citisupport019.duckdns.org Open in urlscan Pro
35.199.24.107 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citisupport019.duckdns.org/secure/pi.php
Submission: On March 25 via manual (March 25th 2022, 2:43:47 pm UTC) from US — Scanned from DE

Summary HTTP 236 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 23 domains to perform 236 HTTP transactions. The main IP is 35.199.24.107, located in Washington, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is citisupport019.duckdns.org.
TLS certificate: Issued by R3 on March 24th 2022. Valid for: 3 months.

This is the only time citisupport019.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
106	35.199.24.107 35.199.24.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.215.79 143.204.215.79	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.19 143.204.215.19	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	52.4.125.51 52.4.125.51	14618 (AMAZON-AES) (AMAZON-AES)
2	65.9.66.114 65.9.66.114	16509 (AMAZON-02) (AMAZON-02)
10	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:d200:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
42	91.235.133.67 91.235.133.67	30286 (THM) (THM)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	151.101.1.175 151.101.1.175	54113 (FASTLY) (FASTLY)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	91.235.132.130 91.235.132.130	30286 (THM) (THM)
3	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
8	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1 2	142.250.185.211 142.250.185.211	15169 (GOOGLE) (GOOGLE)
1 1	3.10.46.108 3.10.46.108	16509 (AMAZON-02) (AMAZON-02)
236	29

106 35.199.24.107 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.24.199.35.bc.googleusercontent.com

citisupport019.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-79.fra53.r.cloudfront.net

static-assets.dev.fs.liveperson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-19.fra53.r.cloudfront.net

static-assets.fs.liveperson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.125.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-125-51.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-114.fra56.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d200:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)

20766699p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 91.235.133.67 (United States)

ASN30286 (THM, US)

content22.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.134.131 (United States)

ASN30286 (THM, US)

89oebq5ka5z72vtjof2eqz4zlyhquqvchhpf6ybne94e1418c5e1a245am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kpdjwbndi3qhaysjd43gey75mvd6sfljtb3952e1084e5579cam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kpprilek2bfslclf4rbyimja5h3h6zi76a9a5d0684c4c58caam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.chat.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

lp-03.chat.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.211 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f19.1e100.net

px0.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.10.46.108 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-46-108.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
106	duckdns.org citisupport019.duckdns.org	10 MB
45	citi.com online.citi.com Failed contents3.00110.citi.com Failed content22.online.citi.com — Cisco Umbrella Rank: 31431 lpcdn.chat.online.citi.com — Cisco Umbrella Rank: 35378 lp-03.chat.online.citi.com — Cisco Umbrella Rank: 36139	335 KB
16	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
10	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2591	84 KB
9	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3133 89oebq5ka5z72vtjof2eqz4zlyhquqvchhpf6ybne94e1418c5e1a245am1.e.aa.online-metrix.net 89oebq5kpdjwbndi3qhaysjd43gey75mvd6sfljtb3952e1084e5579cam1.e.aa.online-metrix.net 89oebq5kpprilek2bfslclf4rbyimja5h3h6zi76a9a5d0684c4c58caam1.e.aa.online-metrix.net	46 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6433	996 B
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	9 KB
4	pbbl.co 1 redirects cdn.pbbl.co — Cisco Umbrella Rank: 7877 px0.pbbl.co — Cisco Umbrella Rank: 7717	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	114 KB
3	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 316	119 KB
2	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 3348 udc-neb.kampyle.com — Cisco Umbrella Rank: 2681	6 KB
2	medallia.com resources.digital-cloud-citi.medallia.com — Cisco Umbrella Rank: 23247	89 KB
2	tvpixel.com p.tvpixel.com — Cisco Umbrella Rank: 1280	343 B
2	liveperson.com static-assets.dev.fs.liveperson.com — Cisco Umbrella Rank: 26937 static-assets.fs.liveperson.com — Cisco Umbrella Rank: 12788	11 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 281 api.rlcdn.com Failed sr.rlcdn.com — Cisco Umbrella Rank: 11741	164 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 393	397 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 2764	16 KB
1	rfihub.com 20766699p.rfihub.com — Cisco Umbrella Rank: 34103	705 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5644	6 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	11 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 437 Failed	363 B
0	Failed function sub() { [native code] }. Failed
236	23

	Domain	Requested by
106	citisupport019.duckdns.org	citisupport019.duckdns.org
42	content22.online.citi.com	citisupport019.duckdns.org content22.online.citi.com
16	www.google.com	citisupport019.duckdns.org
10	nexus.ensighten.com	citisupport019.duckdns.org
8	www.google.de
8	googleads.g.doubleclick.net	www.googleadservices.com
6	h.online-metrix.net	content22.online.citi.com
3	www.googletagmanager.com	citisupport019.duckdns.org
3	maps.googleapis.com	citisupport019.duckdns.org
2	px0.pbbl.co	1 redirects
2	lp-03.chat.online.citi.com	citisupport019.duckdns.org
2	resources.digital-cloud-citi.medallia.com	citisupport019.duckdns.org nexus.ensighten.com
2	cdn.pbbl.co	citisupport019.duckdns.org nexus.ensighten.com
2	p.tvpixel.com	citisupport019.duckdns.org
1	aa.agkn.com	1 redirects
1	89oebq5kpprilek2bfslclf4rbyimja5h3h6zi76a9a5d0684c4c58caam1.e.aa.online-metrix.net
1	89oebq5kpdjwbndi3qhaysjd43gey75mvd6sfljtb3952e1084e5579cam1.e.aa.online-metrix.net
1	lpcdn.chat.online.citi.com	citisupport019.duckdns.org
1	89oebq5ka5z72vtjof2eqz4zlyhquqvchhpf6ybne94e1418c5e1a245am1.e.aa.online-metrix.net
1	udc-neb.kampyle.com
1	www.googleadservices.com	citisupport019.duckdns.org
1	nebula-cdn.kampyle.com	resources.digital-cloud-citi.medallia.com
1	sr.rlcdn.com	nexus.ensighten.com
1	tags.bkrtx.com	nexus.ensighten.com
1	20766699p.rfihub.com	citisupport019.duckdns.org
1	c1.rfihub.net	nexus.ensighten.com
1	static-assets.fs.liveperson.com	citisupport019.duckdns.org
1	static-assets.dev.fs.liveperson.com	citisupport019.duckdns.org
1	cdnjs.cloudflare.com	citisupport019.duckdns.org
1	idsync.rlcdn.com	citisupport019.duckdns.org
1	stags.bluekai.com	citisupport019.duckdns.org tags.bkrtx.com
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	content22.online.citi.com
0	contents3.00110.citi.com Failed	citisupport019.duckdns.org
0	api.rlcdn.com Failed	citisupport019.duckdns.org
0	online.citi.com Failed	citisupport019.duckdns.org
236	35

This site contains links to these domains. Also see Links.

Domain
online.citi.com

Subject Issuer	Validity	Valid
webmail.citisupport019.duckdns.org R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
dev.fs.liveperson.com Amazon	`2021-07-26` - `2022-08-24`	a year	crt.sh
fs.liveperson.com Amazon	`2021-07-26` - `2022-08-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.tvpixel.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.pbbl.co Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2021-11-15` - `2022-10-20`	a year	crt.sh
content22.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-14` - `2022-08-06`	2 years	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-22` - `2023-03-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
chat.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2021-10-27` - `2022-10-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://citisupport019.duckdns.org/secure/pi.php
Frame ID: BB2C079B5FFED82C3F7B29CE0C19D022
Requests: 176 HTTP requests in this frame

Frame: https://cdn.pbbl.co/i/pp.html
Frame ID: 8ADC1D46326928031BAE063605300EDF
Requests: 1 HTTP requests in this frame

Frame: https://20766699p.rfihub.com/ca.html?ver=9&ra=980&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&pf=&ra=12825007098829921
Frame ID: 56DBDE2310533D4C20EC7FB18705C1EE
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=04A8394A01095BE09EFAFBE93D94C1CC?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jb=343924266a736f773d4c6b6c777a26687b6f3d4c616e77702668716a753d416a726f6f6d246a71623d436a706d6f672730303b39
Frame ID: 66DF14016594E018820263ED3A68AC6E
Requests: 13 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=6D3DC2C92C4B55C61279CB14816CDB71?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jb=363926246a7b6f753f4e6b6e7d78246a716f3d4c696c757a26687162773f436a726d6d67266a73623d416a706d6d652532323b3b
Frame ID: D5D6F21C7AD65CC0C4C65D14F2BB22A2
Requests: 13 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=1C669B4A9B8BC408317423202FDE9AA8?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jb=3c3b262668736f773d446966777a24687b6d3d44696e77782e627162773f41607a6d6d652468716235416a726f6f65253032393b
Frame ID: CBFA010CBCD5A9799BFFF1BB6C6030F5
Requests: 13 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 26D95CE260EF880427BBCD4589AD7F22
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1
Frame ID: BE529606257694FC0BCCA9B073E103B5
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1
Frame ID: 4C5E29114FB304060A19CF9178EAEE03
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1
Frame ID: FBE1F9C58AD9BAD54D5446AB52253F6A
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=bankappstatus&phint=productID&phint=__bk_t%3DAccount%20Verification&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&phint=__bk_v%3D3.1.10&limit=10&r=26829975
Frame ID: 28C40C1C779BB052031E235A33976605
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.chat.online.citi.com/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fcitisupport019.duckdns.org&site=50929468&env=prod
Frame ID: 9A08D97428A21A2C637EEF8ADE82BFE0
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1
Frame ID: CD8D76B303DA7504FFC43852D431591F
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1
Frame ID: 690AC667C7D92CEBDBC0D02A4E53C846
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1
Frame ID: F0D1F3C2D6ECE8F52915259A3A1300F8
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1
Frame ID: B61923D30341FE697D3CB83C955E529A
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1
Frame ID: C260E5924B413AEE0B18DAEB75B13083
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1
Frame ID: B8522FCB521B341FAD4899DA1A261A34
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account Verification

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

236
Requests

96 %
HTTPS

24 %
IPv6

23
Domains

35
Subdomains

29
IPs

3
Countries

10684 kB
Transfer

14032 kB
Size

19
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citi.com/

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JSO/uidn/RequestUserIDReminder.do?fuipFlowInd=userID
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/activate/index
Title: Activate a Card

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JSO/uidn/RequestUserIDReminder.do?fuipFlowInd=pwd
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://online.citi.com/JSO/reg/Setup.do
Title: Register for Online Access

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 231

https://px0.pbbl.co/ns/__p2.gif?ppid=5c86fb02-ff03-465a-a787-217b6947d16d&chk=false&brid=&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&referrerUrl=&targetUrl=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&sessionId=&markerType=seg&rand=oQElpixUkyqqdR4L&iabOptOut=-&jsVer=3.2.1&frVer=&markerId=348192 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=5c86fb02-ff03-465a-a787-217b6947d16d&_segid=99&iid=c49bed8a-07ea-4e26-b1d2-edc966ce6969 HTTP 302
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=5c86fb02-ff03-465a-a787-217b6947d16d&_segid=99&_zip=&hk=&iid=c49bed8a-07ea-4e26-b1d2-edc966ce6969&mt=&bd=

236 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request pi.php Show response
citisupport019.duckdns.org/secure/ 310 KB
310 KB 395ms
95ms Document
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 69607fd04c66f8fb55485f2d1b46edcfb32f92547064115c8bfdadbde3a693a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 25 Mar 2022 14:43:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK f.txt Show response
citisupport019.duckdns.org/secure/pi_files/ 37 KB
37 KB 1452ms
96ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f.txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:54 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 38022

GET
H/1.1 200
OK js Show response
citisupport019.duckdns.org/secure/pi_files/ 153 KB
153 KB 1455ms
97ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7f669a7a46ea19a7725dcf458c9a8a6e6c388c1ee9e45b06e3df714a0fc3b2ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:54 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 156816

GET
H/1.1 200
OK cool-2.1.15.min.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 14 KB
14 KB 95ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/cool-2.1.15.min.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 13891

GET
H/1.1 200
OK bat.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 35 KB
35 KB 95ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/bat.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 35663

GET
H/1.1 200
OK tc.min.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 19 KB
19 KB 97ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/tc.min.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 19498

GET
H/1.1 200
OK js(1) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 95ms
93ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(1)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 192342dece60dbba81a5d57f1ee771e2847dc75ca1028c4ff0caaa89ba0269ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 99403

GET
H/1.1 200
OK js(2) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 95ms
93ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(2)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ce27e9325578e87d56fb6067cea56737c8a1fec538e1a823a72e5c4c2de4ab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 99403

GET
H/1.1 200
OK js(3) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 98ms
95ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(3)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: feb51770e950d4375c64c7045dba448a58adf5363569fa1e1f3e06937aa11007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 99539

GET
H/1.1 200
OK js(4) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 103ms
99ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(4)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4c8e7a9b90d81d5546fd28d8dcc95c51329c2eeda5eac8348ce1ee5913e49fdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 99510

GET
H/1.1 200
OK js(5) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 99ms
95ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(5)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 193238ab76da5459deca110ce1d66df1e8c4704397e025072eb03b2ea88adf0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 99539

GET
H/1.1 200
OK js(6) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
98 KB 95ms
92ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(6)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 51369dbf29e69b578b41d4e58bfd7f7845ff88baa6595c954fa9fddf0dbecf5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 99633

GET
H/1.1 200
OK js(7) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 98ms
94ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(7)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf7853273ca8063f3944cca69bc18fdc056db7c373386b4534a9dbc3a9f8c6c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 99539

GET
H/1.1 200
OK js(8) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 98ms
93ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(8)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3950c8b755ebd006f07c6f1fd8595ddb482de737b2881e93bd25b4e932ba0832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 99539

GET
H/1.1 200
OK js(9) Show response
citisupport019.duckdns.org/secure/pi_files/ 87 KB
87 KB 98ms
94ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(9)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8af070f2f55051d709a513db37d217d7109ae2150bf226100e6b9c7866844499

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 89356

GET
H/1.1 200
OK js(10) Show response
citisupport019.duckdns.org/secure/pi_files/ 87 KB
87 KB 94ms
93ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(10)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2861b2d82fec30deb83e23b981db306dfef251b7712576ee2abfe668e1084ac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 89356

GET
H/1.1 200
OK js(11) Show response
citisupport019.duckdns.org/secure/pi_files/ 87 KB
87 KB 99ms
95ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(11)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 94bd0aa5378cc695113022cf5f09877c2444520fe1e8c1100d7e26f048b25427

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 89356

GET
H/1.1 200
OK js(12) Show response
citisupport019.duckdns.org/secure/pi_files/ 87 KB
87 KB 97ms
95ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(12)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4617d721a72730b105417ff7d971cad16a84a6fb8da05729ac45f69a02396600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 89356

GET
H/1.1 200
OK dpm_pixel_min.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 103 KB
103 KB 95ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/dpm_pixel_min.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 105110

GET
H/1.1 200
OK js(13) Show response
citisupport019.duckdns.org/secure/pi_files/ 87 KB
87 KB 94ms
93ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(13)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8c9db6aae864c399cd193941140f47128eb99ef4310795eda5befe70ff7b3d91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 89335

GET
H/1.1 200
OK js(14) Show response
citisupport019.duckdns.org/secure/pi_files/ 87 KB
87 KB 95ms
95ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(14)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ff8ab7046d29477deea04c4871c3855e3bd73df92dec600c8b387d9905b62ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 89335

GET
H/1.1 200
OK js(15) Show response
citisupport019.duckdns.org/secure/pi_files/ 97 KB
97 KB 94ms
94ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/js(15)
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 460d13e70e1f2ee022a7c67fd5ac1c6a3562b358f00a579e40bb89f4dbfe5a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 99518

GET
H/1.1 200
OK 1560.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 33 KB
33 KB 108ms
108ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/1560.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0381552921b09078836225e4e886944febf6ad68a784203329dbad4505f1b65d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 33942

GET
H/1.1 200
OK bb61038db92ca743e79ac88a2d977efe.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 340 B
594 B 94ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/bb61038db92ca743e79ac88a2d977efe.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 63a37c8b23a9f3953a94d7887a80395ebeb1c25c1c9561fff6a4991c4a6a8676

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 340

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 396 KB
396 KB 94ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 405607

GET
H/1.1 200
OK c1997fc4285b4ded7a3ef6dce5a65f2b.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 22 KB
23 KB 97ms
97ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/c1997fc4285b4ded7a3ef6dce5a65f2b.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 88fc4b693b8bbadd822119802f0b7f3039c7fdaffc03c6a4e4c1ee3b2127a674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 22873

GET
H/1.1 200
OK f1d424be7dfd03475beb6dfc2f1cd2ea.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 118 KB
119 KB 99ms
96ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f1d424be7dfd03475beb6dfc2f1cd2ea.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: ea443941c23136440c6e80fa8c83e99402564222964f960921476eb82bb431f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 121285

GET
H/1.1 200
OK 468b3e37a21c4198f4939c8aaca98066.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 1 KB
2 KB 93ms
92ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/468b3e37a21c4198f4939c8aaca98066.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 1477

GET
H/1.1 200
OK 51aba9f62787efbaa13e53a8d1ae3892.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 1 KB
2 KB 93ms
92ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/51aba9f62787efbaa13e53a8d1ae3892.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 1322

GET
H/1.1 200
OK a9780b65076b52465fb6be4319e40f20.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 155 KB
156 KB 93ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/a9780b65076b52465fb6be4319e40f20.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0e0b42f83994ef5771755c73a41bea8af80a20a8f9deb44649ca34ff75863c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 159062

GET
H/1.1 200
OK 3ae5401499ebbfa990c60e4063f9b6af.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 94ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/3ae5401499ebbfa990c60e4063f9b6af.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 381755f71c74f975a9ac540fe1ede4a3fc9b1fab96d800b86d635d526d27b8a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 1585

GET
H/1.1 200
OK 557566dc60916e3de69e006bef252459.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 93ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/557566dc60916e3de69e006bef252459.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 2183

GET
H/1.1 200
OK 42d4d669434e7d621371bd59ca097dbf.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 5 KB
5 KB 93ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/42d4d669434e7d621371bd59ca097dbf.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 4796

GET
H/1.1 200
OK b641a54c4bb4465a34f84020282406f7.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 6 KB
7 KB 94ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/b641a54c4bb4465a34f84020282406f7.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: be1abd07eb984de88c92e7476d0a6fc2b2bee7d9919b22f57c855e41e79c00c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 6574

GET
H/1.1 200
OK fdf45a7c15c1cee06bb71e10dac4e26e.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 989 B
1 KB 93ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/fdf45a7c15c1cee06bb71e10dac4e26e.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 989

GET
H/1.1 200
OK serverComponent.php Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 277ms
94ms Script
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/serverComponent.php
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 62de83913f3f91a7ba9d488ceeac1f82d534a9eb2d83232ce8c596f9b976b1e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK injectChat.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 43 KB
43 KB 119ms
118ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/injectChat.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4543b2768b57e244c9f96437179a393a81e029453d0d9614fdf3ae2ffd5b722f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 43661

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 250 KB
250 KB 281ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/6c8322c7341eac98645c10e3d1d3c7ae.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6f280b8f6712ea3e40e55b3903f5f90eadf5fbced6c8bd27efb6e40c69ba0023

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 256236

GET
H/1.1 200
OK basket.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 6 KB
7 KB 284ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/basket.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3eaa19d644377a811e7627dbbe98bc8a6fb2b19fbc050717f1fc38b8765a2571

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6475

GET
H/1.1 200
OK jquery-3.5.1.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 281 KB
281 KB 286ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/jquery-3.5.1.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a0e405cbc2cb17d67bc0e67b248ff15340df3ff2ee5516ae9a70fd3f6887c363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 287629

GET
H/1.1 200
OK personalization.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 12 KB
13 KB 372ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/personalization.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9585ca58da703e1f5a200e42562241f4c79fc1f1cbd05e47d39bc61677e8575c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12668

GET
H/1.1 200
OK config.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 0
252 B 93ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/config.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK tagging.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 71 KB
71 KB 93ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/tagging.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: dd866415f5b82a72a060b91d03a907632ec1d539253a885c64d3db6ec9c103e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 72348

GET Interstate-Light.woff
online.citi.com/commonui-assets/fonts/interstate/ 0
0

GET
H/1.1 200
OK styles.7ed094992d90d11d248e.css
citisupport019.duckdns.org/secure/pi_files/ 1 MB
1 MB 210ms
97ms Stylesheet
text/css 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8cb36c55de18f4d25a3074d3d2f7fa7872fe0c1b4692cb073e7f80f9fb461f87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1264109

GET
H/1.1 200
OK Bootstrap.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 289 KB
289 KB 94ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ff723ad535bb51caa4e379125786ca1d328f29faa1bb59733728bf16453053c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 295668

GET
H/1.1 200
OK tags.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 80 KB
80 KB 97ms
96ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/tags.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a3661260f5fa915a71c8b06c99249421c4fde5e0d1ea16fd9b4edebc193d1d9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:01:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 81693

GET
H/1.1 200
OK 0-es2015.489ec12e3f49ea0b89d2.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 377 KB
377 KB 129ms
102ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/0-es2015.489ec12e3f49ea0b89d2.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: da04c4a89418d770d46c6d6acefcd23b7dae8755879d5fe0dcabfd32c4581a6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 386152

GET
H/1.1 200
OK 2-es2015.5dd19900a0d24227d696.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 66 KB
66 KB 201ms
99ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/2-es2015.5dd19900a0d24227d696.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: f031c8addc3054899f1034313b8b4afef5ac979fdd5531659b754bb6d8dc797f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67715

GET
H/1.1 200
OK 5-es2015.c859db52c750ed3faeb5.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 88 KB
88 KB 391ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/5-es2015.c859db52c750ed3faeb5.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: ba13689cff19f616077091c3d1811fcfc076d1dd358fea1b6a9848e1b1128a9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 89813

GET
H/1.1 200
OK 3-es2015.db5973a32283a395ec93.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 25 KB
25 KB 402ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/3-es2015.db5973a32283a395ec93.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3a333053e476f12702fe1ee6ab62ecbc1c93e7c6b8755118c105cfa83a5be6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25260

GET
H/1.1 200
OK 9-es2015.1360a7bc1441d1ada093.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 72 KB
72 KB 489ms
96ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/9-es2015.1360a7bc1441d1ada093.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8a37dfc9b9eddeee43c4bddf8b30d65f6fc90c2c463524e074f2375393de432f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 73217

GET
H/1.1 200
OK 10-es2015.871babd40a84d8e0b8d5.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 304 KB
304 KB 496ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/10-es2015.871babd40a84d8e0b8d5.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: beabf7f6b58604d8b53091c25658f46f235bce808854890df71b091df982d3c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 311490

GET
H/1.1 200
OK 11-es2015.357835f32b9fa3da7238.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 206 KB
206 KB 586ms
96ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/11-es2015.357835f32b9fa3da7238.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 29cd267c36c7212999917902b18dfc95bd25fd6bacb52f77de3a9e8d44ddd92b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 210808

GET
H/1.1 200
OK 13-es2015.07381b51697065976182.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 38 KB
38 KB 597ms
104ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/13-es2015.07381b51697065976182.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 77df238fca2fae644ab8026164e13cd5e922fe2d2fa0b5f48b51d3cc1b319160

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 38519

GET
H/1.1 200
OK 12-es2015.9a1e41728aa0e4124a8c.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 25 KB
25 KB 598ms
103ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/12-es2015.9a1e41728aa0e4124a8c.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: f6749155fbb1917b47bfdac8af72b649886be75ba3badf6749f407d889f4ce02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25278

GET
H/1.1 200
OK 15-es2015.788dad3e75088686ab6c.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 178 KB
178 KB 602ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/15-es2015.788dad3e75088686ab6c.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 85dfb4f11b44b4754d51a49699dcc19ac376b77370384d6887b925031f76a62b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 182008

GET
H/1.1 200
OK 18-es2015.5e9fc509942649d094d5.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 43 KB
43 KB 684ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/18-es2015.5e9fc509942649d094d5.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: b35e0ac1c1df2b196db732eb33b597c024a611c5a7bb3e83fd2728c63ee7f70d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 43852

GET
H/1.1 200
OK 19-es2015.aee63c2f73929d5a0250.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 15 KB
15 KB 690ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/19-es2015.aee63c2f73929d5a0250.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: c5ffee3b1ead3316b818cc9b5e022448fa18a6e8bbc6a5bf662614bc4153f4b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 15548

GET
H/1.1 200
OK 22-es2015.ed87755349985448c077.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 132 KB
132 KB 694ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/22-es2015.ed87755349985448c077.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0dd4443301b86b59084fc52b3cdec159d7decf0501781fd645c3480ee19f36aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 135021

GET
H/1.1 200
OK 31-es2015.029e5e9a7088faf81f19.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 66 KB
66 KB 696ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/31-es2015.029e5e9a7088faf81f19.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: f5759577f184656cb28cc429ce045e8fd9b100ddab9742139efb6c070223b05b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 67137

GET
H/1.1 200
OK 24-es2015.3cfb19f8da6cc56db90a.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 33 KB
33 KB 695ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/24-es2015.3cfb19f8da6cc56db90a.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: c88ab82cd9de58c919b30f8f3d69e3bed3d92a4ae50f4c39813fed728950f518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 34002

GET
H/1.1 200
OK 42-es2015.33ed5cff98a51d7bd5bf.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 107 KB
107 KB 698ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/42-es2015.33ed5cff98a51d7bd5bf.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 76b44569138024274c1ac52267a46803e70ec62193670efc900a5c8a01fdebdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 109101

GET
H/1.1 200
OK 35-es2015.bd4ec124e7b4bf98d19c.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 62 KB
62 KB 774ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/35-es2015.bd4ec124e7b4bf98d19c.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95a2242682b7280bd87784415fc390fdc0fe912bf7e755e3985f93dc8990c235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 63584

GET
H/1.1 200
OK 146-es2015.0f9bc242c8a7525638e9.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 183 KB
183 KB 783ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/146-es2015.0f9bc242c8a7525638e9.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 285ac101b96614b54b3208cbd050c3bee03cbd416d4fb68f896ee12032025b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 187588

GET
H/1.1 200
OK tag.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 21 KB
21 KB 699ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/tag.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21652

GET
H/1.1 200
OK jsonp Show response
citisupport019.duckdns.org/secure/pi_files/ 294 KB
294 KB 698ms
95ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/jsonp
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: c93d13dc8ca4b0d61a1fde4154d1aba44567915b4f7ed6b9b3e65380dd9d353b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 301007

GET
H/1.1 200
OK cedric.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 602 KB
603 KB 701ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/cedric.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 616835

GET
H/1.1 200
OK tags.js(1).download Show response
citisupport019.duckdns.org/secure/pi_files/ 80 KB
80 KB 135ms
135ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/tags.js(1).download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d18bb9a07b436442fb070e20ff9d97059682e173135cfb460b6cc275368de8e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:00 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 81693

GET
H/1.1 200
OK taglet_v2.6.2.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 49 KB
49 KB 777ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/taglet_v2.6.2.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a5d9a621b71e21fa120698673c12167008f90e202e3df3badfef79f6c61f5fee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 50430

GET
H/1.1 200
OK all.min.css
citisupport019.duckdns.org/secure/pi_files/ 58 KB
58 KB 195ms
93ms Stylesheet
text/css 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/all.min.css
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 58935

GET
H/1.1 200
OK style.css
citisupport019.duckdns.org/secure/pi_files/ 4 KB
4 KB 204ms
101ms Stylesheet
text/css 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/style.css
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8f5ef7272818fb6ed438a5239d6824eae8bc2992e46f41c8b15d1ded1ed6ed62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3890

GET
H/1.1 200
OK embed.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 792ms
99ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/embed.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 58edfbfc2f0d71cba3b2f3c7e20e86af09b6e7097c76db4e57cd9b4abe106b50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1573

GET
H/1.1 200
OK eb5c5b30.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 606 KB
606 KB 792ms
97ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/eb5c5b30.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: ce2d6a702e45ae956dcf77690ca854c0a29b0e812e8b65d3d1e8cbc29b5253e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 620558

GET
H/1.1 200
OK tags.js(2).download Show response
citisupport019.duckdns.org/secure/pi_files/ 80 KB
80 KB 94ms
94ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/tags.js(2).download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 88165cfcc670d21cd0088e0099d6d12bf79f310700017652595208c12e265840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 81693

GET
H/1.1 200
OK f(1).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 790ms
96ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(1).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 212d950960a3ccd012409873b6b757d68c107ba215d8162ad3a6a96a88f37523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:37 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2193

GET
H/1.1 200
OK 5696494.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 0
252 B 95ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/5696494.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK f(2).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 869ms
95ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(2).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1e0dd7d96aa094529f745f4232661609f641e8ff5b7485fd5bfeab65e5d68b54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2193

GET
H/1.1 200
OK f(3).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 906ms
118ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(3).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 17c215ae41438e040045c1a582b8be6b5066c16c9bd8938a28a12dcaaa19eac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 2213

GET
H/1.1 200
OK f(4).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 881ms
93ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(4).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6162ff2964cc5682e3b6819d1add7ea813f05a3ab42688518bf16037270e7368

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2192

GET
H/1.1 200
OK f(5).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 889ms
97ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(5).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 877023b4b09b5ec22b13f6404369b418baaa8a37a7eb1e834c3292183951c5a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2193

GET
H/1.1 200
OK f(6).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 959ms
94ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(6).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 39e0ab876c18ef96a1cf28d3f7d56d98b9f463f693f6726f37a47af62f128747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2193

GET
H/1.1 200
OK f(7).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 969ms
93ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(7).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: f74639a6f92a32ebd64603cecf033ba2cb4ff8b0cb9d31c2764b8fc8e2d04b9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2213

GET
H/1.1 200
OK f(8).txt Show response
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 981ms
101ms Script
text/plain 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/f(8).txt
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8a7c5db081b3cb59e85e8bd51424be34173652d0fc71d40108b93fe5f5d4a430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2192

GET
H/1.1 200
OK common.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 77 KB
78 KB 981ms
94ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/common.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4542cfddfb6d29e523f2ad46c02e60d5dfd9f6409c50d88240daad07e0901785

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 79140

GET
H/1.1 200
OK util.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 297 KB
298 KB 994ms
93ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/util.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: aa230c9f14e9c0bbca3fade2af397bfea1fd52e9adf789d6711c806c5910ee1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 304639

GET
H/1.1 200
OK controls.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 92 KB
92 KB 1057ms
101ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/controls.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 415f9fceede84d6907dcf56db5f0e801b298ff8d07b44d79699243e7d7e3f8a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:04 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 93992

GET
H/1.1 200
OK places_impl.js.download Show response
citisupport019.duckdns.org/secure/pi_files/ 51 KB
51 KB 1060ms
95ms Script
application/javascript 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/places_impl.js.download
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 96f507216ce7821b8eb1d3204e63e2dd954b9bb6ca4c037dd54e42af06803a02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:04 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 51807

GET
H/1.1 200
OK citilogoredesign.png
citisupport019.duckdns.org/secure/pi_files/ 2 KB
2 KB 172ms
94ms Image
image/png 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citisupport019.duckdns.org/secure/pi_files/citilogoredesign.png
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1799

GET
H/1.1 200
OK Family.jpg
citisupport019.duckdns.org/secure/pi_files/ 21 KB
21 KB 255ms
93ms Image
image/jpeg 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citisupport019.duckdns.org/secure/pi_files/Family.jpg
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d2aa602e7cd917396aacfefc7dcc6cde27c9b59061f640c81e6087bc7004218f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:04 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 21033

GET
H/1.1 200
OK lock.png
citisupport019.duckdns.org/secure/pi_files/ 416 B
657 B 157ms
95ms Image
image/png 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citisupport019.duckdns.org/secure/pi_files/lock.png
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 677ab8410be4875d37b9a6473506b2a92bd4afd651f39a07b2a2d2dda5ff2703

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Last-Modified: Sun, 28 Nov 2021 16:02:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 416

GET
H/1.1 404
Not Found jquery-3.5.1.js
citisupport019.duckdns.org/secure/assets/js/ 0
0 95ms
95ms Script
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/assets/js/jquery-3.5.1.js
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=84
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET 19469
stags.bluekai.com/site/ 0
0

GET
H2 451 463166.gif
idsync.rlcdn.com/ 0
66 B 50ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/463166.gif?partner_uid=undefined
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:38 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 49ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/taglet_v2.6.2.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9737147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9BL%2FSoxOPhMPaXLs0FQevS5lpHLEWdI4CxRkKorHrcm6IIAty%2BxBoxb2Kjomdv5EHJIV66r%2F6OYfQl9%2B5aZZSAZ1R4vzlzdJnFdm0jaJ4jy5WGX6%2BYcLaad123TzP2SfL21A%2BUtB4eeDC2n3dhwiKNt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f186b83bae1cc42-ZRH
expires: Wed, 15 Mar 2023 14:43:38 GMT

GET
H/1.1 200
OK style.css
static-assets.dev.fs.liveperson.com/citi/projects/start_a_convo/ 4 KB
2 KB 86ms
12ms Stylesheet
text/css 143.204.215.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.dev.fs.liveperson.com/citi/projects/start_a_convo/style.css
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/taglet_v2.6.2.js.download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-79.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f5ef7272818fb6ed438a5239d6824eae8bc2992e46f41c8b15d1ded1ed6ed62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: m8hz8POs.i3IWLKHRbOle.lQIG5rUoNx
Content-Encoding: gzip
ETag: W/"15327b47e9535d411a12f73e2a096b77"
Age: 64
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 21 Mar 2022 16:38:50 GMT
Server: AmazonS3
Date: Fri, 25 Mar 2022 14:43:27 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 5Dox6-sh4veLrFKFjoAky4PgY6cj1X1_NByQ77Ok6kz4XQhtiKR4jw==

GET
H/1.1 404
Not Found /
citisupport019.duckdns.org/secure/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/ 0
0 94ms
93ms Script
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/?cb=lpCb53308x46543
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/jsonp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK taglet_v2.6.2.js Show response
static-assets.fs.liveperson.com/citi/taglets/ 50 KB
10 KB 538ms
440ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.fs.liveperson.com/citi/taglets/taglet_v2.6.2.js
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/jsonp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-19.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24d0957006dcd046e61d54cc2d497930691ce826f6e6c66cd9d8701c1a4d3d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 25 Mar 2022 14:43:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 21 Mar 2022 14:58:17 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: W/"ceef5a442f5299a09318de28bf1f1ab0"
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Id: BQOHYsgBuZ8L0_3OavQ-7azkNRftgXBpLFC8r1vHTSsTE8rR4nrotg==

GET
H/1.1 404
Not Found zones
citisupport019.duckdns.org/secure/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/le-campaigns/ 0
0 92ms
92ms Script
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/jsonp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/secure/pi.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=78
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
BLOB 200
OK 84aae981-36f7-42ee-9090-14b2ea36bc13
https://citisupport019.duckdns.org/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://citisupport019.duckdns.org/84aae981-36f7-42ee-9090-14b2ea36bc13
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 165178

GET
BLOB 200
OK ed541765-7471-483d-be7d-248a76d2ec7b
https://citisupport019.duckdns.org/ 165 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://citisupport019.duckdns.org/ed541765-7471-483d-be7d-248a76d2ec7b
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 169098

GET
H2 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
548 B 46ms
23ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1638140435950&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=1651716325&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
108 B 74ms
51ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1638140436056&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=1071149367&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1638140436060&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=3129746464&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1638140436065&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=921110859&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1638140436069&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=1313448159&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
108 B 23ms
22ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1638140436075&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=3630744643&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
108 B 23ms
22ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1638140436079&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=3201487776&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
108 B 25ms
24ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1638140436101&cv=9&fst=1638140400000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=8&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Faccount-opening%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Fag%2Fopen-cs-acct%2Findex%3FformCode%3Ddeposit-ao%26Promo_ID%3D4FWDQVC8TKCAAG%26product_list%3Dcitigold_interest_checking%26package%3Dcitigold_account%26intc%3D2~7~51~3~171101~2~BANKACQ~CHECKINGOVERVIEWCITIGOLD%26GS%3DNY&tiba=Personal%20information%20-%20Open%20a%20Bank%20account%20online&async=1&fmt=3&is_vtc=1&random=192814741&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found Interstate-Light.woff
citisupport019.duckdns.org/commonui-assets/fonts/interstate/ 0
0 174ms
95ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi.php
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET identity
api.rlcdn.com/api/ 0
0

GET
H/1.1 404
Not Found Interstate-Bold.woff
citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/ 0
0 160ms
93ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
457 B 53ms
26ms XHR
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://citisupport019.duckdns.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 404
Not Found Interstate-Bold.woff
citisupport019.duckdns.org/commonui-assets/fonts/interstate/ 0
0 135ms
93ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi.php
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/ 0
0 99ms
95ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
citisupport019.duckdns.org/commonui-assets/fonts/interstate/ 0
0 197ms
99ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi.php
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.ttf
citisupport019.duckdns.org/commonui-assets/fonts/interstate/ 0
0 200ms
98ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi.php
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET cr.png
contents3.00110.citi.com/api/v1/ 0
0

GET
H/1.1 404
Not Found Interstate-Light.woff
citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/ 0
0 100ms
93ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/ 0
0 175ms
93ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.ttf
citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/ 0
0 106ms
92ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/ 0
0 125ms
93ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/ 0
0 119ms
102ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:39 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
343 B 292ms
97ms XHR
text/plain 52.4.125.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/dpm_pixel_min.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.125.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-125-51.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://citisupport019.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://citisupport019.duckdns.org
date: Fri, 25 Mar 2022 14:43:40 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 406ms
102ms Preflight 52.4.125.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.125.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-125-51.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://citisupport019.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-length: 0
access-control-allow-origin: https://citisupport019.duckdns.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

GET
H/1.1 404
Not Found Interstate-Light.ttf
citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/ 0
0 94ms
94ms Font
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://citisupport019.duckdns.org/secure/pi_files/styles.7ed094992d90d11d248e.css
Origin: https://citisupport019.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=77
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 403 pp.html Show response
cdn.pbbl.co/i/ Frame 8ADC 986 B
1 KB 53ms
6ms Document
text/html 65.9.66.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/i/pp.html
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/1560.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-114.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5f6c15d7dbdd1f437a1da2416cf87e915ed00410d11b0e1a552cc87dad47b569

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

server: CloudFront
date: Fri, 25 Mar 2022 14:43:40 GMT
content-type: text/html
content-length: 986
vary: Origin
x-cache: Error from cloudfront
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: e1VuHiQgayWGLhj-R15A5iBi2wUvYlpcaPMlp5hOvyXENBkizVBbzg==

GET
H/1.1 200
OK / Show response
citisupport019.duckdns.org/secure/ 344 KB
344 KB 95ms
95ms XHR
text/html 35.199.24.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citisupport019.duckdns.org/secure/
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/tagging.js.download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.199.24.107 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.24.199.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061

Request headers

appVersion: CBOLV1.0.0
Referer: https://citisupport019.duckdns.org/secure/pi.php
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
client_id: undefined

Response headers

Date: Fri, 25 Mar 2022 14:43:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=76
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
107 B 159ms
9ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 25 Mar 2022 14:43:39 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 1 KB
740 B 157ms
36ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Mon%20Nov%2022%2016:55:07%20GMT%202021&ClientID=1129&PageID=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ee83bf112607c0d28a8d35b2c85a706cdd66bf9b2e18268e6dfdbfbd3ed96914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Fri, 25 Mar 2022 14:43:39 GMT

GET
H2 200 fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
nexus.ensighten.com/citi/na_prod/code/ 989 B
1 KB 8ms
6ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
last-modified: Tue, 14 May 2019 17:01:42 GMT
server: nginx
etag: "5cdaf476-3dd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 989

GET
H2 200 da6191c2b2959a15b37bb1f025a35ecd.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 9ms
7ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:19:28 GMT
server: nginx
etag: W/"621e63b0-12ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 557566dc60916e3de69e006bef252459.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
961 B 9ms
6ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:59:12 GMT
server: nginx
etag: W/"5d656160-887"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 d74f82b561a6aa5d9247eaf72394131a.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
862 B 14ms
10ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/d74f82b561a6aa5d9247eaf72394131a.js?conditionId0=480881
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 17:36:41 GMT
server: nginx
etag: W/"61a66129-631"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 a81e05b9f5c7e57b0d80e617030f8bd0.js Show response
nexus.ensighten.com/citi/na_prod/code/ 157 KB
34 KB 27ms
24ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/a81e05b9f5c7e57b0d80e617030f8bd0.js?conditionId0=421908
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0bcb15216559cb490a994fc29303e9e66b109926890e7d3abfddbbfcef347c8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 21:07:32 GMT
server: nginx
etag: W/"62325194-275e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 e047f7a400b1380b9dd4b041c45aed8c.js Show response
nexus.ensighten.com/citi/na_prod/code/ 133 KB
36 KB 19ms
16ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/e047f7a400b1380b9dd4b041c45aed8c.js?conditionId0=486757
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ffb651309250e9ce8ca4d6a354d9403cb80ec23ef11eebc6d518163948061c82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 18:42:31 GMT
server: nginx
etag: W/"62265217-2131c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 fb5dd1201f281250801b0d9c5b73ac92.js Show response
nexus.ensighten.com/citi/na_prod/code/ 35 KB
8 KB 35ms
33ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/fb5dd1201f281250801b0d9c5b73ac92.js?conditionId0=467299
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9946d53fd289535b32d7d2fa1bf8c251337dda6ccf582dfe2764bf5101d09081

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 18:42:31 GMT
server: nginx
etag: W/"62265217-8ae7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 7ms
7ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=citiData%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3183206&did=542251&errorName=ReferenceError
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 25 Mar 2022 14:43:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 136ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8046dcf214fab5157b4990859214e88fb91e236b51f30876edc8d66eba262fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37319
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 14:43:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 126ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dfd7aa7feadee64e56df4067d4697eb1428f6d880951fe8dd980933a6a7d182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37318
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 14:43:40 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 127ms
12ms Script
application/x-javascript 2600:9000:2156:d200:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/fb5dd1201f281250801b0d9c5b73ac92.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 13:59:06 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 13:58:56 GMT
server: Jetty(9.3.29.v20201019)
age: 2674
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: 06SBbTY15hBzxILuIlfB2V1i2hTpV5WlvH9_v1BDzbMspp_rL-Tmhw==
expires: Fri, 25 Mar 2022 14:59:06 GMT

GET
H/1.1 200
OK ca.html Show response
20766699p.rfihub.com/ Frame 56DB 118 B
705 B 148ms
19ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20766699p.rfihub.com/ca.html?ver=9&ra=980&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&pf=&ra=12825007098829921
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/tc.min.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:40 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 118
Server: Jetty(9.3.29.v20201019)

GET
H2 200 generic1634752371595.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 527 KB
88 KB 40ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1634752371595.js
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/embed.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 6ztX3qWQv7AuHQ8Loe8lhcbddbcREYoc
content-encoding: gzip
etag: "045174c5e0174dd804b9dda17b772d12"
age: 239233
via: 1.1 varnish
x-cache: HIT
content-length: 89242
x-amz-id-2: T65+KBMq4UbuyjN/NLUBIeEH5rh5ZuLo+5MWonqJp0v8H2fYLEG0mtXLDTZwXijASpAoq3ibxmI=
x-served-by: cache-hhn4032-HHN
last-modified: Wed, 20 Oct 2021 17:52:53 GMT
server: AmazonS3
x-timer: S1648219421.894898,VS0,VE1
date: Fri, 25 Mar 2022 14:43:40 GMT
vary: Accept-Encoding
x-amz-request-id: SVXSQPM3JPZ02CT0
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK check.js;CIS3SID=04A8394A01095BE09EFAFBE93D94C1CC Show response
content22.online.citi.com/fp/ Frame 66DF 432 KB
76 KB 167ms
29ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=04A8394A01095BE09EFAFBE93D94C1CC?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jb=343924266a736f773d4c6b6c777a26687b6f3d4c616e77702668716a753d416a726f6f6d246a71623d436a706d6f672730303b39

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/tags.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

bf7557c6ca1e4931710e0582914754a296dbc86d54ec8ef2de86f23c4ac0deb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: e94e1418c5e1a245
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 66DF 81 B
475 B 227ms
57ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 66DF 81 B
475 B 250ms
70ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=6D3DC2C92C4B55C61279CB14816CDB71 Show response
content22.online.citi.com/fp/ Frame D5D6 432 KB
76 KB 211ms
24ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=6D3DC2C92C4B55C61279CB14816CDB71?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jb=363926246a7b6f753f4e6b6e7d78246a716f3d4c696c757a26687162773f436a726d6d67266a73623d416a706d6d652532323b3b

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/tags.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

d4a278ae83dd32f6c3103c02e4d759443923ec55ab313f79dd4ec31f5b6d8f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: b3952e1084e5579c
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame D5D6 81 B
475 B 283ms
92ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame D5D6 81 B
474 B 266ms
56ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=1C669B4A9B8BC408317423202FDE9AA8 Show response
content22.online.citi.com/fp/ Frame CBFA 432 KB
76 KB 55ms
24ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=1C669B4A9B8BC408317423202FDE9AA8?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jb=3c3b262668736f773d446966777a24687b6d3d44696e77782e627162773f41607a6d6d652468716235416a726f6f65253032393b

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/tags.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4a80f71a4e39521f36ad7ea4bcc4e78b213fcc688b2d82863df1b9b27fccb307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: a9a5d0684c4c58ca
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame CBFA 81 B
475 B 123ms
105ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame CBFA 81 B
475 B 119ms
104ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 2 KB
935 B 10ms
9ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5d1c26722742c44e62a4fbb4b67117d2587aa320f61784a27fea9d66d9f62b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 7ZFGbm5gfkxV.pQuBY8LWu5zWeTQ0IFs
content-encoding: gzip
etag: "a698e80bc62ebcae5d8ef95ef0d2804d"
fastly-original-body-size: 1573
age: 311494
via: 1.1 varnish
x-cache: HIT
content-length: 675
x-amz-id-2: u1tZNaC/5T/pnBxInHESXg2tp+0XOzw+i+e+nLGUvcg0/fF1c1+TVdFHYPFKqoR+63eRSZLZFSI=
x-served-by: cache-hhn4032-HHN
last-modified: Fri, 25 Feb 2022 18:17:26 GMT
server: AmazonS3
x-timer: S1648219421.908758,VS0,VE0
date: Fri, 25 Mar 2022 14:43:40 GMT
vary: Accept-Encoding
x-amz-request-id: 1R98NRXW2SWENTVP
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 19

GET
H2 403 1560.js
cdn.pbbl.co/r/ 0
0 11ms
10ms Script
text/html 65.9.66.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/1560.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-114.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 35ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/Bootstrap.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c85082270eaf5b0868051c692dc68c18ac3695b120cef75a8631b6f1b78306a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41061
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 14:43:40 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 129ms
24ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Fri, 25 Mar 2022 14:43:41 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Fri, 01 Apr 2022 14:43:41 GMT

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame 26D9 0
98 B 177ms
113ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/fb5dd1201f281250801b0d9c5b73ac92.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

date: Fri, 25 Mar 2022 14:43:41 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 45ms
15ms Script
application/javascript 151.101.1.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1634752371595.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 915311
via: 1.1 varnish
x-cache: HIT
content-length: 5197
x-amz-id-2: OKLKeoCQdr5ZWK3uTF80m/4hXbAfTQkfIDsdLCQL4eKbUH8QzSNVnfqg0KyAWkAZPedyK0I2rw4=
x-served-by: cache-hhn4062-HHN
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1648219421.032237,VS0,VE0
date: Fri, 25 Mar 2022 14:43:41 GMT
vary: Accept-Encoding
x-amz-request-id: 29X5B0JQ5349GDJC
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 50639

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 48ms
18ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/js(8)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 14:43:41 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 116ms
94ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY0ODIxOTQyMTYyMSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTdmYzE4ODdiYjM0YWItMDVkMTgyNWQ0YzQyZWMtOTc3MTczYy0xZDRjMDAtMTdmYzE4ODdiYjQ4NDYiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9jaXRpc3VwcG9ydDAxOS5kdWNrZG5zLm9yZy9zZWN1cmUvcGkucGhwIiwid2Vic2l0ZUlkIjogNTAsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImVjNTYtMjhjMC1hMmU5LWFkZjctYzQ0My1mM2NjLTEyYmUtNGI2NiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjQ4MjE5NDIxNTIyIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDYwMywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDEuMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDEuMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY0ODIxOTQyMTUyNiwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-51zh
date: Fri, 25 Mar 2022 14:43:41 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 2 KB
1 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1648219421631&cv=9&fst=1648219421631&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57f721a0d7011a6345e3fded1dbb90fcf0c1417d5cdedceabf513563d5858bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 2 KB
1 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1648219421637&cv=9&fst=1648219421637&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b6a595ca9b3756ba139435f9799c0fe33a3d0792a6183a47f37da93a4fbabfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 2 KB
1 KB 40ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1648219421639&cv=9&fst=1648219421639&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

795d93d4bcfb8d59591e498c1939b5c05e82eca75aadb841aa27005c23b58f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ 2 KB
1 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1648219421641&cv=9&fst=1648219421641&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5cf88228e5e29b02d405a963a31e7a3877be49d2586ae83b8a9c5fba8caeb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ 2 KB
2 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1648219421643&cv=9&fst=1648219421643&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e60b7011ab760f823e80c82126648dd4a505275ffd8f1ef008ac6a8c22c6b4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1041
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ 2 KB
1 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1648219421645&cv=9&fst=1648219421645&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2f80f761bef2338508d37e678b066431c591b5145db478a363da6a9b5dfc5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1041
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 2 KB
1 KB 44ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1648219421647&cv=9&fst=1648219421647&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e40a63bfa92e9540922774b587000dabbe0d5ff2ffb7668921c14a3ea68689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ 2 KB
1 KB 60ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1648219421649&cv=9&fst=1648219421649&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c238d7371cd4304e77f6fc013491a50258da357e16d97477b75237aa2a39bc26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 66DF 81 B
542 B 138ms
43ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=04A8394A01095BE09EFAFBE93D94C1CC?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jb=343924266a736f773d4c6b6c777a26687b6f3d4c616e77702668716a753d416a726f6f6d246a71623d436a706d6f672730303b39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/e94e1418c5e1a24541f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c
Referer: https://citisupport019.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Last-Modified: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Etag: 264fcb5f0438401d899eb7b4748d37f9
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://citisupport019.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 24 Mar 2027 14:43:41 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403 Show response
content22.online.citi.com/fp/ Frame BE52 84 KB
13 KB 98ms
98ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f937a57605aa20f48e29bd6ca9edb045cbb135641bb369b23790e51f0bd0ab38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 66DF 0
387 B 55ms
54ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403 Show response
h.online-metrix.net/fp/ Frame 4C5E 98 KB
15 KB 363ms
17ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

886863cdb7af195837445026b7c67989ab259415d74c8c730f9a22fa675649f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 66DF 0
387 B 97ms
96ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jd=353824266a666e3f33382468646a3d366c3633633838323b6367353e39333b606662616b64393a6265353333353134246866766e3d303a333431383138

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 66DF 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403 Show response
content22.online.citi.com/fp/ Frame FBE1 84 KB
13 KB 55ms
55ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

435ed1b1a4195b05814eba670c9be977ffea2c7d6cef45d4294729a187616acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 66DF 0
218 B 116ms
115ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&ja=31383b392626633f3026783f3224663f39363030703130383024636e3d3134323078333a3230247378793f327a32246672723f312c313632302e3330303024333630322c313230322c313432322e313038302c313e303224313032382c302e32266d763563383a326162616661353566666666663965613a3433333637303e6039613561266d6e3f34267161663f32362e6c683d607476787327314925324427324661617669717570706d707632333b2c6477636b646e712e6d706525324e71656377726525324470692c726a7226667a3d2670643d312e706a3f3f3866303a6161346a616660653131316035313a3563653264336264603266362468683567653860366334303135636167613531303d6639616b64633d38343b6a37333b246a736d354e696c7578266871603f416a706f6f652532303b392468716f75354e696e7778266a7360753d416a706d6d672e6e686335342466646f3f30267478663d45766b273244556e6b6c6d756c246f63746a723d3430323366336132626d61303267366363353430303a30636631373d3430316e64363d383a333c316434676161303c66633b34616660663530313331313b366126703f706e7765696e57646c6171685e66616e736523726e77676b665f776966646d7f735d6f6d6469635d706c637167725c66616c716723726e7765696c5f61646f60655d6361726f6a63745e64616c736523706c77656b6c5f737d69636b7c696f6d5e646364736523726c7565616c5f71686f6369756374675c64616e736521706e75656b6c5f726d636c706e617965725c66616e716723706e7d67696e57766e6b5f726e697965705c66616e7b6721726c75676b6c5d666774636c74725e66616e736723726c756f6b6e5f7176675f766b657767705c64616e7b652170647565616e5d686976615c64616c716d24676e5f633d756760656e556762454c253230332e32273030284772656e454c2532304753253032302c30273a3043687a6f6f61756f2b5f6562454e2532324f4e534e2532304751273032332c30273230284f72656c454e2532384753253030474c534e2532324751273232392e30253a304160726d6f61756d2b5565624961765767624b6976273032556760474e414e474c475f6b6c717461666165645d617272617b732531402730304750545f6264656c6c5f6f6b666d617a273342273a32455a545f636d6e6d705d6077666465725f68636c645d646c6f6976253340253230455a545f646e6d63745d6a6c656e6c25314a2530324d58545d64726165576665727468253140273032475a545d7368616467725d766778747d70655f6e6f64253340253232475a565f766d7874757a655d6b6f6f727a6573716b6f6e5d6a727461253342273032475a565d746778747572675f616d6f70726d7173696d6e5f726776632531402730304750545f746d78767d72675d6e696c7667725f63666b736d74726f726b612731402732325745424b4b545d475a545f7c6778747772655f666b6c7467705d636e6b7b6f747267706b6b2531402d3230475a545f715a45422733422530324d47515d676c676d656e745d696c6667785f7d6b6e742733422532324f45515d64606f5d7a656e646d725d6569726f69702531402532324747535d7374616c666370665d666570697661746b7667712733422d30304f47535f74657a747570675d646c6d697425334a2530384f47515774657a7675726757646c6d61745f6e6b6c6763702733402532304f47535d766778747d70655f6a616c665f646c6f6376273142273a304f455b5f766d7876777a655f6a636c665d6e6e6f63745f6c6b6c6763702731422732304f45515f7467707465705d61727061795f6f606a656176273142273a3057454a474e57636d6e67725f60776666677a5d666e6f6174273140273032554540474c5f636d6d72706773736d665f746778747572675f617176612733402d3230574d4245445f616d65707267717365665776657a747572675d677661273142273230574540474e5d616f6d787065737165645f746778747770675d65766b3125334a2530385747404f4c5f616d6d70706d717367645f74677a767770675d73317463253340253032554542434b545f554542474c5d636f6f72706773716d645f746d78767d72675d7b337461273342273a32574742474c5d616d6f727067737165645f746778767770655f7b3174635d737267622733422730325545404f4c5f646d62776f5f70676664657067725f6b66646f273342253032554740454e5f66657074685d74677a7675726d2733422732305745404b49565d55474245445f646578746a5774677a7c757267273342273a32574742474c5d667063755d60756466657273273340273030574d40474c5d6c6f73655d636f6c76677a74273b4225323857474a4b4b5657574540454c5f6e6771655d636f6e76677a76273140253030574542454c5d6f776c74615d64726377313626656c5f6a3f313b30323e3065356d35373b3364356e61666037306136696730373134666434303a6336313163632677676e763f4b6c7465642732304b6e632e2675676c703f4b6c74676425323041726b7b2530324770656c454c253038476e65696e65246161663f31&jb=313531266c713d4f6f7a6b6e6e6325304e352e302d323220576b6c6c6f77712732304c5c27323231302e32273140273032576b6e363425314227303278363c2b2532324170706c67576560496b7625304e3533372633342d32322a4348544f4e2532412d30306e696b65273032456761696f2b253230436a726d6f6725324e3b392e322e343834362e353327303253636e6172692d32443d33352c3b36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5ka5z72vtjof2eqz4zlyhquqvchhpf6ybne94e1418c5e1a245am1.e.aa.online-metrix.net/fp/ Frame 66DF 81 B
438 B 90ms
19ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5ka5z72vtjof2eqz4zlyhquqvchhpf6ybne94e1418c5e1a245am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 63068 Show response
stags.bluekai.com/site/ Frame 28C4 71 B
363 B 182ms
182ms Document
text/html 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=bankappstatus&phint=productID&phint=__bk_t%3DAccount%20Verification&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&phint=__bk_v%3D3.1.10&limit=10&r=26829975
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 8332
X-Akamai-Origin-Object-Size: 71
Date: Fri, 25 Mar 2022 14:43:41 GMT
Connection: keep-alive

GET
H2 200 storage.secure.min.html Show response
lpcdn.chat.online.citi.com/le_secure_storage/3.15.0.0-release_5063/ Frame 9A08 39 KB
16 KB 224ms
102ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.chat.online.citi.com/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fcitisupport019.duckdns.org&site=50929468&env=prod
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/jsonp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

date: Fri, 25 Mar 2022 14:43:41 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 25 Mar 2022 14:53:41 GMT
cache-control: max-age=600

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame D5D6 81 B
541 B 49ms
49ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=6D3DC2C92C4B55C61279CB14816CDB71?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jb=363926246a7b6f753f4e6b6e7d78246a716f3d4c696c757a26687162773f436a726d6d67266a73623d416a706d6d652532323b3b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/b3952e1084e5579c3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8
Referer: https://citisupport019.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Last-Modified: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Etag: d2a801fa1bb04fc185e9b3bd007c1122
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://citisupport019.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Wed, 24 Mar 2027 14:43:41 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF Show response
content22.online.citi.com/fp/ Frame CD8D 84 KB
13 KB 118ms
117ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2397b371cd59cbb64a009d1f20e86bf3888154a44119a41364eb4aaaa1128d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D5D6 0
387 B 53ms
53ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF Show response
h.online-metrix.net/fp/ Frame 690A 98 KB
14 KB 75ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

0db455314959388ff4c61f56f84bc1f9b2f297016ea051b44787c6f1cf4ef80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D5D6 0
387 B 94ms
94ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jd=373626246a6e6e3d313a246a6e683f3466363363303a3031636735363b313960666063616639386265373333353336266a64766c3f30383632333a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame D5D6 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF Show response
content22.online.citi.com/fp/ Frame F0D1 84 KB
13 KB 116ms
115ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2a92cf7e050d0d30fc44485adb1665334df549da077b9d2b92fecf437f091f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame D5D6 0
218 B 21ms
20ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&ja=3338393b262e633d3224783d3826643d3336303078333232302463663f333632307a313030302673787b3f327a30266470703f332e313430382c333a30322e393430302e313a30302e333430382c333232302c313632302e313032302e322c32266f743f613838326160616661373764646466643b6563383c31333c3732346a3b61376326656e3d362471636c3d3034246c683d6876747273273141273046273244636b7469737570726d70763031392e66776169646c73266f706f2530447b67637570652d3246726b2c7060702464703d26706c3f3324706a3f373a64323a6163366063666265313331603533383761673266316266623a64362e686a3f3836633966373d3763643166656d343b613538353337303337326333343a3533246a716f3f4c696e7578246871603d4368726d6f67273232393126687b6f773f446b6e757a26627362773f41687a6f6f65246e68633d36266c646f3f3824767a663d477461253246556e696c6d756e266d61766a703f3432303b64336b3260676b32326534636b353632323a32696433353734303166663437383a3334336636676163323664633934616460663532333133333b346326723d786c776f696c5d6e6e61736a5e6e616c71672370647565696c5f77696e666f75735d6f65666b615d706e617b65725e66616e716723706c75676b6c5d63646d626d5f636b726d6069765e66636c7b6521726e7767616e5d717769636b746b6d675e64636c716721726c77676b6e5f73686f6169756376655e66636e716721726c7d676b665f7067696e706c63796d725e64636e736d21726c7767696e5f746c615f726e617b67725c66636c716521706c75656b6c5d646576616e74705c66636c7b6523786c7765616c5f737467577669677567725666636c716521706c77676b6e5d686174635e64616e736726676c5f633f756760676c576560454e273232312630273a302a4d78676e474e253a3045512730303a2e322530304368726d6d6b756f2b576760474e253030454c534c2532324751273230312e32273032284d706d6e45442530324d512532324744534c273032455b253030332e30253232436a726d6f69776f295565604b6b745765624b6b76273030576562454e434c474e4557696c7b74636c6b67645f63727a6179712731422d3232455a545f626c676e665f6f6b6e6f63782733402530304558545f616d6e6d725f6275646467705f6a6164665d6e6c6d637c2733422732384558565d646c6761765f606c656e64273340253032455a565f647263675d64657074682731402732304558565d716a6166657a5f766d7876777a675f6c6d642d33422730324550545d746778747572675f616f6f72726771736b6f6c5f607074632533402730324558545f76677a7675706557636d657070677b71696f6c5f7a6774612731422d3232455a545f74657a747772675d666b6e7467725d616c69736f74726d726b6125334225303255474249495c5f4750545d766d7a747570655766696e76677257616c69716f74726f726961253140253032455a545d735047422533422730324d45535f656e676f676e765f616e666d785d77616c742531422d32304d47515f6e626d5f70656e6465705f6f69726f61722733402530304d45535f7374636c666372645f6467706b746176697e65712d3340273a324f45515f7c65787677706557666e6f63742533422732324f47515f766778767570655d666c6f61745d6e6b6c6561722531402730304d455b5f766d7876777a675f68636c6e5f666e6d63742d33402530304f45535d746778767772675d68636c645f646c6f61745f6e6b6c6761722533402730324f47535776677a74677a576372726379576f62686761742d3340253030574542454c5d636d6e6f705d6277666465705f666c6f6176273140253230574740454e5f616f6570706d7371676c5d74657a747d72655d6371746b253142273230574540474e5f616d6d727065717367645d746578747570675d6774632533402730325747424f4c5d6b6f6f727a67737367645774657a7677726d5f67746131253342273232574740474e5d636d6d727267737365645f76677a767572655f713176612531422d32325f45404941565f5747424f4c5f616d6f707a65717367645f74657a747772675d73317663273340253030574542474e5d616d6d707265717167665f76657074777a655d713b76635f71726f62253140273238574742454c5f64656075655f70676e66677267725d696c666f253342273032554542474c5d666772746a5f7c657a7c7570672d31422530305f4542494b565f5f4540474e5f64657076685d74677a74777065273340253030574542474e5d667061775f62776464677271253b42273a3055474a454c5f6e6f7b655f616d6c746d78762531422532305545404b4b565f554742454c5d6c6d73655f636f6c76677a7425334227303255454047445f6f7d6c766b5766726175313e26676e5d6a3d3b3932303430653565373531336435666364623730633463653035313464643430386134333363612477656c7e3d4b6674676e2d3030496c63262677656e703d416e76656e253230497069712530324f72676e454c273232456e67696e67246161643d32&jb=333533246c793d4d6d786b6c6461273244352e302530302a576b6c646d75732732324e5625323031302c32273142253230556b6c343427334a253038783436212732304370786c655567604b61742732443533372e31362732322a4b4a564d4e2530432732306c696b672730324765636b6d2b27303041687a6f6f6d253044313b2e302c343034342c3733253a305161646172692530463733352c3334

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kpdjwbndi3qhaysjd43gey75mvd6sfljtb3952e1084e5579cam1.e.aa.online-metrix.net/fp/ Frame D5D6 81 B
438 B 182ms
56ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kpdjwbndi3qhaysjd43gey75mvd6sfljtb3952e1084e5579cam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1648219421631&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=4219990015&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
548 B 206ms
20ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1648219421631&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=4219990015&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame CBFA 81 B
541 B 54ms
54ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=1C669B4A9B8BC408317423202FDE9AA8?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jb=3c3b262668736f773d446966777a24687b6d3d44696e77782e627162773f41607a6d6d652468716235416a726f6f65253032393b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/a9a5d0684c4c58ca9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222
Referer: https://citisupport019.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Last-Modified: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Etag: 78f0f3aad11e4b9494fae17f3382e56c
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://citisupport019.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
Expires: Wed, 24 Mar 2027 14:43:41 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C Show response
content22.online.citi.com/fp/ Frame B619 84 KB
13 KB 118ms
117ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7b86dcbc7d23afb0672afeb544110b3d9383a6d93aa6af632a40274f6b3b80fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CBFA 0
387 B 108ms
108ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C Show response
h.online-metrix.net/fp/ Frame C260 98 KB
14 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

b31783eca71cbfc817946f55cce539e6eeb6a0395400370bfe610cda82e6a940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CBFA 0
387 B 109ms
109ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jd=3d34262668666e3f33302662646a3f366c34336b303832336b6d35363b313b6a6e606363643b3a626d373331373136266864746c3d3238373a313a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame CBFA 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C Show response
content22.online.citi.com/fp/ Frame B852 84 KB
13 KB 98ms
97ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

24315593adbe134c4b2a829df101e84a20d1bc1b6305eb7fd95641c08bf0eba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame CBFA 0
218 B 96ms
96ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&ja=393b30302426633f302e7a353224643f3934303878313030382e63663f333438387a313232322473707b3f307832266472703d332c333430302e333232322e333e32302c333230322c393638322e333038322c393630322c393a32302e322e382e6f743d633a3a3269606164633537646664646439676338343333343532346031633761246d6e3f342e736b663f30362e6e6835687476707b2d31412730442d3a446369766b717578726d72743231392c6675616b666c732e6d7067273044716d6175726725324470612e786a7224667a3f26786c3d312678603f373a643030696336626164606539333162373138376367306633606662326636266a6a3f313e34616563353434633f303d6663323b3e66626c623863636e303037353a632e62716f3d4e6b6c7570246873623f4368706d6d6725303239392468736d773f4e616c7578246a736075354360706d6f672e6c686b3d34246e6c653f382476786c354774632730445566696c6f776c266d637668703d363230336633633060676138306536616335343038383a636633373d36303966643635303033343366346d6963323466613b346964606437303331313339346124723d706e77676b6c5d64646373685c66616e736d21786e77656b665d77616e646d777b576f65666b6357786e617967705c66696e716521726c75656b6e5d61666d62655d6363706d60637c5c66616e7365237064756f6b6c5d737d6b636374696f65566e636c71672378647767696c5d7168676169776174655e64636c716523726c75656b6e5d70676364726c617b65725c66696c7b6723726e7d6569665f766e6357786e617b6770566e636c736723726c7d656b6e5f666576636e76705e64636c736723706e77656b665d7376655f766b657f657a5c64636e7b6721786c7565696657686174635c6e696e736524656e5f6b3f756562656c576760474e253032312e322732322a4d726d6c474c27323047532d3238302c32273a324360726f6f697d652b57676045442d3030474e514e253a324753253030312c322530302a4d70656c454c273032475b273230454c534e253a304d51273032392c302d323041687a676f69776f2b5f6d604b6976556762436b76253232576560454c434e454e455f6b6c7376636c616d665f617072617b732d334a2730324750565f6a6c656c6457656b6e6f637a2d3b40253232475a5457616d6c6f705f6277646667725d6a616c645d666e6d63762d3142253030455a545766646d63765d6a6e6566642531422d3a32455a565d6e7a63675f6667727460273142253030455a565f7168636665725d76657a7677706d5d6c6f66253340253a304d5a565d766d7a747d72655d636765727267717161676c5f62727661253b402732304758545d76657a747770655f616d6d727067717b6b6f6e5d726776632d334a2730324750565f7c657876757a6d5d666b6e766d7a5d616e6b716d747a6d7269632733422730305545404949545d4758565d766770767572675f666b6c7c657a5d636c6b7b6d747a6f706b632d3b4025303247505c5d7352454027334a2730304f47535f676e656f656c765f696c66657a5d776b66762533402532324f4d535764606d5d7a676e6c65725d6d61786f617227314a2d30304f47515d737c636c646170645f6667726b766376697667712531402730384d45535d74657a747d726d5d646e6d6976253b42253030474d515f76677a7c7d70655f646e6d617c5d6e696e6761722731422732324d45535d76657a7677706d5d68616e665f646c67617c273140273a324f4d535f7665707c7772675d6a6964645f666e6d6374576e6b6e6563722531402530304d47535f74677276677a5d697072617b5f6f606a6d637c273140273a32574d42474e5f6b676e6f705d607d6e6465725d646e6f6976273342273230554742454c5d616f6d7270657171676657766578767572675f69737c612731402d30305f4542454c576b6d6d7270677b7b67645f76677a747d70675f657663253140253030554742474e5d636d6f72706d717365665f7467787c757a675d67766b33253b422530305f4d40474e5d6167657272657171676457766778747772655d71337663273142253032574740494b5c5d574540474c5d63676d78706771716d665f7c657876757a6d5d733176612d3b402532325547424f4e5d636f6f707267717367645d766578767772675d71317c615f7370676227334a253a325547404f4e5f6c65627767577a676e6667706d7a5d696e646d27334a273030574742474e5d646770766a5f74677a74777067273b402532325745404b41545755474045445d646d70746a5f7c6d7a747770672d3b402532325547424f4e5d647263775f607766646570712533402732325547404f4e5f6c6d73655d63676e7c677a76273b40253a305747424341565f5547404f445d6c6f71675d63676c76657876253340273232574740474c5d6f756e766b5d6c706177333626656c576835313b32323e32653d653537333b6e35666364603d38633461673237313c646436323a6134313361612675656c763f4b6e76676e273a32496e612e2675676472354b6c76676427323849726b732d3a324f72676c4f44273230476c65696667246363663d313b&jb=393733266e713d4f6f7269646e6327304e372e38253232285f616c646d75712d3a324e5427303231382c3225334025323255696c36362733422730307a34362b2d30304172706c67576d62436b7627304e37333f2e3334253a382a4b4a564f442d30432530326e696367273230456563696d292732324168726d6f652730443b312c302e363834362e3d312d303251636e637261253244353b3f2c3334

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kpprilek2bfslclf4rbyimja5h3h6zi76a9a5d0684c4c58caam1.e.aa.online-metrix.net/fp/ Frame CBFA 81 B
438 B 173ms
51ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kpprilek2bfslclf4rbyimja5h3h6zi76a9a5d0684c4c58caam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame BE52 0
387 B 52ms
52ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1648219421637&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=2295782408&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/830907969/ 42 B
64 B 38ms
20ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830907969/?random=1648219421637&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=2295782408&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1648219421639&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1684945802&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/960621875/ 42 B
64 B 38ms
22ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960621875/?random=1648219421639&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1684945802&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1648219421641&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=3762019076&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/975701947/ 42 B
64 B 34ms
19ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975701947/?random=1648219421641&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=3762019076&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1648219421643&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1813061452&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/695231162/ 42 B
64 B 42ms
27ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695231162/?random=1648219421643&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1813061452&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1648219421645&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1629464614&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/959299794/ 42 B
64 B 36ms
22ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/959299794/?random=1648219421645&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1629464614&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1648219421647&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=3483624833&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/644574043/ 42 B
64 B 33ms
20ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/644574043/?random=1648219421647&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=3483624833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1648219421649&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1447276903&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/819500023/ 42 B
64 B 34ms
21ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819500023/?random=1648219421649&cv=9&fst=1648216800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&tiba=Account%20Verification&async=1&fmt=3&is_vtc=1&random=1447276903&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 66DF 0
387 B 114ms
114ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jac=1&je=3136312626706d3f79657124606374717c3d7b226465746d6c2038392e30322e22737669767571223a22616a6370656b6c67207d26617566683f61633762316736653438316363636336643063356333313239333e33363e6237613b31373b346234663066643638363032313a6467366430316663643836353b246778333560373132346231323b33383b66363536313b6363343d3633303667313a6665613462663b3c333767

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CD8D 0
387 B 112ms
112ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D5D6 0
387 B 114ms
114ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jac=1&je=3336332426786d3d7b6771266a617673763d7b226c6776676c2038312c32302e22717463747573223a20616a637267696e65207f24617764603d616937603b6d3465363a316b636161346432693761313b3239333631343462376133333539346236643a64643438363232313a6665346632316461643a343d39246d78313f6a3531303662393239313a3b643c373433316363343534313a366731326467633462643936313765

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame B619 0
387 B 97ms
96ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF
content22.online.citi.com/fp/ Frame D5D6 0
400 B 52ms
52ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jf=363134247361645f706c663d7c64705f4f584a3671494b786875565633496331267169665f646174653f3334363832313936303024736b6457747b78653f756d603a6561647b6126716b665f63657b3d31303539333231313034323730633834343a63673364303230333234323832613834363a61653164383332393035323b36323032303c62363a6460343936606266663635356463346136313163376260633261636664633633616336633137646566613b343236656938323c3737303b60303761333b3933363366373c663564613335326232376461373362313334373033386737366165373a3666356265306430333035623562693867693537646e3b366336656c26736b665d7361673f333234343032303037333430373b643935393138326462626533643b616665343530323364366631316e663a6b3233363b66373164646a323364306362303237333b3962353066373232303231316764643731373737623264333463333233666566323b3b333737373b613730346667693b616535623e6366353532363e306031303563626667653b30636726716b66703d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403
content22.online.citi.com/fp/ Frame 66DF 0
400 B 21ms
21ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jf=343134267369645d726e663f7666725d5a3641614979464746684d5c6b6f4b4e26736b6c5d646374653d3334363a30333b343032267369665f767b72653d7f67623a6763647361247369665d6967793f3b3035393b30333b3034323f32613a343438616d3164323230313234323a30633a363638636533663031323330373831343232303034393561323b34646361603f3336653b63306a3064326b36363b663433603d3134343766633a643467353037326065373762343136373764346e6163663234316333326263363a633234633f6166343f61663b6266646c6663313a3164326b31333139633733303463346066326665633161663936323a37396c60623961646264267169645d716b653d31383435303a32323836663a6d37623160343132383038603337383a32636661353a373a65643238606261673238663f63356666343235653061643b37336032303c6164303a393638323033383066373134356739316630666463303a63613737343735303437303337363b3135373c66303467623162343b65633167633361336e3435623031673e653566396526716b66723f38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=5046CCDE348ADADFF44F47A1CA858E12
h.online-metrix.net/fp/ Frame 690A 0
400 B 17ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=5046CCDE348ADADFF44F47A1CA858E12?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jf=363136247361645f706c663d7c64705f5774356b596c374f343766704d315352267169665f646174653f3334363832313936303024736b6457747b78653f756d603a6561647b6126716b665f63657b3d31303539333231313034323730633834343a63673364303230333234323832613834363a61653164383332393035323b36323032303c3639643167373f31663266326134663a633361603538306039353761383a64366538613534613562373666376637363432613a62666d3737376d35613533626a3730373333333c626762323663393232396638673a333b60633137613035373461373533666334346464376032673a313a613c3732393761303d6131383a333b26736b665d7361673f33323435303230313230603137376133326434646762306564343a3b666032636566603137603132316963663c3833606d32316260613a6338313334653c3232373332646566336436343230323232323b3634656665663163356037673664356133603667323036363f64646d3463646e34623336343f3330316632333a37643861356433653b6560653a67653224736b66703d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C
content22.online.citi.com/fp/ Frame CBFA 0
400 B 71ms
70ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jf=3c3334267169645d726664357666705d444b747d646458757e434c6c434535422e7169645d6663746d3f3336343a32313b36323026716b645f767b70673f75676a386563667361247361645769677b3f3b32353133303333383e323730633a3e3c3a63653166323238333236303a32613a34343a6367316430313231323532313c3030303234653530693938676063363035393c313067653f3a6339673267303c633035373564363b306364323030616360653363373b34353b6434633b63676a60613667373430393d656c673b373a3c633569336534653b3036336435323e39676366603a33323d333038613736313636623466636734623b3a363b6161306c37376631392671696c5f7b6b653f3138363438323232356a696632303467693c336234663433386b363461393264656636633634603361303b646361663b356a376633363630316531323c643034363864656b383132303a3a32323b3b353b6c363433673b30316b333136653338393b3561333935346637663135613060673b66346667643067613d3638363a3563306639383739343169306126716b647a3532

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=D3CB051F34483BD463B85E3E441ACE71
h.online-metrix.net/fp/ Frame C260 0
401 B 115ms
115ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=D3CB051F34483BD463B85E3E441ACE71?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jf=3c3334267169645d726664357666705d4543665a6f62683366795a63755a4e642e7169645d6663746d3f3336343a32313b36323026716b645f767b70673f75676a386563667361247361645769677b3f3b32353133303333383e323730633a3e3c3a63653166323238333236303a32613a34343a6367316430313231323532313c30303032343835653a37393b36373b6c343430326636623c6e64396334306e6d673736323033383b353262653763623167623632633a6433633b38613660333d67376567636467343c646d313b64353d35666b356463643e3f373937343239693132353034323469356036303a33656330613b363731383936646432663467316630373a642671696c5f7b6b653f313836343832323231693d32383337333a306639323b6631643a606136383b61393a66373038643462356667313b36373b3135373263386263396b393f633237636a60333a30353b303a3a32373164313c3e3236323a3433316e30303566353131363a63603764663263373034356435666932386460623466373c303f3b313b353037306e32303a626a3d3726716b647a3533

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=2815244B9F987164E597BAFDA847C24F
h.online-metrix.net/fp/ Frame 4C5E 0
400 B 26ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=2815244B9F987164E597BAFDA847C24F?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jf=343134267369645d726e663f7666725d6d357a4b437a4d4c4b4a3b5d47415a5a26736b6c5d646374653d3334363a30333b343032267369665f767b72653d7f67623a6763647361247369665d6967793f3b3035393b30333b3034323f32613a343438616d3164323230313234323a30633a36363863653366303132333037383134323230303437373065353b613a66326d6166386c626630653b676a3333353262303a6e63393a613332346034666760603830303737343465603a3a65343f3763623233346339636630633661603031306535333964326b353663313336606335613a6b60346039346161613731313136623b30353563373961643432326e60343233663362267169645d716b653d31383435303a3233383067323865623a3b3339666e61643437613237313530353132633536636636606136616065323b67633430396136636133363635333a64306d6234633a61333c3232303a303432673138333b3265603238313b613a67633432646634663639323733306365626e61393864653331616634313637346030333c3863633e303231623a31313026716b66723f39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 50929468 Show response
lp-03.chat.online.citi.com/api/js/ 238 B
1 KB 803ms
230ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lp-03.chat.online.citi.com/api/js/50929468?&cb=lpCb57089x95371&t=sp&ts=1648219418700&pid=120171132&tid=929485266&pt=Account%20Verification&u=https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/jsonp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 571a9c5cea07248b4d6946a60fa9c9eac26d7cb5d4f465a662029c8e20372333

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:42 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CBFA 0
387 B 111ms
111ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jac=1&je=3934322624706d3f6e67266a63767176357922646576676c2a32332e32322e2a7b7661747771203a2a616a617265696e65207d24617766683d616337603b67346d34383161636161366e32693561333b3a3b333e333434623d6b3131353b346a3c66386466363a36383231386667346632316661643a363539246778313f603539323462333239313831643c353431316b61343d36313a366d3b30666761346a6e3b34313567

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 66DF 0
387 B 101ms
100ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame D5D6 0
387 B 108ms
107ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CBFA 0
387 B 114ms
114ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 14:43:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 50929468 Show response
lp-03.chat.online.citi.com/api/js/ 42 B
792 B 139ms
139ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lp-03.chat.online.citi.com/api/js/50929468?sid=w9GyUo_ERV2W_H70TKEHrA&cb=lpCb20879x54460&t=uc&ts=1648219420632&pid=120171132&tid=929485266&sdes=%5B%7B%22type%22%3A%22prodView%22%2C%22products%22%3A%7B%22product%22%3A%7B%22name%22%3A%22Account%20Verification%22%2C%22category%22%3A%22https%3A%2F%2Fcitisupport019.duckdns.org%2Fsecure%2Fpi.php%22%2C%22sku%22%3Anull%7D%7D%7D%5D&vid=ZjZjExNmI4NGFmMTQ0MjIw
Requested by: Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/jsonp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 5144b80985da70569e237a5feb43b66f9407c93d63eb395060ed9a7ca645e484

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:43:43 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/1/ 77 KB
28 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/1/common.js

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4542cfddfb6d29e523f2ad46c02e60d5dfd9f6409c50d88240daad07e0901785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28759
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 17:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 18:07:51 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/1/ 297 KB
91 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/1/util.js

Requested by

Host: citisupport019.duckdns.org
URL: https://citisupport019.duckdns.org/secure/pi_files/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa230c9f14e9c0bbca3fade2af397bfea1fd52e9adf789d6711c806c5910ee1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 18:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92904
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 17:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 18:01:30 GMT

GET
H2

200

adadvisor.gif
px0.pbbl.co/
Redirect Chain

https://px0.pbbl.co/ns/__p2.gif?ppid=5c86fb02-ff03-465a-a787-217b6947d16d&chk=false&brid=&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fcitisupport019.duckdn...
https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=5c86fb02-ff03-465a-a787-217b6947d16d&_segid=99&iid=c49bed8a-07ea-4e26-b1d2-edc966ce6969
https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=5c86fb02-ff03-465a-a787-217b6947d16d&_segid=99&_zip=&hk=&iid=c49bed8a-07ea-4e26-b1d2-edc966ce6969&mt=&bd=

42 B
132 B

135ms
135ms

Image
image/gif

142.250.185.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=5c86fb02-ff03-465a-a787-217b6947d16d&_segid=99&_zip=&hk=&iid=c49bed8a-07ea-4e26-b1d2-edc966ce6969&mt=&bd=

Protocol

Server

142.250.185.211 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f19.1e100.net

Software

Google Frontend /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:45 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 5cf0fce7f2fd3da2ac4f2f732a75bfe7
cache-control: must-revalidate, no-cache, no-store
content-length: 42
x-xss-protection: 1
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Mar 2022 14:43:45 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=5c86fb02-ff03-465a-a787-217b6947d16d&_segid=99&_zip=&hk=&iid=c49bed8a-07ea-4e26-b1d2-edc966ce6969&mt=&bd=
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 204
204 clear3.png;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403 Show response
content22.online.citi.com/fp/ Frame 66DF 0
219 B 153ms
51ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=6E71D720ADA013B7D97EBC57CC15B403?org_id=89oebq5k&session_id=41f05d021ac67bec811e8e38aff85e67e0386e3e0076c733f53da4464226e08c&nonce=e94e1418c5e1a245&pageid=1&jac=1&je=null

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:45 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF Show response
content22.online.citi.com/fp/ Frame D5D6 0
218 B 53ms
53ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=9CD104B0EAB157B6832BD34CB8880EAF?org_id=89oebq5k&session_id=3eebe800cb218e7dc4deefd2163463d7e2ab01d0a62f34a00b627efa90b8d3b8&nonce=b3952e1084e5579c&pageid=1&jac=1&je=null

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:45 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C Show response
content22.online.citi.com/fp/ Frame CBFA 0
218 B 50ms
50ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=68F006525EDA7FC3D16DE7CB7FC1790C?org_id=89oebq5k&session_id=9f5d6406e8487b2392e9e13498b47f2997de2cf59335e71036df53c00231c222&nonce=a9a5d0684c4c58ca&pageid=1&jac=1&je=null

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citisupport019.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 14:43:45 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.citi.com
URL: https://online.citi.com/commonui-assets/fonts/interstate/Interstate-Light.woff

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/19469?ret=json

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity?pid=1&rt=idl

Domain: contents3.00110.citi.com
URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1648219418601-sjn0000022-d2fb5fd4-7dc8-449b-9d35-a729ec40079d&muid=1648219418674-2DC910FA-C270-4ABE-A9A1-7A74721D460C

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: bmuid Value: 1648219418674-2DC910FA-C270-4ABE-A9A1-7A74721D460C
.citisupport019.duckdns.org/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.citisupport019.duckdns.org/	1970-01-20 01:50:21	Name: _dpm_ses.374c Value: *
.citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: _dpm_id.374c Value: bf2988fd-352f-426c-949c-75947275dab5.1648219421.1.1648219421.1648219421.2beb3c1b-86e4-46ba-a4c6-adc4287be31d
citisupport019.duckdns.org/	1970-01-20 01:50:21	Name: 7830 Value: error
citisupport019.duckdns.org/	1970-01-20 01:50:21	Name: 7018 Value:
citisupport019.duckdns.org/	1970-01-20 03:59:55	Name: 64072 Value:
.citisupport019.duckdns.org/	1970-01-20 03:59:55	Name: _gcl_au Value: 1.1.1702961792.1648219421
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1MjC3sDSytDQ2NhHiM9QtLEt09rEwzoyoCE8HAKPeibwlAAAA
.rfihub.com/	1970-01-20 11:11:55	Name: rud Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1MjC3sDSytDQ2NhHiM9QtLEt09rEwzoyoCE-X4jU0M7EwMrQ0MTKwMDYHAB1bO8k0AAAA
.tvpixel.com/	1970-01-20 10:35:55	Name: sp Value: cff4f27f-573e-48a3-a823-adbf711506b8
citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: mdLogger Value: false
citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: kampyle_userid Value: ec56-28c0-a2e9-adf7-c443-f3cc-12be-4b66
citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: kampyleUserSession Value: 1648219421522
citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: kampyleUserSessionsCount Value: 1
citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: kampyleSessionPageCounter Value: 1
.doubleclick.net/	1970-01-20 11:11:55	Name: IDE Value: AHWqTUl9b5ZOc2Oy620GDQ3ffpTFSVtMlfz03JKLW4CnfyHIlUxcM3e10VE76pZl
.citisupport019.duckdns.org/	1970-01-20 10:35:55	Name: cdSNum Value: 1648219423962-sjn0000606-e671cb50-9efd-4573-95e0-63fb290a6aa7
.agkn.com/	1970-01-20 10:35:55	Name: ab Value: 0001%3Ap5suHShlYzqJ3ai7Ky39WyFp9diUrKL2

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://citisupport019.duckdns.org/secure/pi.php Message: Access to font at 'https://online.citi.com/commonui-assets/fonts/interstate/Interstate-Light.woff' from origin 'https://citisupport019.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.citi.com/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://citisupport019.duckdns.org/secure/pi.php Message: Access to XMLHttpRequest at 'https://stags.bluekai.com/site/19469?ret=json' from origin 'https://citisupport019.duckdns.org' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://.citi.com' that is not equal to the supplied origin.
network	error	URL: https://stags.bluekai.com/site/19469?ret=json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://idsync.rlcdn.com/463166.gif?partner_uid=undefined Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://citisupport019.duckdns.org/secure/pi.php Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity?pid=1&rt=idl' from origin 'https://citisupport019.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity?pid=1&rt=idl Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/cds-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://citisupport019.duckdns.org/secure/pi.php Message: Access to XMLHttpRequest at 'https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1648219418601-sjn0000022-d2fb5fd4-7dc8-449b-9d35-a729ec40079d&muid=1648219418674-2DC910FA-C270-4ABE-A9A1-7A74721D460C' from origin 'https://citisupport019.duckdns.org' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1648219418601-sjn0000022-d2fb5fd4-7dc8-449b-9d35-a729ec40079d&muid=1648219418674-2DC910FA-C270-4ABE-A9A1-7A74721D460C Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/assets/js/jquery-3.5.1.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/?cb=lpCb53308x46543 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/undefined//lp-01.chat.online.citi.com/api/account/50929468/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://citisupport019.duckdns.org/secure/pi_files/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdn.pbbl.co/i/pp.html Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.pbbl.co/r/1560.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://citisupport019.duckdns.org/secure/pi.php Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://citisupport019.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://citisupport019.duckdns.org/secure/pi.php Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://citisupport019.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://citisupport019.duckdns.org/secure/pi.php Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://citisupport019.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20766699p.rfihub.com
89oebq5ka5z72vtjof2eqz4zlyhquqvchhpf6ybne94e1418c5e1a245am1.e.aa.online-metrix.net
89oebq5kpdjwbndi3qhaysjd43gey75mvd6sfljtb3952e1084e5579cam1.e.aa.online-metrix.net
89oebq5kpprilek2bfslclf4rbyimja5h3h6zi76a9a5d0684c4c58caam1.e.aa.online-metrix.net
aa.agkn.com
api.rlcdn.com
c1.rfihub.net
cdn.pbbl.co
cdnjs.cloudflare.com
citisupport019.duckdns.org
content22.online.citi.com
contents3.00110.citi.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
h.online-metrix.net
idsync.rlcdn.com
lp-03.chat.online.citi.com
lpcdn.chat.online.citi.com
maps.googleapis.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online.citi.com
p.tvpixel.com
px0.pbbl.co
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
stags.bluekai.com
static-assets.dev.fs.liveperson.com
static-assets.fs.liveperson.com
tags.bkrtx.com
udc-neb.kampyle.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.rlcdn.com
contents3.00110.citi.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
online.citi.com
stags.bluekai.com
104.111.215.191
104.111.228.137
142.250.185.211
143.204.215.19
143.204.215.79
151.101.1.175
151.101.194.133
178.249.97.98
18.195.42.228
193.0.160.128
208.89.12.87
216.58.212.130
2600:9000:2156:d200:1:76cf:fe80:93a1
2606:4700::6810:125e
2a00:1450:4001:801::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:82b::200a
3.10.46.108
35.190.60.146
35.199.24.107
35.241.45.82
35.244.174.68
52.4.125.51
65.9.66.114
91.235.132.130
91.235.133.67
91.235.134.131
00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee
0381552921b09078836225e4e886944febf6ad68a784203329dbad4505f1b65d
0bcb15216559cb490a994fc29303e9e66b109926890e7d3abfddbbfcef347c8e
0ce27e9325578e87d56fb6067cea56737c8a1fec538e1a823a72e5c4c2de4ab0
0db455314959388ff4c61f56f84bc1f9b2f297016ea051b44787c6f1cf4ef80a
0dd4443301b86b59084fc52b3cdec159d7decf0501781fd645c3480ee19f36aa
0e0b42f83994ef5771755c73a41bea8af80a20a8f9deb44649ca34ff75863c04
0ff723ad535bb51caa4e379125786ca1d328f29faa1bb59733728bf16453053c
0ff8ab7046d29477deea04c4871c3855e3bd73df92dec600c8b387d9905b62ae
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17c215ae41438e040045c1a582b8be6b5066c16c9bd8938a28a12dcaaa19eac4
192342dece60dbba81a5d57f1ee771e2847dc75ca1028c4ff0caaa89ba0269ad
193238ab76da5459deca110ce1d66df1e8c4704397e025072eb03b2ea88adf0b
1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061
1e0dd7d96aa094529f745f4232661609f641e8ff5b7485fd5bfeab65e5d68b54
212d950960a3ccd012409873b6b757d68c107ba215d8162ad3a6a96a88f37523
2397b371cd59cbb64a009d1f20e86bf3888154a44119a41364eb4aaaa1128d33
24315593adbe134c4b2a829df101e84a20d1bc1b6305eb7fd95641c08bf0eba0
24d0957006dcd046e61d54cc2d497930691ce826f6e6c66cd9d8701c1a4d3d9c
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
285ac101b96614b54b3208cbd050c3bee03cbd416d4fb68f896ee12032025b9c
2861b2d82fec30deb83e23b981db306dfef251b7712576ee2abfe668e1084ac3
29cd267c36c7212999917902b18dfc95bd25fd6bacb52f77de3a9e8d44ddd92b
2a92cf7e050d0d30fc44485adb1665334df549da077b9d2b92fecf437f091f16
2c85082270eaf5b0868051c692dc68c18ac3695b120cef75a8631b6f1b78306a
316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
37e40a63bfa92e9540922774b587000dabbe0d5ff2ffb7668921c14a3ea68689
381755f71c74f975a9ac540fe1ede4a3fc9b1fab96d800b86d635d526d27b8a4
3950c8b755ebd006f07c6f1fd8595ddb482de737b2881e93bd25b4e932ba0832
39e0ab876c18ef96a1cf28d3f7d56d98b9f463f693f6726f37a47af62f128747
3a333053e476f12702fe1ee6ab62ecbc1c93e7c6b8755118c105cfa83a5be6af
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3eaa19d644377a811e7627dbbe98bc8a6fb2b19fbc050717f1fc38b8765a2571
415f9fceede84d6907dcf56db5f0e801b298ff8d07b44d79699243e7d7e3f8a0
435ed1b1a4195b05814eba670c9be977ffea2c7d6cef45d4294729a187616acf
4542cfddfb6d29e523f2ad46c02e60d5dfd9f6409c50d88240daad07e0901785
4543b2768b57e244c9f96437179a393a81e029453d0d9614fdf3ae2ffd5b722f
460d13e70e1f2ee022a7c67fd5ac1c6a3562b358f00a579e40bb89f4dbfe5a86
4617d721a72730b105417ff7d971cad16a84a6fb8da05729ac45f69a02396600
48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a
4a80f71a4e39521f36ad7ea4bcc4e78b213fcc688b2d82863df1b9b27fccb307
4c8e7a9b90d81d5546fd28d8dcc95c51329c2eeda5eac8348ce1ee5913e49fdc
51369dbf29e69b578b41d4e58bfd7f7845ff88baa6595c954fa9fddf0dbecf5d
5144b80985da70569e237a5feb43b66f9407c93d63eb395060ed9a7ca645e484
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
571a9c5cea07248b4d6946a60fa9c9eac26d7cb5d4f465a662029c8e20372333
57f721a0d7011a6345e3fded1dbb90fcf0c1417d5cdedceabf513563d5858bd3
58edfbfc2f0d71cba3b2f3c7e20e86af09b6e7097c76db4e57cd9b4abe106b50
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db
5f6c15d7dbdd1f437a1da2416cf87e915ed00410d11b0e1a552cc87dad47b569
6162ff2964cc5682e3b6819d1add7ea813f05a3ab42688518bf16037270e7368
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
62de83913f3f91a7ba9d488ceeac1f82d534a9eb2d83232ce8c596f9b976b1e7
63a37c8b23a9f3953a94d7887a80395ebeb1c25c1c9561fff6a4991c4a6a8676
677ab8410be4875d37b9a6473506b2a92bd4afd651f39a07b2a2d2dda5ff2703
69607fd04c66f8fb55485f2d1b46edcfb32f92547064115c8bfdadbde3a693a7
6f280b8f6712ea3e40e55b3903f5f90eadf5fbced6c8bd27efb6e40c69ba0023
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b
76b44569138024274c1ac52267a46803e70ec62193670efc900a5c8a01fdebdd
77df238fca2fae644ab8026164e13cd5e922fe2d2fa0b5f48b51d3cc1b319160
795d93d4bcfb8d59591e498c1939b5c05e82eca75aadb841aa27005c23b58f1b
7b6a595ca9b3756ba139435f9799c0fe33a3d0792a6183a47f37da93a4fbabfb
7b86dcbc7d23afb0672afeb544110b3d9383a6d93aa6af632a40274f6b3b80fa
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f669a7a46ea19a7725dcf458c9a8a6e6c388c1ee9e45b06e3df714a0fc3b2ab
8046dcf214fab5157b4990859214e88fb91e236b51f30876edc8d66eba262fe7
85dfb4f11b44b4754d51a49699dcc19ac376b77370384d6887b925031f76a62b
877023b4b09b5ec22b13f6404369b418baaa8a37a7eb1e834c3292183951c5a4
88165cfcc670d21cd0088e0099d6d12bf79f310700017652595208c12e265840
886863cdb7af195837445026b7c67989ab259415d74c8c730f9a22fa675649f2
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
88fc4b693b8bbadd822119802f0b7f3039c7fdaffc03c6a4e4c1ee3b2127a674
8a37dfc9b9eddeee43c4bddf8b30d65f6fc90c2c463524e074f2375393de432f
8a7c5db081b3cb59e85e8bd51424be34173652d0fc71d40108b93fe5f5d4a430
8af070f2f55051d709a513db37d217d7109ae2150bf226100e6b9c7866844499
8c9db6aae864c399cd193941140f47128eb99ef4310795eda5befe70ff7b3d91
8cb36c55de18f4d25a3074d3d2f7fa7872fe0c1b4692cb073e7f80f9fb461f87
8f5ef7272818fb6ed438a5239d6824eae8bc2992e46f41c8b15d1ded1ed6ed62
915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec
94bd0aa5378cc695113022cf5f09877c2444520fe1e8c1100d7e26f048b25427
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9585ca58da703e1f5a200e42562241f4c79fc1f1cbd05e47d39bc61677e8575c
95a2242682b7280bd87784415fc390fdc0fe912bf7e755e3985f93dc8990c235
96f507216ce7821b8eb1d3204e63e2dd954b9bb6ca4c037dd54e42af06803a02
9946d53fd289535b32d7d2fa1bf8c251337dda6ccf582dfe2764bf5101d09081
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dfd7aa7feadee64e56df4067d4697eb1428f6d880951fe8dd980933a6a7d182
a0e405cbc2cb17d67bc0e67b248ff15340df3ff2ee5516ae9a70fd3f6887c363
a3661260f5fa915a71c8b06c99249421c4fde5e0d1ea16fd9b4edebc193d1d9f
a5d9a621b71e21fa120698673c12167008f90e202e3df3badfef79f6c61f5fee
aa230c9f14e9c0bbca3fade2af397bfea1fd52e9adf789d6711c806c5910ee1a
b31783eca71cbfc817946f55cce539e6eeb6a0395400370bfe610cda82e6a940
b35e0ac1c1df2b196db732eb33b597c024a611c5a7bb3e83fd2728c63ee7f70d
b5d1c26722742c44e62a4fbb4b67117d2587aa320f61784a27fea9d66d9f62b4
ba13689cff19f616077091c3d1811fcfc076d1dd358fea1b6a9848e1b1128a9b
be1abd07eb984de88c92e7476d0a6fc2b2bee7d9919b22f57c855e41e79c00c9
beabf7f6b58604d8b53091c25658f46f235bce808854890df71b091df982d3c1
bf7557c6ca1e4931710e0582914754a296dbc86d54ec8ef2de86f23c4ac0deb9
bf7853273ca8063f3944cca69bc18fdc056db7c373386b4534a9dbc3a9f8c6c7
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c238d7371cd4304e77f6fc013491a50258da357e16d97477b75237aa2a39bc26
c2f80f761bef2338508d37e678b066431c591b5145db478a363da6a9b5dfc5eb
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
c5cf88228e5e29b02d405a963a31e7a3877be49d2586ae83b8a9c5fba8caeb0d
c5ffee3b1ead3316b818cc9b5e022448fa18a6e8bbc6a5bf662614bc4153f4b8
c88ab82cd9de58c919b30f8f3d69e3bed3d92a4ae50f4c39813fed728950f518
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
c93d13dc8ca4b0d61a1fde4154d1aba44567915b4f7ed6b9b3e65380dd9d353b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce2d6a702e45ae956dcf77690ca854c0a29b0e812e8b65d3d1e8cbc29b5253e6
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d18bb9a07b436442fb070e20ff9d97059682e173135cfb460b6cc275368de8e8
d2aa602e7cd917396aacfefc7dcc6cde27c9b59061f640c81e6087bc7004218f
d4a278ae83dd32f6c3103c02e4d759443923ec55ab313f79dd4ec31f5b6d8f1a
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
da04c4a89418d770d46c6d6acefcd23b7dae8755879d5fe0dcabfd32c4581a6c
dd866415f5b82a72a060b91d03a907632ec1d539253a885c64d3db6ec9c103e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60b7011ab760f823e80c82126648dd4a505275ffd8f1ef008ac6a8c22c6b4c6
ea443941c23136440c6e80fa8c83e99402564222964f960921476eb82bb431f4
ee83bf112607c0d28a8d35b2c85a706cdd66bf9b2e18268e6dfdbfbd3ed96914
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031c8addc3054899f1034313b8b4afef5ac979fdd5531659b754bb6d8dc797f
f5759577f184656cb28cc429ce045e8fd9b100ddab9742139efb6c070223b05b
f6749155fbb1917b47bfdac8af72b649886be75ba3badf6749f407d889f4ce02
f74639a6f92a32ebd64603cecf033ba2cb4ff8b0cb9d31c2764b8fc8e2d04b9f
f937a57605aa20f48e29bd6ca9edb045cbb135641bb369b23790e51f0bd0ab38
feb51770e950d4375c64c7045dba448a58adf5363569fa1e1f3e06937aa11007
ffb651309250e9ce8ca4d6a354d9403cb80ec23ef11eebc6d518163948061c82

citisupport019.duckdns.org Open in urlscan Pro 35.199.24.107 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

236 Requests

96 %HTTPS

24 %IPv6

23 Domains

35 Subdomains

29 IPs

3 Countries

10684 kBTransfer

14032 kBSize

19 Cookies

5 Outgoing links

Redirected requests

236 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citisupport019.duckdns.org Open in urlscan Pro
35.199.24.107 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

236
Requests

96 %
HTTPS

24 %
IPv6

23
Domains

35
Subdomains

29
IPs

3
Countries

10684 kB
Transfer

14032 kB
Size

19
Cookies

236 HTTP transactions
0 data transactions