www.na-citiprepaid-salaryatsea.online Open in urlscan Pro
2a02:4780:dead:ce39::1  Public Scan

URL: https://www.na-citiprepaid-salaryatsea.online/
Submission: On February 22 via manual from US

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 40 HTTP transactions. The main IP is 2a02:4780:dead:ce39::1, located in Lithuania and belongs to AWEX, US. The main domain is www.na-citiprepaid-salaryatsea.online.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on June 13th 2018. Valid for: a year.
This is the only time www.na-citiprepaid-salaryatsea.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2a02:4780:dea... 204915 (AWEX)
17 204.141.49.30 2914 (NTT-COMMU...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
40 3
Domain Requested by
22 www.na-citiprepaid-salaryatsea.online www.na-citiprepaid-salaryatsea.online
17 login.wirecard.com www.na-citiprepaid-salaryatsea.online
1 cdn.000webhost.com www.na-citiprepaid-salaryatsea.online
40 3

This site contains links to these domains. Also see Links.

Domain
login.wirecard.com
www.wirecard.us
www.000webhost.com
Subject Issuer Validity Valid
*.000webhostapp.com
RapidSSL TLS RSA CA G1
2018-06-13 -
2019-06-13
a year crt.sh
www.login.wirecard.com
DigiCert Global CA G2
2019-01-25 -
2021-01-25
2 years crt.sh
*.000webhost.com
COMODO RSA Domain Validation Secure Server CA
2018-10-19 -
2020-12-17
2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.na-citiprepaid-salaryatsea.online/
Frame ID: 1395A6CFC5D4F8A51CDF32DF1D48EFD8
Requests: 40 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

40
Requests

45 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

179 kB
Transfer

293 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.na-citiprepaid-salaryatsea.online/
29 KB
7 KB
Document
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
1dd5f645efb3d74cbce3ffc64b0740369e5ff8ef66a6e452244cacf79834ed37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.na-citiprepaid-salaryatsea.online
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 22 Feb 2019 09:41:06 GMT
content-type
text/html; charset=UTF-8
server
awex
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
9066118374482ca8a7722a3b8f1a2092
content-encoding
gzip
jquery-new.js
login.wirecard.com/xContent/content/op/j/
85 KB
30 KB
Script
General
Full URL
https://login.wirecard.com/xContent/content/op/j/jquery-new.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 22 May 2017 08:17:42 GMT
Server
Microsoft-IIS/8.5
ETag
"01713e2d3d2d21:0"
X-Frame-options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
30217
sw.css
login.wirecard.com/xContent/content/op/c/
40 KB
9 KB
Stylesheet
General
Full URL
https://login.wirecard.com/xContent/content/op/c/sw.css
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
2370732a156a968661f91dfba46adc245ea58cfdc93bc05c45a0e196872cb3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 Apr 2018 15:35:58 GMT
Server
Microsoft-IIS/8.5
ETag
"0c3551babdcd31:0"
X-Frame-options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
9000
partner.css
login.wirecard.com/xContent/content/rccl/c/
5 KB
6 KB
Stylesheet
General
Full URL
https://login.wirecard.com/xContent/content/rccl/c/partner.css
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
5d005e131f5ea560cb4af210a15cee22fc88fb442037fc80bb156e9a89de51e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Sep 2017 15:07:36 GMT
Server
Microsoft-IIS/8.5
ETag
"06cebddd82bd31:0"
X-Frame-options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
5604
niftycube.js
login.wirecard.com/xContent/content/op/j/
9 KB
3 KB
Script
General
Full URL
https://login.wirecard.com/xContent/content/op/j/niftycube.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1b878d72995050c82973b146fee4642c234e396c0c57e2467e8e26f7215bde8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2012 13:46:02 GMT
Server
Microsoft-IIS/8.5
ETag
"09e5392138cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2779
niftyLayout.js
login.wirecard.com/xContent/content/op/j/
474 B
771 B
Script
General
Full URL
https://login.wirecard.com/xContent/content/op/j/niftyLayout.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
d77628d93eb16fa2fcf16e51d21d6815c85d96ba8120edfbd2876afe8016da3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2012 13:46:02 GMT
Server
Microsoft-IIS/8.5
ETag
"09e5392138cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
474
layers.js
login.wirecard.com/xContent/content/op/j/
6 KB
1 KB
Script
General
Full URL
https://login.wirecard.com/xContent/content/op/j/layers.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
4deea112d4fa663b5ac8f9758746409d57b7ddeea89323fd175d1aa5f8a667fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2012 13:46:02 GMT
Server
Microsoft-IIS/8.5
ETag
"09e5392138cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1142
switch.js
login.wirecard.com/xContent/content/op/j/
701 B
998 B
Script
General
Full URL
https://login.wirecard.com/xContent/content/op/j/switch.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b855be742958956f4ecee4bc3dc06920b51a468729e65ca7930509254112e61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2012 13:46:02 GMT
Server
Microsoft-IIS/8.5
ETag
"09e5392138cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
701
tokenprocessor.js
www.na-citiprepaid-salaryatsea.online/scripts/js/common/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/common/tokenprocessor.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/common/tokenprocessor.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
51c896d829d0ea88afec99f5e3763947
commonva.js
www.na-citiprepaid-salaryatsea.online/scripts/js/common/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/common/commonva.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/common/commonva.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
4616b1ee79e89a2416e65b8c6c9f0fba
default-partner.gif
login.wirecard.com/xContent/content/rccl/i/
12 KB
12 KB
Image
General
Full URL
https://login.wirecard.com/xContent/content/rccl/i/default-partner.gif
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
929553d37dbb4432c2d6a60ad862c66bf9ea6e4354c98f6d001b3f1f851ebc2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 Dec 2012 17:52:19 GMT
Server
Microsoft-IIS/8.5
ETag
"80b2427fdccd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
11930
rccl-card.jpg
login.wirecard.com/xContent/content/rccl/i/
71 KB
71 KB
Image
General
Full URL
https://login.wirecard.com/xContent/content/rccl/i/rccl-card.jpg
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
69abe58ba9a167728a0e32cc04e1162a435c1f3c23bf89e0ab1fc60395956be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Jan 2018 21:01:24 GMT
Server
Microsoft-IIS/8.5
ETag
"06a36524499d31:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
72918
AC_OETags.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/AC_OETags.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/AC_OETags.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
0c31e67e8b6c9231e9e41732859299af
security.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/security.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/security.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
b8bcbe0568b7265d280c25440401fde0
hashtable.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/hashtable.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/hashtable.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
a38767e045ea9a56bfcb81d0e9853951
rsa.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/rsa.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/rsa.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
32f57c292c22751f28798373f866859f
common.js
www.na-citiprepaid-salaryatsea.online/scripts/js/common/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/common/common.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/common/common.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
865cbeb241053840042c940bd36e63b0
card-exp.gif
login.wirecard.com/xContent/content/op/i/
9 KB
9 KB
Image
General
Full URL
https://login.wirecard.com/xContent/content/op/i/card-exp.gif
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c0dba0a57004561ffc4ac16a986f01a3df1dbfa7181f2c3e0c8c4e33993218ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2012 13:45:56 GMT
Server
Microsoft-IIS/8.5
ETag
"08251362138cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
8777
simpleCaptcha.png
www.na-citiprepaid-salaryatsea.online/
9 KB
9 KB
Image
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/simpleCaptcha.png
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
ce51c1a976844d8983f39a905b26411f6f53392d43a109639b9ee3e7ac0c90af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/simpleCaptcha.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
8abdb12ddc9166ac845c190f8fb174ff
refresh.png
login.wirecard.com/xContent/content/op/i/
832 B
1 KB
Image
General
Full URL
https://login.wirecard.com/xContent/content/op/i/refresh.png
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
29bd1c38eac0fe866ac0d9ecf82beb2733a74a567c04ffaab3dc069644b59590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 Sep 2012 11:01:42 GMT
Server
Microsoft-IIS/8.5
ETag
"0af8fc8c95cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
832
login-new.gif
login.wirecard.com/xContent/content/op/i/
1 KB
2 KB
Image
General
Full URL
https://login.wirecard.com/xContent/content/op/i/login-new.gif
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b07f051617d90d44328457b84da2e10f7e8ee49ac31685e99c184524cf7a4473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Jan 2017 22:03:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0d0dbfd6873d21:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1358
user.gif
login.wirecard.com/xContent/content/op/i/
81 B
365 B
Image
General
Full URL
https://login.wirecard.com/xContent/content/op/i/user.gif
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
3933dbae00516a2490e3cae73851a9c78c0032003ca0afe8eb77783271969506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 May 2016 19:28:24 GMT
Server
Microsoft-IIS/8.5
ETag
"0bceb1ca9afd11:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
81
login-reward.gif
login.wirecard.com/xContent/content/op/i/
1 KB
2 KB
Image
General
Full URL
https://login.wirecard.com/xContent/content/op/i/login-reward.gif
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
8fe86683b6cb60c2a00a65fd4eb014208471c8018f53300301c72da21da2f95c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Jan 2017 22:08:50 GMT
Server
Microsoft-IIS/8.5
ETag
"08552c76973d21:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1385
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/
2 KB
2 KB
Image
General
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:442e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2046
status
200
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj
imgq:100
x-hostinger-datacenter
srv
content-length
1696
last-modified
Thu, 21 Feb 2019 12:54:17 GMT
server
cloudflare
etag
"5c6e9f79-7fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn1
accept-ranges
bytes
cf-ray
4ad07eca0a4f96a6-FRA
expires
Fri, 22 Feb 2019 13:41:08 GMT
print.css
login.wirecard.com/xContent/content/op/c/
1 KB
2 KB
Stylesheet
General
Full URL
https://login.wirecard.com/xContent/content/op/c/print.css
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
758261326eeb250973137caa9168671c607cdcbb01a7d7f231f3a6b488a309f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2012 13:45:14 GMT
Server
Microsoft-IIS/8.5
ETag
"0d1481d2138cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1295
tokenprocessor.js
www.na-citiprepaid-salaryatsea.online/scripts/js/common/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/common/tokenprocessor.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/common/tokenprocessor.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
c440aefe399742504557381a08725dbc
commonva.js
www.na-citiprepaid-salaryatsea.online/scripts/js/common/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/common/commonva.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/common/commonva.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
626bc3411d057fed5f2b17b914477215
AC_OETags.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/AC_OETags.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/AC_OETags.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
589c7326a7f07f66ef37c28f64a1adc4
bg-communication.gif
login.wirecard.com/xContent/content/op/i/
100 B
385 B
Image
General
Full URL
https://login.wirecard.com/xContent/content/op/i/bg-communication.gif
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
133ffba3c6d5383813eeabf52b44c086aa10424d60ae15f3fd5952972cb0b904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.wirecard.com/xContent/content/op/c/sw.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2012 13:45:58 GMT
Server
Microsoft-IIS/8.5
ETag
"0af82372138cd1:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
100
security.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/security.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/security.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
ef854910191c3e3a9499566d87ab8db4
hashtable.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/hashtable.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/hashtable.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
549fcfd5c3f0b5b49e34a2b5d0fc02b6
rsa.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/rsa.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/rsa.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
f2b97d4378ebdb1d0d56397ee49b2b8d
common.js
www.na-citiprepaid-salaryatsea.online/scripts/js/common/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/common/common.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/common/common.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
6745eaf5a7a16b089619393b4025d298
hashtable.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/hashtable.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/hashtable.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
d6486389ae14389e2cf8275c817b6d19
rsa.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/rsa.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/rsa.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
f362b1ee9d22738f65921e6df35d37f8
AC_OETags.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/AC_OETags.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/AC_OETags.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
31643eb94617556723f00bf656697674
security.js
www.na-citiprepaid-salaryatsea.online/scripts/js/security/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/security/security.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/security/security.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
7c2f17669aaab627e616f68f77668697
common.js
www.na-citiprepaid-salaryatsea.online/scripts/js/common/
0
0
Script
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/scripts/js/common/common.js
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/js/common/common.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
b0d72f9f35259bca623cf57e48f3fd3a
simpleCaptcha.png
www.na-citiprepaid-salaryatsea.online/
9 KB
9 KB
Image
General
Full URL
https://www.na-citiprepaid-salaryatsea.online/simpleCaptcha.png
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:ce39::1 , Lithuania, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
ce51c1a976844d8983f39a905b26411f6f53392d43a109639b9ee3e7ac0c90af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/simpleCaptcha.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.na-citiprepaid-salaryatsea.online
referer
https://www.na-citiprepaid-salaryatsea.online/
:scheme
https
:method
GET
Referer
https://www.na-citiprepaid-salaryatsea.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 09:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
x-request-id
51eb7ab0252c06c3f5ba10b5dc466bd8
default-footer.gif
login.wirecard.com/xContent/content/op/i/
2 KB
3 KB
Image
General
Full URL
https://login.wirecard.com/xContent/content/op/i/default-footer.gif
Requested by
Host: www.na-citiprepaid-salaryatsea.online
URL: https://www.na-citiprepaid-salaryatsea.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1760462baef734bd33fc41b1c4da2d7f9601eaa0e859451536ad80d3e0815f51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.wirecard.com/xContent/content/op/c/sw.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 09:41:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Dec 2016 21:33:20 GMT
Server
Microsoft-IIS/8.5
ETag
"0509187d150d21:0"
X-Frame-options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2405

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| windowOnLoad function| $ function| jQuery function| niftyOk boolean| niftyCss object| oldonload function| AddCss function| Nifty function| Rounded function| AddTop function| AddBottom function| CreateStrip function| CreateEl function| FixIE function| SameHeight function| getElementsBySelector function| getParentBk function| getBk function| getPadding function| getStyleProp function| rgb2hex function| Mix function| NiftyLoad function| myVoid function| toggleLayer function| disableButtons function| hideLayers function| displayLayers function| disableLayers function| enableLayers function| hideAndDisplayLayers function| formSubmitOnce function| hide2AndDisplayLayers function| disableButtonsTimer function| enableProgramSelection function| display function| hide function| isDisplayed function| toggle function| closer function| selectLanguage function| replaceQueryString string| flashMovie string| flashVars function| refreshData function| changeCountry

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://login.wirecard.com/xContent/content/op/j/jquery-new.js(Line 2)
Message:
jQuery.Deferred exception: addtoken is not defined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.000webhost.com
login.wirecard.com
www.na-citiprepaid-salaryatsea.online
204.141.49.30
2606:4700:10::6814:442e
2a02:4780:dead:ce39::1
133ffba3c6d5383813eeabf52b44c086aa10424d60ae15f3fd5952972cb0b904
1760462baef734bd33fc41b1c4da2d7f9601eaa0e859451536ad80d3e0815f51
1b878d72995050c82973b146fee4642c234e396c0c57e2467e8e26f7215bde8f
1dd5f645efb3d74cbce3ffc64b0740369e5ff8ef66a6e452244cacf79834ed37
2370732a156a968661f91dfba46adc245ea58cfdc93bc05c45a0e196872cb3b3
29bd1c38eac0fe866ac0d9ecf82beb2733a74a567c04ffaab3dc069644b59590
3933dbae00516a2490e3cae73851a9c78c0032003ca0afe8eb77783271969506
4deea112d4fa663b5ac8f9758746409d57b7ddeea89323fd175d1aa5f8a667fd
5d005e131f5ea560cb4af210a15cee22fc88fb442037fc80bb156e9a89de51e3
69abe58ba9a167728a0e32cc04e1162a435c1f3c23bf89e0ab1fc60395956be9
758261326eeb250973137caa9168671c607cdcbb01a7d7f231f3a6b488a309f6
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8fe86683b6cb60c2a00a65fd4eb014208471c8018f53300301c72da21da2f95c
929553d37dbb4432c2d6a60ad862c66bf9ea6e4354c98f6d001b3f1f851ebc2f
b07f051617d90d44328457b84da2e10f7e8ee49ac31685e99c184524cf7a4473
b855be742958956f4ecee4bc3dc06920b51a468729e65ca7930509254112e61e
c0dba0a57004561ffc4ac16a986f01a3df1dbfa7181f2c3e0c8c4e33993218ed
ce51c1a976844d8983f39a905b26411f6f53392d43a109639b9ee3e7ac0c90af
d77628d93eb16fa2fcf16e51d21d6815c85d96ba8120edfbd2876afe8016da3c