db71bf888ce035b613565d5bbdfba0935ad45 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:21 GMT content-encoding br cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=verRrC4r89PQ7ln1aSPSLSF%2Fy7WfgsisLYS5rNfwbaBhF5uI1%2BhJF6IeyNgV15ahgQbp3khGT0PoU6XlB%2BBVxp2Ev%2FY%2F4BSGHRQOlYdST72ntYrrxujbVdWyrHjK1Rn%2BhKXtHux6x1Tb0%2BWtl5tBkYZL2L3R%2FktFrncB7qD%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 80f5cc455bed0624-IAD alt-svc h3=":443"; ma=86400
GET H2	200	citilogoredesign.png linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	1 KB 2 KB	1529ms 1528ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/citilogoredesign.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cebe6c7d3188cd697399bc4eeb2b7a3d94b8d461b50eebcd145aa0ecc620c522 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:23 GMT cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHlZPfIslXNmUyP7HdPlBin6jiAcTbzo2bKZIu%2BRoGR4XqM8Hyr2L9erjUejUN5cAcHdkHvvqGLRZ%2BRE6Zi%2BXwTpaiwUXPtCDjLt5UHbf%2B6PSFe43%2B2n9gY2D7vAi3ElzxS60pevWLCiV%2BMN1uAzbN%2Fp1o%2BccfapAMSuyASszw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc460c8f0624-IAD alt-svc h3=":443"; ma=86400 content-length 1409
GET H2	200	050-location2x.svg linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	2 KB 1 KB	160ms 159ms	Image image/svg+xml	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/050-location2x.svg Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:21 GMT content-encoding br cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ISk5rqNW9yFaS8WtGZc3Eg8nxfhCRG7Yt8PwjVPb6wArmyTLr4LddUhbqh%2B0yEBXoqlDHZlAvD%2FN4%2FAQMM7Y5p10%2BDUvBxHW3nCCwngZRaGUoFPns5dCfWjeE923aXa9EuIJ6uxwq3u53zQvn2KQcCrVycgm1A9dcX8ytHOCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 80f5cc460c910624-IAD alt-svc h3=":443"; ma=86400
GET H2	200	icon_globe_med-grey2x.svg linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	3 KB 2 KB	2544ms 2543ms	Image image/svg+xml	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/icon_globe_med-grey2x.svg Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:24 GMT content-encoding br cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzuZAAZvN4Qr78y46w2NrYMDog2WsqyDmBW77wppnI1uWZhRLMIJWhgzlikk08lXtJySLnskd9NergT4uK%2FFT%2FUMbOI%2FV7SzUBmHMj7oZl4oqniv%2BVGazBqLyh4wZi6o8dzZ2s5M%2BcAl6F5G%2BuN8AdealBDRTHTpXeIkgd%2B3Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 80f5cc460c920624-IAD alt-svc h3=":443"; ma=86400
GET H2	200	googlePlay3x.png linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	24 KB 25 KB	527ms 527ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/googlePlay3x.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:22 GMT cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=663wA89iRvOEEHcb7xSikufgPRF4YEZHO%2BH%2BGyIuSZ7%2B4RlG5phLQSBCluTL5yKswjGYKn65p045DehAkUBkyJsYyuTk7V8t0L8jIZk6KODDXsXrjO6%2FglJNgjw5pXCEYC7cOpZkr7RZQWZLODVQMmNzeY6HUZEN%2F444ZV60PA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc460c930624-IAD alt-svc h3=":443"; ma=86400 content-length 25077
GET H2	200	appStore3x.png linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	20 KB 20 KB	160ms 159ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/appStore3x.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:21 GMT cf-cache-status MISS last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etZckYPwvJVRg1%2Bg%2FuP%2BQpW2OipciwsDIdl%2BdMQNkpeJSeRz5YvT3foeBPwVQaKj8WWVSU51a7iquxD5d38X7wvMKIEBb4eZ9xHtfgtLrlo%2B96R%2Fia0Dh5SzhasmDqTxatwAJzGKvEPng5n1ClZtPMZiRUkzV2aPGv75iOZHhQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc460c940624-IAD alt-svc h3=":443"; ma=86400 content-length 20047
GET H2	200	phone-new.png linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/	6 KB 6 KB	1526ms 1525ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/phone-new.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62920961d08702254a7deac2601d0481ee1c548fab440b64517c2d86c468843f Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:23 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI6Yx%2FyYi8j8uxwjdClaxYdtyFxBkAdSlPkqwmFKm4GeSls2XR1t3UUJMfZp4fAiGmKH282cbaotvyWpDvbDdMeyadbw78YBMk7c9fDU9%2F5RgcN1GA10ECqdkIlsKkHNz8jdT4wDbOr11IzTQlUZ36DlbADmQBWvBdTtXOSWXA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc460c950624-IAD alt-svc h3=":443"; ma=86400 content-length 6124
GET H2	200	laptop-and-phone-pairing-new.png linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/	11 KB 11 KB	2408ms 2407ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/laptop-and-phone-pairing-new.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 280255d34c881ca94627b2a1bfe5a44b068487c6bd9da9d55a01f8763a3c7914 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:24 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHQ5%2BBnBdVnNaCMSr4UsFczXdDiOpEJEau4gUMgCWZ1AMyzs7xb0dNjw05Q41OF0Tkc1rxP76iw%2ByT3xuCvnpqX%2FUMvRehVRkuyt1N153T7HpOr7TfurDpaeukvuMWJqeswDAYgNAc0hgoSMmxhNNwKkR7xXLVUOBJzDQFRrRw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc460c960624-IAD alt-svc h3=":443"; ma=86400 content-length 10946
GET H2	200	laptop-and-phone-success-new.png linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/	13 KB 13 KB	2531ms 2530ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/laptop-and-phone-success-new.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82b78ed4a68d13bb927ce09291b82255ae0f8d9b28afc70083a328a8977b7713 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:24 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBaZveDibEfB7ePNt68mjkpFGDoVFZZZbEC0XhE9J18fnC57XtyefmeNWU3XgebphsQjjS6zTnO0EFNOCUxyXpTl1N7EgrlJ2hVIOC2FdlPNcL8TIZ%2B1MZKeTHX6YrCMNVHts9XGoZwisRN%2FdBPXIePgkYYTTIW4eFCW8FJdIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc460c970624-IAD alt-svc h3=":443"; ma=86400 content-length 13259
GET H2	200	qrsignon.png linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/	741 B 1 KB	2545ms 2544ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:24 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fau6EwNUQGVorh0irOP5cEUf1wptuRSXYtjbPtxfRUjMU9pHB1rJMedFM36OH8YC4vQqBcWReyikWqbbqJaApveeIQscUsdSgNJjW5FHIamlZ75q0P0avCOt3Aot5Lp2f5MLwDFCZY1LkLwIxWm8vF2uAY0B%2FjxzoP0GERnD7w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc460c980624-IAD alt-svc h3=":443"; ma=86400 content-length 741
GET H2	200	EqualHousing.png linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	2 KB 2 KB	156ms 155ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/EqualHousing.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:21 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0ozUIpQOYzGzwC4dMXGGSvritbD2Drshjda30uPT%2BTsBswgDYQPlaxwPrxdCDQABUACYnLtw529DIaZtY67mLxWJKp8svb0%2FgreP26GFq57L%2BIvrPoZV1DC8I2%2F133255XnEPsr7kUyN5CrcDozh1VoUoz4FQnsJgDdw2LirQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc461c990624-IAD alt-svc h3=":443"; ma=86400 content-length 1606
GET H2	200	social-media_facebook3x.png linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	445 B 863 B	229ms 228ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/social-media_facebook3x.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:22 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoofcgZ0R6%2BK5SsdqvJKfMPkVQBDWuOgXqf7fYR6mpLsnqj88xup3ufRwKIo7v61ydkIDhT0%2FcOCzz1dLbwyzKxXir4T%2BhyurRqQoOgQbas%2FzaQCsLTFYvz4K5XqSA3wHobFx7gbBlSwJ3PIh8fNMYEM%2B63yOiFreIGcZ9yMeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc46bd2f0624-IAD alt-svc h3=":443"; ma=86400 content-length 445
GET H2	200	social-media_twitter3x.png linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	1 KB 2 KB	2839ms 2839ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/social-media_twitter3x.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:24 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVZWTcdQ2pb21TlLhN2oIZ%2BwzTVrKjiyxJTliG2IlJD7ynN37IFWcFdOwlFDfWZS56%2BqLQ%2Fmlfs4E7qW7erOI4fVdPRWLH6UMwKHSJUrw9nGDFfDbvB4udwv79Y0RjPf%2BELNvRwOgwCw5W5THwgmZ4%2Fj35RwOzZXyvtNpc1Oig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc46bd310624-IAD alt-svc h3=":443"; ma=86400 content-length 1277
GET H2	200	social-media_youtube3x.png linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/	1 KB 1 KB	2516ms 2516ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkflytoapplycardd.curls.biz.id/CBOL/IA/Angular/assets/social-media_youtube3x.png Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 15:39:24 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2023 00:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M99601bKdNYHsgxwO2lFg5GBRPyWm81mJZGT0OemDlAgRfTvdFvZ%2BIQca2ti%2BacInRpCfxeFgAgakRGZWa4kfF8TW5peNPT1IIRbGHzfXmc9PlY5Bxv3atnebcLlDdHcEmvYr0dHLLRkRW7f6lMAGmLwbynGG2t18DyP%2B2Ejw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 80f5cc46bd320624-IAD alt-svc h3=":443"; ma=86400 content-length 1175
GET H2	451	425466.html Show response sr.rlcdn.com/ Frame A79F	0 98 B	198ms 116ms	Document text/plain	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://linkflytoapplycardd.curls.biz.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Sun, 01 Oct 2023 15:39:22 GMT via 1.1 google
GET H2	200	up Show response insight.adsrvr.org/track/ Frame 02C5	0 60 B	102ms 31ms	Document text/html	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fwww.citi.com%2Flogin&upid=hqgowpz&upv=1.1.0&id=ttdUniversalPixelTag1693072772998&td1=jUSCBOL_LiteLogin Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://linkflytoapplycardd.curls.biz.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-length 0 content-type text/html date Sun, 01 Oct 2023 15:39:22 GMT server Kestrel
GET H2	204	0 bat.bing.com/action/	0 229 B	93ms 44ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=4ab1fc95-72b5-4c5d-b0ea-9fd24abb8f54&sid=3ec11bd0443611eebb2eb5e8fad18e92&vid=3ec22540443611ee862da1bd1f15aed4&vids=0&msclkid=N&pi=0&lg=id-ID&sw=393&sh=873&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Fwww.citi.com%2Flogin&r=&lt=12576&mtp=5&evt=pageLoad&sv=1&rn=605571 Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 01 Oct 2023 15:39:21 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3E293EC0C05244B5BB72940925E6DCDF Ref B: AMS04EDGE3322 Ref C: 2023-10-01T15:39:21Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	0 bat.bing.com/action/	0 230 B	106ms 57ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=4ab1fc95-72b5-4c5d-b0ea-9fd24abb8f54&sid=3ec11bd0443611eebb2eb5e8fad18e92&vid=3ec22540443611ee862da1bd1f15aed4&vids=0&msclkid=N&ec=jUSCBOL_LiteLogin&ea=Application&p=https%3A%2F%2Fwww.citi.com%2Flogin&sw=393&sh=873&sc=24&evt=custom&rn=634500 Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 01 Oct 2023 15:39:21 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1B076E1DA90A4BCFBBEAB4AEF94DEA57 Ref B: AMS04EDGE3322 Ref C: 2023-10-01T15:39:21Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	0 bat.bing.com/action/	0 229 B	94ms 44ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=95ea0907-b34d-4859-8fe7-3caa3bc1d87c&sid=3ec11bd0443611eebb2eb5e8fad18e92&vid=3ec22540443611ee862da1bd1f15aed4&vids=0&msclkid=N&pi=0&lg=id-ID&sw=393&sh=873&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Fwww.citi.com%2Flogin&r=&lt=12576&mtp=5&evt=pageLoad&sv=1&rn=543160 Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 01 Oct 2023 15:39:21 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 927A500CCC564F1096B1A1FC8D941AE7 Ref B: AMS04EDGE3322 Ref C: 2023-10-01T15:39:21Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	0 bat.bing.com/action/	0 487 B	80ms 31ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=95ea0907-b34d-4859-8fe7-3caa3bc1d87c&sid=3ec11bd0443611eebb2eb5e8fad18e92&vid=3ec22540443611ee862da1bd1f15aed4&vids=0&msclkid=N&ec=jUSCBOL_LiteLogin&ea=Application&p=https%3A%2F%2Fwww.citi.com%2Flogin&sw=393&sh=873&sc=24&evt=custom&rn=835873 Requested by Host: linkflytoapplycardd.curls.biz.id URL: https://linkflytoapplycardd.curls.biz.id/log.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://linkflytoapplycardd.curls.biz.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 01 Oct 2023 15:39:21 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6C0F44BA1C8844B3BD13AABB1142807E Ref B: AMS04EDGE3322 Ref C: 2023-10-01T15:39:21Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bing.com/	1970-01-21 00:31:10	Name: MUID Value: 180EB7F3518F6FAB060DA46E50626E21

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://linkflytoapplycardd.curls.biz.id/log.html Message: The resource https://www.citi.com/public/c1a4aa7be6a1555bf6f96086ea852669dd0011213c3f was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
insight.adsrvr.org
linkflytoapplycardd.curls.biz.id
sr.rlcdn.com
www.citi.com
104.102.55.191
2620:1ec:c11::200
2a06:98c1:3120::3
35.190.60.146
35.71.131.137
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
0c3f1eb8ed51e1ad8fd3d55c9d3db71bf888ce035b613565d5bbdfba0935ad45
127997b09ed6fe35d5a363d608590d516c3507c87e0bbd82fe9f5b5915c288ef
280255d34c881ca94627b2a1bfe5a44b068487c6bd9da9d55a01f8763a3c7914
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
62920961d08702254a7deac2601d0481ee1c548fab440b64517c2d86c468843f
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
82b78ed4a68d13bb927ce09291b82255ae0f8d9b28afc70083a328a8977b7713
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
cebe6c7d3188cd697399bc4eeb2b7a3d94b8d461b50eebcd145aa0ecc620c522
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
de30ce055c48c5670e01861f4525298275f6abe9cefe4a05f169bcf8d33ddff0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296