www.gito.dyn-vpn.de Open in urlscan Pro
5.183.78.151 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gito.dyn-vpn.de/
Submission: On October 27 via automatic, source certstream-suspicious (October 27th 2023, 6:18:20 pm UTC) — Scanned from DE

Summary HTTP 130 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 130 HTTP transactions. The main IP is 5.183.78.151, located in Jacksonville, United States and belongs to SBA-EDGE-JAX, US. The main domain is www.gito.dyn-vpn.de.
TLS certificate: Issued by R3 on October 27th 2023. Valid for: 3 months.

This is the only time www.gito.dyn-vpn.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
49	5.183.78.151 5.183.78.151	19844 (SBA-EDGE-JAX) (SBA-EDGE-JAX)
16	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
7	2600:9000:25a... 2600:9000:25a2:2600:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:244... 2600:9000:244f:a000:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	18.244.32.109 18.244.32.109	16509 (AMAZON-02) (AMAZON-02)
11	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	146.75.121.230 146.75.121.230	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.175 151.101.129.175	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
1	23.52.120.13 23.52.120.13	16625 (AKAMAI-AS) (AKAMAI-AS)
130	19

49 5.183.78.151 (Jacksonville, United States)

ASN19844 (SBA-EDGE-JAX, US)

www.gito.dyn-vpn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:25a2:2600:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:244f:a000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)

20766699p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.32.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-32-109.cdg52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.121.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.120.13 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-13.deploy.static.akamaitechnologies.com

iad1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	dyn-vpn.de www.gito.dyn-vpn.de	1 MB
17	google.com www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 3113	225 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	1001 KB
12	qualtrics.com zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com — Cisco Umbrella Rank: 35967 siteintercept.qualtrics.com — Cisco Umbrella Rank: 985 iad1.qualtrics.com — Cisco Umbrella Rank: 9740	96 KB
10	google.de www.google.de — Cisco Umbrella Rank: 6862	1 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	15 KB
7	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3744	65 KB
2	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4904 udc-neb.kampyle.com — Cisco Umbrella Rank: 2563	6 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310	763 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1610 insight.adsrvr.org — Cisco Umbrella Rank: 584	3 KB
1	rlcdn.com sr.rlcdn.com — Cisco Umbrella Rank: 27072	98 B
1	rfihub.com 20766699p.rfihub.com — Cisco Umbrella Rank: 135425	685 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5089	6 KB
1	medallia.com resources.digital-cloud-citi.medallia.com — Cisco Umbrella Rank: 251066 Failed	57 KB
130	14

	Domain	Requested by
49	www.gito.dyn-vpn.de	www.gito.dyn-vpn.de
16	www.google.com	www.gito.dyn-vpn.de cse.google.com
15	www.googletagmanager.com	www.gito.dyn-vpn.de www.googletagmanager.com
10	www.google.de
10	siteintercept.qualtrics.com	zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com
10	googleads.g.doubleclick.net	www.googletagmanager.com
7	nexus.ensighten.com	www.gito.dyn-vpn.de
2	s.amazon-adsystem.com	1 redirects
1	iad1.qualtrics.com
1	udc-neb.kampyle.com
1	nebula-cdn.kampyle.com	resources.digital-cloud-citi.medallia.com
1	insight.adsrvr.org	js.adsrvr.org
1	sr.rlcdn.com	nexus.ensighten.com
1	zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com	nexus.ensighten.com
1	js.adsrvr.org	www.gito.dyn-vpn.de
1	20766699p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	nexus.ensighten.com
1	resources.digital-cloud-citi.medallia.com	www.gito.dyn-vpn.de
1	cse.google.com	www.gito.dyn-vpn.de
130	19

This site contains links to these domains. Also see Links.

Domain
online.citi.com
www.citi.com
www.citicards.com
banking.citi.com
citi.com
www.facebook.com
www.twitter.com
www.youtube.com
www.citigroup.com
jobs.citi.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
itunes.apple.com
play.google.com
www.ipbus.citi.com
www.jdpower.com

Subject Issuer	Validity	Valid
gito.dyn-vpn.de R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2022-10-18` - `2023-11-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-30` - `2024-09-30`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.gito.dyn-vpn.de/
Frame ID: 388203509776ABA65DCDCCE5FD02B48B
Requests: 126 HTTP requests in this frame

Frame: https://www.gito.dyn-vpn.de/assets/login_data/a.html
Frame ID: 206064C9D8E400D03E141A2892EEFA61
Requests: 1 HTTP requests in this frame

Frame: https://20766699p.rfihub.com/ca.html?ver=9&ra=1501&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&pf=&ra=46146221657560305
Frame ID: 049734C3F5FDDFF6EFD7D297FA350433
Requests: 1 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 2EBCBD510A6FF74D1C90C23F7DB56C18
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=https://www.gito.dyn-vpn.de/&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: AADF31C80C1447B36A1EC5F8460C2D7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking, Mortgages, Personal Loans, Investing | Citi.com

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

98 %
HTTPS

39 %
IPv6

14
Domains

19
Subdomains

19
IPs

3
Countries

2973 kB
Transfer

7853 kB
Size

15
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citi.com/US/login.do?locale=es_US
Title: Español

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/open-a-bank-account
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/citibank-location-finder
Title: ATM / Branch

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/login.do
Title: Citi Bank Logo Citi Bank Logo

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: View All Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=low-interest-credit-card
Title: 0% Intro APR Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=balance-transfer-credit-cards
Title: Balance Transfer Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=reward-credit-cards
Title: Rewards Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=N&OC=CC-CITI-3D5
Title: See If You're Pre-Qualified

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=all-small-business-credit-cards&m=f
Title: Small Business Credit Cards

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/banking/citi.action?ID=banking-overview
Title: Banking Overview

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/banking/citi.action?ID=checking-account-overview
Title: Checking

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/banking/citi.action?ID=savings-account-overview
Title: Savings

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/banking/citi.action?ID=cd-ira-account-overview
Title: Certificates of Deposit

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/banking/cd-ira/citi.action?ID=citi-ira
Title: Banking IRAs

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Rates

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/small-business-banking
Title: Small Business

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/personal-loan
Title: Personal Loans & Lines of Credit

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_home_mortgage
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_heloc
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=FinancialGoals
Title: Your Financial Goals

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=InvestingCiti
Title: Investing with Citi

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=InsightsTools
Title: Insights and Tools

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-rewards-plus-credit-card&afc=106

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JSO/uidn/RequestUserIDReminder.do?fuipFlowInd=userID&JFP_TOKEN=SMK2RK3P
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JSO/uidn/RequestUserIDReminder.do?fuipFlowInd=pwd&JFP_TOKEN=SMK2RK3P
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/activate/index
Title: Activate a Card

Search URL Search Domain Scan URL

URL: https://online.citi.com/JSO/reg/Setup.do?JFP_TOKEN=SMK2RK3P
Title: Register for Online Access

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-double-cash-credit-card&afc=106&intc=1~1~52~6~BANR~1~dc_citicomREDPE_oct2016
Title: Earn Cash Back Twice

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards&afc=105&intc=1~1~52~6~BANR~1~mpc_Default_citicomREDPE_aug2016
Title: Choose the Right Citi� Credit Card for You

Search URL Search Domain Scan URL

URL: https://banking.citi.com/cbol/checking-tiered-offer/default.htm?sc=onsite-hp&intc=1~1~52~6~BANR~2~CheckQ419_UT700~HP
Title: Earn Up To $700

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=Citi-costco-anywhere-visa-credit-card&afc=106&intc=7~7~67~1~MCT~1~

Search URL Search Domain Scan URL

URL: https://banking.citi.com/cbol/checking/high-yield-checking/default.htm?Promo_ID=4FWDQVC8TKCHPA&intc=1~1~21~1~BANR~2~HYCA_NoATMFee~HP

Search URL Search Domain Scan URL

URL: https://citi.com/citi/covid-19.htm

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citi

Search URL Search Domain Scan URL

URL: https://www.twitter.com/citi

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://jobs.citi.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits and Services

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=todays_mortgage_rates&type=buy
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=home_equity_rates
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/personal-loans-and-lines-of-credit
Title: Lending

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/helpcenter/main.do
Title: Help & FAQs

Search URL Search Domain Scan URL

URL: https://online.citi.com/JRS/pands/detail.do?ID=SecurityCenter
Title: Security Center

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile

Search URL Search Domain Scan URL

URL: https://www.ipbus.citi.com/
Title: International Personal Bank U.S.

Search URL Search Domain Scan URL

URL: http://www.jdpower.com/awards
Title: jdpower.com/awards

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView HTTP 302
https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.gito.dyn-vpn.de/ 365 KB
59 KB 558ms
263ms Document
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 6760594aa8fbe2dd284fc03e235e335d0f351a2d58ea73dc00f2d44b427bffb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 Oct 2023 18:18:12 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK cse.js Show response
www.gito.dyn-vpn.de/assets/js/ 11 KB
4 KB 652ms
124ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/cse.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 9bd5fc47a9ab460113d2fe800ed4bdc54402510aca539fc01c07300f6b0bd030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:04 GMT
Server: nginx
ETag: W/"653bfedc-2a14"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
www.gito.dyn-vpn.de/assets/css/ 8 KB
982 B 241ms
124ms Stylesheet
text/css 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/style.css
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 884ce03179655bd36814c10c17b958a630816496903dcc486cd8b8af6b7cf604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:52 GMT
Server: nginx
ETag: W/"653bfed0-1f22"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.css
www.gito.dyn-vpn.de/assets/css/ 45 KB
7 KB 389ms
148ms Stylesheet
text/css 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/main.css
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 429d8af3190c76d5fcb9b1cad2aa6eb555684921323da905d62017fbdbf557c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:51 GMT
Server: nginx
ETag: W/"653bfecf-b4b7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ddl.css
www.gito.dyn-vpn.de/assets/css/ 715 KB
74 KB 496ms
253ms Stylesheet
text/css 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 28ed03348ecd4e811e347dd5d2cdca0992ef24ea739c5335fa7932212012d7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:51 GMT
Server: nginx
ETag: W/"653bfecf-b2c8a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main_branding.css
www.gito.dyn-vpn.de/assets/css/ 332 KB
47 KB 520ms
271ms Stylesheet
text/css 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dce22a7d1f6e43d9aaa25eda1ead11f8c97ec10546e594158ba181586ce3507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:52 GMT
Server: nginx
ETag: W/"653bfed0-52f90"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vendor.js Show response
www.gito.dyn-vpn.de/assets/js/ 204 KB
64 KB 519ms
129ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/vendor.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e695fed650ef2d51b3a9ea19e0704563eb464d574a9001819c6690c4011065d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:06 GMT
Server: nginx
ETag: W/"653bfede-330c3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Bootstrap.js Show response
www.gito.dyn-vpn.de/assets/js/ 328 KB
105 KB 538ms
135ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: a942a692f05cd1165e80681639b9b936a4498ebab2432dd3288f104383ce7cc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:04 GMT
Server: nginx
ETag: W/"653bfedc-5202d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK homePage.css
www.gito.dyn-vpn.de/assets/css/ 24 KB
5 KB 403ms
140ms Stylesheet
text/css 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/homePage.css
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:51 GMT
Server: nginx
ETag: W/"653bfecf-6030"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.js Show response
www.gito.dyn-vpn.de/assets/ 6 KB
3 KB 555ms
143ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/jquery.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:50 GMT
Server: nginx
ETag: W/"653bfece-1825"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fp.js Show response
www.gito.dyn-vpn.de/assets/js/ 15 KB
5 KB 127ms
126ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/fp.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:05 GMT
Server: nginx
ETag: W/"653bfedd-3a41"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK citilive-search-responsive.css
www.gito.dyn-vpn.de/assets/css/ 59 KB
11 KB 525ms
252ms Stylesheet
text/css 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/citilive-search-responsive.css
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 2aab6ad3aeb24b7e510db5e4f85271e18bbbacbc6b6cd2f43884e84b4e3e1cb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:51 GMT
Server: nginx
ETag: W/"653bfecf-eb73"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cbol-smartSearch.css
www.gito.dyn-vpn.de/assets/css/ 8 KB
1 KB 295ms
126ms Stylesheet
text/css 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/cbol-smartSearch.css
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:17:51 GMT
Server: nginx
ETag: W/"653bfecf-1ebf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK HowCanWeHelpButton_default.png
www.gito.dyn-vpn.de/assets/img/ 3 KB
4 KB 126ms
125ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/HowCanWeHelpButton_default.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: f35167f960fb0ce996db66bdfc5723771a4acc8e7206b282e7dfaa8c2ca81e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:01 GMT
Server: nginx
ETag: "653bfed9-d24"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3364
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK citiHomePage.js Show response
www.gito.dyn-vpn.de/assets/js/ 15 KB
5 KB 124ms
124ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/citiHomePage.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:04 GMT
Server: nginx
ETag: W/"653bfedc-3a12"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK rsa.js Show response
www.gito.dyn-vpn.de/assets/js/ 36 KB
11 KB 127ms
127ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/rsa.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:06 GMT
Server: nginx
ETag: W/"653bfede-8ffb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK HP3443_H.jpg
www.gito.dyn-vpn.de/assets/img/ 71 KB
71 KB 126ms
125ms Image
image/jpeg 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/HP3443_H.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 06d733b09a9fccaa6b2c7ee0e8c9002f782366cbd16f1204e14c43e803d61051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:02 GMT
Server: nginx
ETag: "653bfeda-11b67"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72551
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 450x285-rewards.png
www.gito.dyn-vpn.de/assets/img/ 66 KB
66 KB 130ms
130ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/450x285-rewards.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: b81c40d26fc71a79f47e28b43f4f3818f871c8d0ad99f52e35bcab45b8514a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Last-Modified: Fri, 27 Oct 2023 18:17:59 GMT
Server: nginx
ETag: "653bfed7-10796"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67478
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK M1-M7_DoubleCash.jpg
www.gito.dyn-vpn.de/assets/img/ 31 KB
32 KB 133ms
131ms Image
image/jpeg 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/M1-M7_DoubleCash.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ddfc50334e444d16f275b7a81eb09c83ddd05bf00a3d47bef2d878671244f2f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:03 GMT
Server: nginx
ETag: "653bfedb-7dcc"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32204
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK M1-M7_Citi-card-cluster-4.jpg
www.gito.dyn-vpn.de/assets/img/ 102 KB
102 KB 364ms
141ms Image
image/jpeg 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/M1-M7_Citi-card-cluster-4.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: fb42046c6feabb3126634752069391d76d8ded5770a936eb1ce0cdd6aa7358b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:03 GMT
Server: nginx
ETag: "653bfedb-196a9"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104105
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK HP7181_M.jpg
www.gito.dyn-vpn.de/assets/img/ 83 KB
84 KB 277ms
124ms Image
image/jpeg 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/HP7181_M.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e101c9ff1fbc70e536447c9a8b7bc78c622fdac1c8b877746cdc2632e215b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:02 GMT
Server: nginx
ETag: "653bfeda-14da5"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85413
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK HP2900_M.jpg
www.gito.dyn-vpn.de/assets/img/ 537 KB
537 KB 125ms
125ms Image
image/jpeg 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/HP2900_M.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 61eb6e3a621d1621e6fb229128f863795e9d9b7bf80fb76eec9a7d70fde09e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:02 GMT
Server: nginx
ETag: "653bfeda-86372"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 549746
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK HP6166_M.jpg
www.gito.dyn-vpn.de/assets/img/ 99 KB
100 KB 126ms
125ms Image
image/jpeg 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/HP6166_M.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 640a8c2b98f9829a9cbfb20b45aeb134a040bf8046af794ffbde45dc922a3237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:02 GMT
Server: nginx
ETag: "653bfeda-18d8a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101770
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK embed.js Show response
www.gito.dyn-vpn.de/assets/js/ 2 KB
1 KB 127ms
125ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/embed.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: c1b2b4a37540785070bab0a31d83f86e5cb405934197e420c4227eb261cb4bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:05 GMT
Server: nginx
ETag: W/"653bfedd-625"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2019CertifiedMobileApp.png
www.gito.dyn-vpn.de/assets/img/ 28 KB
29 KB 125ms
125ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/2019CertifiedMobileApp.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 771c92ecc9167287111bc793f6392bfb0dc8a51a830b497f7591e6d3493fc1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:17:59 GMT
Server: nginx
ETag: "653bfed7-71f3"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29171
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
www.gito.dyn-vpn.de/assets/js/ 33 KB
8 KB 133ms
131ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/main.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:05 GMT
Server: nginx
ETag: W/"653bfedd-8469"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK citilive-search.js Show response
www.gito.dyn-vpn.de/assets/js/ 2 KB
1 KB 133ms
132ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/citilive-search.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:04 GMT
Server: nginx
ETag: W/"653bfedc-9fe"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cbol-smartSearch-inject.js Show response
www.gito.dyn-vpn.de/assets/js/ 13 KB
3 KB 232ms
132ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/cbol-smartSearch-inject.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: b1eb1390323be6154cc95a3e0ab274e57f852eaa44fe63d98ae7bd015b40b69d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:04 GMT
Server: nginx
ETag: W/"653bfedc-333b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK TMXProfiling.js Show response
www.gito.dyn-vpn.de/assets/js/ 1 KB
910 B 124ms
123ms Script
application/javascript 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/js/TMXProfiling.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:06 GMT
Server: nginx
ETag: W/"653bfede-4f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK copy_copy_1551286869362_Feedback.png
www.gito.dyn-vpn.de/assets/img/ 0
301 B 125ms
125ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/copy_copy_1551286869362_Feedback.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:01 GMT
Server: nginx
ETag: "653bfed9-0"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/57975621473fd078/ 261 KB
86 KB 84ms
82ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/cse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23304e9ae5b04a60edeb8a18d67e2de3a37fe961b02ee5d4db9a18493fd85641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88380
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 13:21:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 27 Oct 2023 18:18:13 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/57975621473fd078/ 40 KB
9 KB 135ms
87ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/57975621473fd078/default+en.css

Requested by

Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/cse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd2b0aa0a6e37fe3508c7431b402fdb204d6b4b732c40efce2e9b81994edaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8789
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 13:21:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 27 Oct 2023 18:18:13 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v3/ 11 KB
12 KB 105ms
57ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v3/default.css

Requested by

Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/cse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:13 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11564
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 27 Oct 2023 19:08:13 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
275 B 119ms
26ms Image
text/plain 2600:9000:25a2:2600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:41:06 GMT
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH55-P1
age: 45427
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4rrMIHW6DmmO4X_J9uGObYddxPuie9fqYdpf-a_ASGVdcgu8HhmQrA==

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 1 KB
911 B 144ms
51ms Script
text/javascript 2600:9000:25a2:2600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/serverComponent.php?r=51216.205708331676&ClientID=1129&PageID=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 37982a5a5ed362021ddfd115fff9acc3a40902985e75997f9941a4119bb327b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:13 GMT
content-encoding: gzip
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH55-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cyJCFgZx3mMR9tAAoTPhT04l1v68oHNCpOLlafGTI2eAu0UJvZKJMw==
expires: Fri, 27 Oct 2023 18:18:12 GMT

GET
H/1.1 200
OK Citi-Enterprise-White.png
www.gito.dyn-vpn.de/assets/img/ 1 KB
1 KB 236ms
127ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/Citi-Enterprise-White.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:00 GMT
Server: nginx
ETag: "653bfed8-410"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1040
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK close.svg
www.gito.dyn-vpn.de/assets/img/ 1 KB
987 B 236ms
127ms Image
image/svg+xml 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/close.svg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b6d7a7322e7084c84a1c11877b16013be3cf09fc66f66bd2289d84e233dc5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/ddl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:18:01 GMT
Server: nginx
ETag: W/"653bfed9-5d7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found HP3443_H.jpg
www.gito.dyn-vpn.de/JRS/banners/hero_background/ 1 KB
1 KB 240ms
130ms Image
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/JRS/banners/hero_background/HP3443_H.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ade1d74ee24b6ae92542242c5832681f8fc19e1b33351d979a5cc4386ccf58ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 404
Not Found Interstate-Light.woff
www.gito.dyn-vpn.de/assets/css/fonts/interstate/ 0
0 178ms
128ms Font
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Light.woff
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Origin: https://www.gito.dyn-vpn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 404
Not Found Interstate-Bold.woff
www.gito.dyn-vpn.de/assets/css/fonts/interstate/ 0
0 248ms
126ms Font
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Bold.woff
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Origin: https://www.gito.dyn-vpn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 200
OK HP7244_M.jpg
www.gito.dyn-vpn.de/assets/img/ 0
302 B 131ms
123ms Image
image/jpeg 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/HP7244_M.jpg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:02 GMT
Server: nginx
ETag: "653bfeda-0"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found arrow-btn-next-blue-sm-bold.svg
www.gito.dyn-vpn.de/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 1 KB
1 KB 162ms
127ms Image
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-blue-sm-bold.svg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ade1d74ee24b6ae92542242c5832681f8fc19e1b33351d979a5cc4386ccf58ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 200
OK Citi-Branding-Sprite.png
www.gito.dyn-vpn.de/assets/img/ 5 KB
5 KB 138ms
125ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/Citi-Branding-Sprite.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:00 GMT
Server: nginx
ETag: "653bfed8-1358"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4952
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found Citi-Branding-Sprite.png
www.gito.dyn-vpn.de/GFC/branding/img/ 1 KB
1 KB 197ms
128ms Image
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/GFC/branding/img/Citi-Branding-Sprite.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ade1d74ee24b6ae92542242c5832681f8fc19e1b33351d979a5cc4386ccf58ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 200
OK appStore_1px.png
www.gito.dyn-vpn.de/assets/img/ 3 KB
4 KB 129ms
129ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/appStore_1px.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:17:59 GMT
Server: nginx
ETag: "653bfed7-db9"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3513
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK googlePlay_1px.png
www.gito.dyn-vpn.de/assets/img/ 4 KB
4 KB 124ms
124ms Image
image/png 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/assets/img/googlePlay_1px.png
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:01 GMT
Server: nginx
ETag: "653bfed9-f3c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3900
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found arrow-btn-next-white-sm-bold.svg
www.gito.dyn-vpn.de/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 1 KB
1 KB 128ms
128ms Image
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-white-sm-bold.svg
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/homePage.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ade1d74ee24b6ae92542242c5832681f8fc19e1b33351d979a5cc4386ccf58ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/homePage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 404
Not Found oo_icon_retina.gif
www.gito.dyn-vpn.de/GFC/branding/olab/images/ 1 KB
1 KB 127ms
127ms Image
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gito.dyn-vpn.de/GFC/branding/olab/images/oo_icon_retina.gif
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ade1d74ee24b6ae92542242c5832681f8fc19e1b33351d979a5cc4386ccf58ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/assets/css/main_branding.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H2 200 cse.js Show response
cse.google.com/cse/ 9 KB
4 KB 135ms
60ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Requested by

Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

595a49688d9a0c821fc41be0ab4c3bd78bf556326b763fa6897d8987d465f68e

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-HhdZd5NCB96JYhcHU8CwHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-HhdZd5NCB96JYhcHU8CwHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Fri, 27 Oct 2023 18:18:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3013
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H2 200 7c8ae1f9c206930028672949c6703f6d.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
2 KB 29ms
27ms Script
application/javascript 2600:9000:25a2:2600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/7c8ae1f9c206930028672949c6703f6d.js?conditionId0=4849963
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9a74546a8f511f31b5252f115d2db7aa69370ca5eeaf6828f60abb197f35a169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 04:04:56 GMT
x-amz-version-id: fn0OQIG24n9jjHSfN2OozphT08M6eW_x
content-encoding: br
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 23897599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 18 Oct 2022 17:52:59 GMT
server: CloudFront
etag: W/"7df0440e45009010a99db868682aafb3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: wBZrOG4VrGgk-bUaVuqTUGhVBOTJWlBAFWIZeDTi84_AgtWV0VbKTw==

GET
H2 200 f0db1cf4496c8b42c5a1b2fa40b4f157.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 37ms
36ms Script
application/javascript 2600:9000:25a2:2600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/f0db1cf4496c8b42c5a1b2fa40b4f157.js?conditionId0=4897099
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 13a59cfac1785dd94d0005457ed1e12cf77fee65b975fe6fd91af77b7ac6cd77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 16:06:56 GMT
x-amz-version-id: _NJEt9Au7TfYHRltPN9x_4PZSTxTzbkJ
content-encoding: br
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 7438279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 16:06:47 GMT
server: CloudFront
etag: W/"f21df27f4d3e67ca5151a737dacd6837"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: b7ggPUtWdib-pjnnDobi4YwDjeyIubpDW8yme-MnG1TqAlIZQWY9jQ==

GET
H2 200 a57ebd078211b168099968ee097aa992.js Show response
nexus.ensighten.com/citi/na_prod/code/ 430 KB
49 KB 34ms
33ms Script
application/javascript 2600:9000:25a2:2600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/a57ebd078211b168099968ee097aa992.js?conditionId0=421908
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9316cfe82231e58622ce9789f58a4d41b83a59cd9428b78bd57d24cb798c6868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 20:10:32 GMT
x-amz-version-id: 3mY.BhmAzSKoKYDnqkmUC2jsuZCZabgr
content-encoding: br
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 857263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Oct 2023 20:10:28 GMT
server: CloudFront
etag: W/"fafca08cb44200454833d03b702b3e48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 7SzpB5OrxTfMzWv0JXZSqadabrr1ZNH-npf18hrUoAy22fPV9imkgQ==

GET
H2 200 a9607bbeb2e6e06c07801d4745900799.js Show response
nexus.ensighten.com/citi/na_prod/code/ 23 KB
5 KB 36ms
35ms Script
application/javascript 2600:9000:25a2:2600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/a9607bbeb2e6e06c07801d4745900799.js?conditionId0=486757
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 3556b4fa28a41290454dc84939dae439fcf5bda8a1eac70efdf2647bf041d43d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:48:16 GMT
x-amz-version-id: TUtp2N9e.3Mq3kFsEinWRYvNz9Zemh3C
content-encoding: br
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 3284999
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 17:48:03 GMT
server: CloudFront
etag: W/"e4e9e801aca9bba5a66c95552720097c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: ltzL0WUg1cKronrWIcUmJPxtrWEXWBktm2hCzxvPRqCDltLhdETHnw==

GET
H2 200 f120449dcdb84c3b6d0f58c8b98ad8a3.js Show response
nexus.ensighten.com/citi/na_prod/code/ 24 KB
7 KB 29ms
28ms Script
application/javascript 2600:9000:25a2:2600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/f120449dcdb84c3b6d0f58c8b98ad8a3.js?conditionId0=467299
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: bf39c7a23da56a09d7fba494ab7a46604dc02a19fabfaf8d4c3ab6629aad0692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:48:16 GMT
x-amz-version-id: nWKpv6NjQeNKdUj5cLa_yhYRraA7P2n3
content-encoding: br
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 3284999
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 17:48:03 GMT
server: CloudFront
etag: W/"79a1f615128893a73faf5e48cfd01107"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: PdQLN7rSWxPsx2p75yDy-QWHqvdyKlGZ6IXBhs6hJawRob3a3-uJcg==

GET
H/1.1 404
Not Found Interstate-Light.ttf
www.gito.dyn-vpn.de/assets/css/fonts/interstate/ 0
0 200ms
130ms Font
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Light.ttf
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Origin: https://www.gito.dyn-vpn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 92ms
36ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54560013cd655b630008e3cddb9cc126bbb525f6cc0b13829febad9e898bc5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66980
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H/1.1 404
Not Found Interstate-Bold.ttf
www.gito.dyn-vpn.de/assets/css/fonts/interstate/ 0
0 141ms
140ms Font
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gito.dyn-vpn.de/assets/css/ddl.css
Origin: https://www.gito.dyn-vpn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H3 200 cse_element__de.js Show response
www.google.com/cse/static/element/e992cd4de3c7044f/ 310 KB
103 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105519
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H3 200 default+de.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 41 KB
9 KB 58ms
58ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 21ms
21ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 27 Oct 2023 18:41:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ac96b163ba39bb851b6102547c787667532d192a334b3c8915a79c21e69cccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66992
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

529758e20c8ebb694dffc8a7e07bb64d0ed8a8c6332951678e900c5526c4c019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67003
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 78ms
76ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6415812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ceea4b127ee103112be56a927532c4716f9e606c61a56fce9c21e1faf25f0597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67014
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

002aa80921e64c4904cc16be24d02b0045ab8eb6cc214d75827209ef490c99d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67010
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H/1.1 200
OK InterstateLight.woff
www.gito.dyn-vpn.de/assets/fonts/ 16 KB
16 KB 134ms
127ms Font
font/woff 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/fonts/InterstateLight.woff
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: c578d5dd46141c97250868ebe46a052753844cba491a0681bdccccb8ce0945a5

Request headers

Referer: https://www.gito.dyn-vpn.de/assets/css/style.css
Origin: https://www.gito.dyn-vpn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:17:55 GMT
Server: nginx
ETag: "653bfed3-3fb0"
Content-Type: font/woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16304
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK InterstateBold.woff
www.gito.dyn-vpn.de/assets/fonts/ 16 KB
16 KB 129ms
124ms Font
font/woff 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/fonts/InterstateBold.woff
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ac64f72f59033d13cf387598795ebb1f29bf16eb9dfff4cd6b51b1ecd698241f

Request headers

Referer: https://www.gito.dyn-vpn.de/assets/css/style.css
Origin: https://www.gito.dyn-vpn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Last-Modified: Fri, 27 Oct 2023 18:17:53 GMT
Server: nginx
ETag: "653bfed1-3fec"
Content-Type: font/woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16364
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK a.html Show response
www.gito.dyn-vpn.de/assets/login_data/ Frame 2060 107 B
411 B 171ms
124ms Document
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/assets/login_data/a.html
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: 1df25d4bd4693b4d105b6aa0bbe82a9cb141b9db9e1285b4e0610ea53e378bc9

Request headers

Referer: https://www.gito.dyn-vpn.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 107
Content-Type: text/html
Date: Fri, 27 Oct 2023 18:18:14 GMT
ETag: "653bfedf-6b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 27 Oct 2023 18:18:07 GMT
Server: nginx

GET generic1588627126535.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 0
0

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 122ms
31ms Script
application/x-javascript 2600:9000:244f:a000:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/f120449dcdb84c3b6d0f58c8b98ad8a3.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:a000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:37:07 GMT
content-encoding: gzip
via: 1.1 a355d8f903a0cf5525893c863fcdf216.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 17:36:57 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: CDG52-P4
age: 2467
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: H3hLAaaWYaGAU8gTg9mlFzG1hHl9su5KYqs9eiNv0x0qTKB0tTTBjA==
expires: Fri, 27 Oct 2023 18:37:07 GMT

GET
H/1.1 200
OK ca.html Show response
20766699p.rfihub.com/ Frame 0497 118 B
685 B 184ms
33ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20766699p.rfihub.com/ca.html?ver=9&ra=1501&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&pf=&ra=46146221657560305
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76

Request headers

Referer: https://www.gito.dyn-vpn.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 118
Content-Type: text/html;charset=utf-8
Date: Fri, 27 Oct 2023 18:18:14 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H/1.1 404
Not Found TMXProfile.jws Show response
www.gito.dyn-vpn.de/US/REST/ManageTMXProfile/ 1 KB
1010 B 128ms
127ms XHR
text/html 5.183.78.151
SBA-EDGE-JAX

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gito.dyn-vpn.de/US/REST/ManageTMXProfile/TMXProfile.jws
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/vendor.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.183.78.151 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software: nginx /
Resource Hash: ade1d74ee24b6ae92542242c5832681f8fc19e1b33351d979a5cc4386ccf58ea

Request headers

Accept: */*
Referer: https://www.gito.dyn-vpn.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 18:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 18:15:57 GMT
Server: nginx
ETag: W/"58c-608b6ae08a798"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 120ms
32ms Script
application/x-javascript 18.244.32.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.32.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-32-109.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 07:01:34 GMT
Content-Encoding: gzip
Via: 1.1 921e6774a0a03340050a53f58f35c090.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: CDG52-P5
Age: 40602
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: UEPoDGU_P3tsTiYAD2ss9NzoWqcj4XxZZmVcrPRYCVjAuBxBRt9uww==

GET
H2 200 / Show response
zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 148ms
48ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/7c8ae1f9c206930028672949c6703f6d.js?conditionId0=4849963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a82eb24aef9daa50e7cad0fe265b5068e139e254be99c72ea4645fa920601be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 85261
cf-polished: origSize=9155
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23c3-4sNkRRkkfWn1SOgbnMOWWkPWx5Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c3dde7905b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame 2EBC 0
98 B 233ms
135ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/f120449dcdb84c3b6d0f58c8b98ad8a3.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gito.dyn-vpn.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 27 Oct 2023 18:18:15 GMT
via: 1.1 google

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90ddfbcbfccf2ab2a98b3b7821747817dea2f337dade7b6d878e15527ac7b83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73356
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:14 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView
https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t

0
0

137ms
137ms

Image
text/html

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t
Protocol: HTTP/1.1
Server: 52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 27 Oct 2023 18:18:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K96T3Y1XV3W9ABPBK4GY
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?pid=c3702eea-109e-48b0-9ef4-c856bdd405e2&event=PageView&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 generic1588627126535.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 299 KB
57 KB 141ms
36ms Script
application/javascript 146.75.121.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1588627126535.js

Requested by

Host: www.gito.dyn-vpn.de
URL: https://www.gito.dyn-vpn.de/assets/js/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b1cd80c203dffe995ab2d8848a1bb69fb930324c94708ac2ea1131ef04b59fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: .FBDghEdwz4DnwF4I4Hxi.DFVmJ7phdr
content-encoding: gzip
via: 1.1 varnish
date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: WPXJVP3AD5NQG0RQ
age: 107150
x-cache: HIT
content-length: 57486
x-amz-id-2: LvhZhpfCdSUXn10cIsx0Z6q5cttmwGnrUtWSBW3Hz204dfakDk/AgarmxEmThlK2y0elj0lxbqk=
x-served-by: cache-fra-etou8220079-FRA
last-modified: Mon, 04 May 2020 21:18:47 GMT
server: AmazonS3
x-timer: S1698430695.054808,VS0,VE4
etag: "a76711eb84714e63baaa48e33dc158ab"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 3 KB
2 KB 93ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1698430695051&cv=11&fst=1698430695051&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v867929579&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-916451471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

301f9e55264f2f1f11a1b42ce09ab4aafbbb7588eb43063f7d2d2cee3dca158e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f34caf62a1720718cef530ecd210aa85235dd5eab331ea051ffccbdbf02c1ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73422
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 147 KB
56 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc2d7b57e12a4f1bc802a0c87bbf11c4d916dcde403cdf702fead91a038acdfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57297
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 147 KB
56 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9b492a7d97e80c88724338e93966cfb3393cf5ced0624ad18c81db201dae636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57186
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2c043be53be5a79403560148402b86330620afadceba07dae4c232d3ff765f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76737
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c707c519003b823a7c485cad4118ebb18139dc2b03383a453c32202eac3342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71888
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-819500023&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90753663c0d4d880cd91521a489940adca61b4f3a2b3f35d4f1c8d8aacd13e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73766
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 147 KB
56 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebd310f7438c28b0b9696105764c89ebc7b2069254ca22499ace6af2c1900a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57167
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fc151192ea63b726c947d13993a4586ae3a1fba01000c157a3fe8f8872f97bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73456
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11172302925&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e7afa4a0cd766d2b89e794f97f50ae486a8d3317c47f5cbfe2ba76905d8cad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74746
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 18:18:15 GMT

GET
H2 200 12.c374cce172555dcce9b4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 69 KB
21 KB 43ms
42ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=www.gito.dyn-vpn.de

Requested by

Host: zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
URL: https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a4b1e6d31c8d7ecb567310271ce420995a4fe8a4514aad38d24ad867a2ee9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 146566
cf-polished: origSize=71669
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"117f5-18b692edda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c45e7f905b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame AADF 0
60 B 140ms
44ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=https://www.gito.dyn-vpn.de/&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gito.dyn-vpn.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Fri, 27 Oct 2023 18:18:15 GMT
server: Kestrel

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 82ms
22ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js

Requested by

Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1588627126535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
via: 1.1 varnish
date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: XXFG1W2FZDJAWYW5
x-cache: HIT
content-length: 5197
x-amz-id-2: j1c1Xn5E9D8pUNpNN1FXb8pnCXjnV7C3XGIbqgKxwKNOdavDOfK+sxXdyAHik9aP79XBceH1OGg=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1698430695.187824,VS0,VE1
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 8 KB
2 KB 56ms
56ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3VI8kkudS0JJRFc&Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=www.gito.dyn-vpn.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8bd8bb0e7fadecabac2cbd2a8be0c8d5b803eba51933528c59727a16f82ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gito.dyn-vpn.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.gito.dyn-vpn.de
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: d2f1b9634e669d56
cf-ray: 81ccf0c4befe905b-FRA
timing-allow-origin: *

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1698430695155&cv=11&fst=1698430695155&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v890809048&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7077d33f3ff38807f17f43e4be67081d7f12d7b62a29900486b1d636fd4f123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 3 KB
2 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1698430695172&cv=11&fst=1698430695172&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v896983788&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fc25f5dfb32da5394d29a1fbc12961ffde3dc2c9ef0f8ac65777726451af202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 3 KB
2 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1698430695199&cv=11&fst=1698430695199&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dea76ba11cf29543b43b747498ccc0701d060402fca41f3e1f53747abd8bb2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ 3 KB
2 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1698430695214&cv=11&fst=1698430695214&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v868557816&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3de633505c3b8a0c499342360ae55c222794e7d314fd50f3f54cfb5d1b070e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1366
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11172302925/ 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11172302925/?random=1698430695234&cv=11&fst=1698430695234&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9136005172&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11172302925&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcca88b9edb04c2e6ce3a16ecb019caa067c11e85b685fcf0235b2414190f798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1366
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1698430695253&cv=11&fst=1698430695253&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9103109856&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

824588b9bfab5dfc9a08386c193cc7afa60154b64f0fc62938a91b3cb2c58b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/ 3 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1698430695275&cv=11&fst=1698430695275&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v891068819&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10955006959&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb20b0bb013d90cbe9f7d7d30ffe7a226d8da4621fcf0abc2f5257713c58b7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1698430695296&cv=11&fst=1698430695296&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ded0845199a27cf0da38af1badec63255203dc92127e3f1c5a5b71f50bc1e14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ 3 KB
1 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1698430695315&cv=11&fst=1698430695315&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9103212889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&hn=www.googleadservices.com&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&auid=250702508.1698430694&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-819500023&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc4eb34a1bb85821d82d012b6210e135ccf4dcb4cc7059d21cb49e6cbdecda47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1698430695051&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v867929579&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3912132901&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
108 B 108ms
36ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1698430695051&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v867929579&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3912132901&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 103 KB
32 KB 44ms
44ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=www.gito.dyn-vpn.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215366847ff8d79401b56082e1ac062ae85e43909ecbdd902b69310f491ec042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 146556
cf-polished: origSize=105749
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19d15-18b692edda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c5d85d905b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H3 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
64 B 35ms
35ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1698430695155&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v890809048&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=291547944&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975701947/ 42 B
108 B 95ms
37ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975701947/?random=1698430695155&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v890809048&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=291547944&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 170ms
113ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuMTE3IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTg0MzA2OTUzNDEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjcyNWJiN2FiNWYyLTBlMzQ1YjVmNDIyOTFmLTY4M2E1YzVhLTFkNGMwMC0xOGI3MjViYjdhYzI4YSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL3d3dy5naXRvLmR5bi12cG4uZGUvIiwid2Vic2l0ZUlkIjogNTAsImZlZWRiYWNrX3V1aWQiOiBudWxsLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJlMmUzLTYzZDctMzY2Yi1iODViLWQxNWItZGE3Yy0yNTEyLThjMTQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5ODQzMDY5NTEyMiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAyODIsImthbXB5bGVfdmVyc2lvbiI6ICIwLjAuMC4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjk4NDMwNjk1MTI1LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-pqt7
date: Fri, 27 Oct 2023 18:18:15 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H3 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
64 B 34ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1698430695172&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v896983788&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=122932699&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/644574043/ 42 B
108 B 93ms
41ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/644574043/?random=1698430695172&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v896983788&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=122932699&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
64 B 37ms
35ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1698430695199&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1456771736&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/960621875/ 42 B
108 B 87ms
35ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960621875/?random=1698430695199&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1456771736&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
64 B 38ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1698430695214&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v868557816&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4278746644&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/959299794/ 42 B
455 B 86ms
35ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/959299794/?random=1698430695214&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v868557816&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4278746644&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11172302925/ 42 B
64 B 40ms
38ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11172302925/?random=1698430695234&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9136005172&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3882234021&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11172302925/ 42 B
108 B 87ms
36ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11172302925/?random=1698430695234&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9136005172&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3882234021&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1698430695253&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9103109856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3792210738&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/830907969/ 42 B
108 B 34ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830907969/?random=1698430695253&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9103109856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3792210738&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10955006959/ 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10955006959/?random=1698430695275&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v891068819&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2924017698&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10955006959/ 42 B
108 B 34ms
34ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10955006959/?random=1698430695275&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v891068819&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2924017698&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1698430695296&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4119229694&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/695231162/ 42 B
108 B 37ms
37ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695231162/?random=1698430695296&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4119229694&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7.5ccfa63c1a40bc213c6e.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 51ms
51ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.5ccfa63c1a40bc213c6e.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
URL: https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8484d229a52fd1e7f5be1a24c2bc90fb6ec6b11c9e6d22c41c7bba238a804b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 146564
cf-polished: origSize=2904
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b58-18b692edda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c658da905b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.53cfb5f19d9d4b3a8cae.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 42ms
41ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.53cfb5f19d9d4b3a8cae.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
URL: https://zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3VI8kkudS0JJRFc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eaed4de66894ab72b75ae8adf3dce33b96acfb1db8819c788eeec495120b3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 146554
cf-polished: origSize=29370
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72ba-18b692edda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c658dc905b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 63 KB
23 KB 46ms
45ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=www.gito.dyn-vpn.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eaa61116a44b60d15c87e58db63270223e677db1d546e128906d77d11c8a572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 146503
cf-polished: origSize=65278
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"fefe-18b692edda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c6892b905b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 10 KB
1 KB 203ms
153ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0AioryRkl8bxHM2&Version=25&Q_ORIGIN=https://www.gito.dyn-vpn.de&Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=www.gito.dyn-vpn.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b99a4e92de3333bf62e8c2766dc1a880f1c19308c1591d2516974f6369b721a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

servershortname
date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 Oct 2023 18:18:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c6ae8abb80-FRA
expires: Mon, 24 Oct 2033 18:18:15 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 200ms
151ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6sPqDX4wKQujPO6&Version=9&Q_InterceptID=SI_0AioryRkl8bxHM2&Q_ORIGIN=https://www.gito.dyn-vpn.de&Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=www.gito.dyn-vpn.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

566095a5f65029a8730735e82ff6cf43336a92723d96484db740011b88467aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

servershortname
date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 Oct 2023 18:18:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 81ccf0c6ae8fbb80-FRA
expires: Mon, 24 Oct 2033 18:18:15 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1698430695315&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9103212889&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3538123588&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819500023/ 42 B
108 B 35ms
34ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819500023/?random=1698430695315&cv=11&fst=1698429600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9103212889&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gito.dyn-vpn.de%2F&frm=0&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3538123588&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 18:18:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Graphic.php
iad1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
3 KB 178ms
41ms Image
image/png 23.52.120.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iad1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_2ghDuHHjeSOirNc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-13.deploy.static.akamaitechnologies.com

Software

Resource Hash

25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=feedback.png
content-length: 2196
x-request-id: e692a098-6603-470d-9269-df0ceeec341d
referrer-policy: strict-origin-when-cross-origin
etag: "e6ed675f115fb1568bb1aabc00aa3f30"
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 404a7797-0ac7-4613-9a32-cc86ba21e414
cache-control: public, max-age=42
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Fri, 27 Oct 2023 18:18:57 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
209 B 58ms
57ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6sPqDX4wKQujPO6&Q_SIID=SI_0AioryRkl8bxHM2&Q_ASID=AS_07210024&Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&r=1698430695794

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=citifeedback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gito.dyn-vpn.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gito.dyn-vpn.de
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 9087c28adedb6168
cf-ray: 81ccf0c8ca2ebb80-FRA

GET
H2 200 wr-dialog-close-btn-white.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 254 B
525 B 40ms
40ms Image
image/png 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gito.dyn-vpn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Thu, 28 Apr 2033 19:51:43 GMT
date: Fri, 27 Oct 2023 18:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15459991
cf-polished: origSize=759
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 254
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Apr 2023 16:10:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, public
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
cf-ray: 81ccf0c8cbf8905b-FRA
trace-id: ec5f573dca47334d
servershortname

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: resources.digital-cloud-citi.medallia.com
URL: http://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1588627126535.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gito.dyn-vpn.de/	1970-01-20 15:47:12	Name: 7830 Value: error
www.gito.dyn-vpn.de/	1970-01-20 15:47:12	Name: 7018 Value:
www.gito.dyn-vpn.de/	1970-01-20 17:56:46	Name: 64072 Value:
.gito.dyn-vpn.de/	1970-01-20 17:56:46	Name: _gcl_au Value: 1.1.250702508.1698430694
www.gito.dyn-vpn.de/	1970-01-21 00:32:46	Name: count Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMje3NLYwsDAzNxPiM9QNK9cNLHN0S7fMrQoBAA5ZcrAlAAAA
.rfihub.com/	1970-01-21 01:08:46	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMje3NLYwsDAzNxPiM9QNK9cNLHN0S7fMrQoBAA5ZcrAlAAAA
www.gito.dyn-vpn.de/	1970-01-21 00:32:46	Name: kampyle_userid Value: e2e3-63d7-366b-b85b-d15b-da7c-2512-8c14
www.gito.dyn-vpn.de/	1970-01-21 00:32:46	Name: kampyleUserSession Value: 1698430695122
www.gito.dyn-vpn.de/	1970-01-21 00:32:46	Name: kampyleUserSessionsCount Value: 1
www.gito.dyn-vpn.de/	1970-01-21 00:32:46	Name: kampyleSessionPageCounter Value: 1
.doubleclick.net/	1970-01-21 01:08:46	Name: IDE Value: AHWqTUlBBww6O5nPS8fGVVQNmFXKQ7ybufeUhJtU5XBM6CMYcTYCxiVQx43sdBkt
.gito.dyn-vpn.de/	1970-01-21 00:32:46	Name: cd_user_id Value: 18b725bb7ab5f2-0e345b5f42291f-683a5c5a-1d4c00-18b725bb7ac28a
.amazon-adsystem.com/	1970-01-20 21:44:17	Name: ad-id Value: A9sRCtlH9EjDjFgQdvVLtoM
.amazon-adsystem.com/	1970-01-21 01:23:10	Name: ad-privacy Value: 0

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/JRS/banners/hero_background/HP3443_H.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/assets/css/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://www.gito.dyn-vpn.de/ Message: Mixed Content: The page at 'https://www.gito.dyn-vpn.de/' was loaded over HTTPS, but requested an insecure script 'http://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1588627126535.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.gito.dyn-vpn.de/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-blue-sm-bold.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/GFC/branding/img/Citi-Branding-Sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-white-sm-bold.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/GFC/branding/olab/images/oo_icon_retina.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gito.dyn-vpn.de/assets/js/vendor.js(Line 1) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20766699p.rfihub.com
c1.rfihub.net
cse.google.com
googleads.g.doubleclick.net
iad1.qualtrics.com
insight.adsrvr.org
js.adsrvr.org
nebula-cdn.kampyle.com
nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
s.amazon-adsystem.com
siteintercept.qualtrics.com
sr.rlcdn.com
udc-neb.kampyle.com
www.gito.dyn-vpn.de
www.google.com
www.google.de
www.googletagmanager.com
zn3vi8kkuds0jjrfc-citifeedback.siteintercept.qualtrics.com
resources.digital-cloud-citi.medallia.com
104.17.209.240
146.75.121.230
15.197.193.217
151.101.129.175
18.244.32.109
193.0.160.131
23.52.120.13
2600:9000:244f:a000:1:76cf:fe80:93a1
2600:9000:25a2:2600:2:8f43:5780:93a1
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
35.190.60.146
35.241.45.82
5.183.78.151
52.46.151.131
002aa80921e64c4904cc16be24d02b0045ab8eb6cc214d75827209ef490c99d9
06d733b09a9fccaa6b2c7ee0e8c9002f782366cbd16f1204e14c43e803d61051
0fc151192ea63b726c947d13993a4586ae3a1fba01000c157a3fe8f8872f97bc
13a59cfac1785dd94d0005457ed1e12cf77fee65b975fe6fd91af77b7ac6cd77
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b
1df25d4bd4693b4d105b6aa0bbe82a9cb141b9db9e1285b4e0610ea53e378bc9
1eaa61116a44b60d15c87e58db63270223e677db1d546e128906d77d11c8a572
215366847ff8d79401b56082e1ac062ae85e43909ecbdd902b69310f491ec042
23304e9ae5b04a60edeb8a18d67e2de3a37fe961b02ee5d4db9a18493fd85641
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
28ed03348ecd4e811e347dd5d2cdca0992ef24ea739c5335fa7932212012d7a4
2aab6ad3aeb24b7e510db5e4f85271e18bbbacbc6b6cd2f43884e84b4e3e1cb3
2eaed4de66894ab72b75ae8adf3dce33b96acfb1db8819c788eeec495120b3c8
301f9e55264f2f1f11a1b42ce09ab4aafbbb7588eb43063f7d2d2cee3dca158e
3556b4fa28a41290454dc84939dae439fcf5bda8a1eac70efdf2647bf041d43d
37982a5a5ed362021ddfd115fff9acc3a40902985e75997f9941a4119bb327b7
3de633505c3b8a0c499342360ae55c222794e7d314fd50f3f54cfb5d1b070e83
3e695fed650ef2d51b3a9ea19e0704563eb464d574a9001819c6690c4011065d
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
3fd2b0aa0a6e37fe3508c7431b402fdb204d6b4b732c40efce2e9b81994edaf6
429d8af3190c76d5fcb9b1cad2aa6eb555684921323da905d62017fbdbf557c6
4b99a4e92de3333bf62e8c2766dc1a880f1c19308c1591d2516974f6369b721a
529758e20c8ebb694dffc8a7e07bb64d0ed8a8c6332951678e900c5526c4c019
54560013cd655b630008e3cddb9cc126bbb525f6cc0b13829febad9e898bc5b8
566095a5f65029a8730735e82ff6cf43336a92723d96484db740011b88467aa1
595a49688d9a0c821fc41be0ab4c3bd78bf556326b763fa6897d8987d465f68e
5dce22a7d1f6e43d9aaa25eda1ead11f8c97ec10546e594158ba181586ce3507
61eb6e3a621d1621e6fb229128f863795e9d9b7bf80fb76eec9a7d70fde09e41
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
640a8c2b98f9829a9cbfb20b45aeb134a040bf8046af794ffbde45dc922a3237
6760594aa8fbe2dd284fc03e235e335d0f351a2d58ea73dc00f2d44b427bffb6
6a82eb24aef9daa50e7cad0fe265b5068e139e254be99c72ea4645fa920601be
6ac96b163ba39bb851b6102547c787667532d192a334b3c8915a79c21e69cccb
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
6e101c9ff1fbc70e536447c9a8b7bc78c622fdac1c8b877746cdc2632e215b0f
771c92ecc9167287111bc793f6392bfb0dc8a51a830b497f7591e6d3493fc1fc
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
7b1cd80c203dffe995ab2d8848a1bb69fb930324c94708ac2ea1131ef04b59fc
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fc25f5dfb32da5394d29a1fbc12961ffde3dc2c9ef0f8ac65777726451af202
824588b9bfab5dfc9a08386c193cc7afa60154b64f0fc62938a91b3cb2c58b90
8484d229a52fd1e7f5be1a24c2bc90fb6ec6b11c9e6d22c41c7bba238a804b38
884ce03179655bd36814c10c17b958a630816496903dcc486cd8b8af6b7cf604
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8c707c519003b823a7c485cad4118ebb18139dc2b03383a453c32202eac3342f
8e7afa4a0cd766d2b89e794f97f50ae486a8d3317c47f5cbfe2ba76905d8cad9
90753663c0d4d880cd91521a489940adca61b4f3a2b3f35d4f1c8d8aacd13e0d
90ddfbcbfccf2ab2a98b3b7821747817dea2f337dade7b6d878e15527ac7b83f
9316cfe82231e58622ce9789f58a4d41b83a59cd9428b78bd57d24cb798c6868
9a74546a8f511f31b5252f115d2db7aa69370ca5eeaf6828f60abb197f35a169
9b6d7a7322e7084c84a1c11877b16013be3cf09fc66f66bd2289d84e233dc5c7
9bd5fc47a9ab460113d2fe800ed4bdc54402510aca539fc01c07300f6b0bd030
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda
a7077d33f3ff38807f17f43e4be67081d7f12d7b62a29900486b1d636fd4f123
a942a692f05cd1165e80681639b9b936a4498ebab2432dd3288f104383ce7cc6
ac64f72f59033d13cf387598795ebb1f29bf16eb9dfff4cd6b51b1ecd698241f
ade1d74ee24b6ae92542242c5832681f8fc19e1b33351d979a5cc4386ccf58ea
b1eb1390323be6154cc95a3e0ab274e57f852eaa44fe63d98ae7bd015b40b69d
b81c40d26fc71a79f47e28b43f4f3818f871c8d0ad99f52e35bcab45b8514a33
bb20b0bb013d90cbe9f7d7d30ffe7a226d8da4621fcf0abc2f5257713c58b7ef
bf39c7a23da56a09d7fba494ab7a46604dc02a19fabfaf8d4c3ab6629aad0692
c1b2b4a37540785070bab0a31d83f86e5cb405934197e420c4227eb261cb4bad
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
c578d5dd46141c97250868ebe46a052753844cba491a0681bdccccb8ce0945a5
c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
cc4eb34a1bb85821d82d012b6210e135ccf4dcb4cc7059d21cb49e6cbdecda47
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
ceea4b127ee103112be56a927532c4716f9e606c61a56fce9c21e1faf25f0597
d7a4b1e6d31c8d7ecb567310271ce420995a4fe8a4514aad38d24ad867a2ee9a
dc2d7b57e12a4f1bc802a0c87bbf11c4d916dcde403cdf702fead91a038acdfb
dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876
dc8bd8bb0e7fadecabac2cbd2a8be0c8d5b803eba51933528c59727a16f82ac8
dcca88b9edb04c2e6ce3a16ecb019caa067c11e85b685fcf0235b2414190f798
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddfc50334e444d16f275b7a81eb09c83ddd05bf00a3d47bef2d878671244f2f4
dea76ba11cf29543b43b747498ccc0701d060402fca41f3e1f53747abd8bb2c5
ded0845199a27cf0da38af1badec63255203dc92127e3f1c5a5b71f50bc1e14f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b492a7d97e80c88724338e93966cfb3393cf5ced0624ad18c81db201dae636
ebd310f7438c28b0b9696105764c89ebc7b2069254ca22499ace6af2c1900a9d
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470
f2c043be53be5a79403560148402b86330620afadceba07dae4c232d3ff765f3
f34caf62a1720718cef530ecd210aa85235dd5eab331ea051ffccbdbf02c1ff7
f35167f960fb0ce996db66bdfc5723771a4acc8e7206b282e7dfaa8c2ca81e3b
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
fb42046c6feabb3126634752069391d76d8ded5770a936eb1ce0cdd6aa7358b9

www.gito.dyn-vpn.de Open in urlscan Pro 5.183.78.151 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

39 %IPv6

14 Domains

19 Subdomains

19 IPs

3 Countries

2973 kBTransfer

7853 kBSize

15 Cookies

58 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gito.dyn-vpn.de Open in urlscan Pro
5.183.78.151 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

39 %
IPv6

14
Domains

19
Subdomains

19
IPs

3
Countries

2973 kB
Transfer

7853 kB
Size

15
Cookies

130 HTTP transactions
0 data transactions