z5h64q92x9.net Open in urlscan Pro
2a02:6b8::1:193 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
Submission: On May 18 via manual (May 18th 2022, 9:46:01 am UTC) from LV — Scanned from DE

Summary HTTP 44 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 44 HTTP transactions. The main IP is 2a02:6b8::1:193, located in Moscow, Russian Federation and belongs to GLOBAL_DC, FI. The main domain is z5h64q92x9.net. The Cisco Umbrella rank of the primary domain is 57365.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 17th 2022. Valid for: 6 months.

This is the only time z5h64q92x9.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banka Citadele (Banking)

Domain & IP information

	IP Address	AS Autonomous System
6	2a02:6b8::1:193 2a02:6b8::1:193	208722 (GLOBAL_DC) (GLOBAL_DC)
7	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2	193.178.178.229 193.178.178.229	16279 (AS16279_C...) (AS16279_CITADELE AS will be used to provide connectivity)
13	91.235.133.182 91.235.133.182	30286 (THM) (THM)
3	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::194 2a02:6b8::194	208722 (GLOBAL_DC) (GLOBAL_DC)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
44	9

6 2a02:6b8::1:193 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

z5h64q92x9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.178.178.229 (Riga, Latvia)

ASN16279 (AS16279_CITADELE AS will be used to provide connectivity, LV)
PTR: online.citadele.lv

online.citadele.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.133.182 (United States)

ASN30286 (THM, US)

content.citadele.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::194 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

translate.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	citadele.lv online.citadele.lv content.citadele.lv	255 KB
7	yastatic.net yastatic.net — Cisco Umbrella Rank: 6107	68 KB
6	z5h64q92x9.net z5h64q92x9.net — Cisco Umbrella Rank: 57365	227 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 3496 aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net	17 KB
3	yandex.ru yandex.ru — Cisco Umbrella Rank: 1392	1 KB
2	yandex.net translate.yandex.net — Cisco Umbrella Rank: 31548	2 KB
0	Failed function sub() { [native code] }. Failed
44	7

	Domain	Requested by
13	content.citadele.lv	z5h64q92x9.net content.citadele.lv
7	yastatic.net	z5h64q92x9.net
6	z5h64q92x9.net	z5h64q92x9.net
4	h.online-metrix.net	1 redirects content.citadele.lv
3	yandex.ru	z5h64q92x9.net
2	translate.yandex.net	yastatic.net
2	online.citadele.lv	z5h64q92x9.net online.citadele.lv
1	aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	content.citadele.lv
44	9

This site contains links to these domains. Also see Links.

Domain
translate.yandex.com
yandex.com
online.citadele.lv

Subject Issuer	Validity	Valid
z5h64q92x9.net GlobalSign RSA OV SSL CA 2018	`2022-04-17` - `2022-10-16`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
online.citadele.lv DigiCert TLS RSA SHA256 2020 CA1	`2021-06-15` - `2022-07-16`	a year	crt.sh
content.citadele.lv Sectigo RSA Domain Validation Secure Server CA	`2022-02-14` - `2023-03-17`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
translate.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-05-03` - `2022-10-07`	5 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
Frame ID: 9E3F9DD6DD155DBC1B3180424B873249
Requests: 31 HTTP requests in this frame

Frame: https://content.citadele.lv/5NNcWzHoF35aCtSc?dae7c6cc0a9869d3=jttvp7-ILW6UXoyvLtSfmXF5UUkId4mXFpnJaz3N9OpbiH6k7fcI2qRcaEnyRCGC_hb3lJOsWfAfdy0CyDr_euh9_Yl3Jq2tMO3-pxiBtdi3FFvjzH9WEpRBFnJnDFcFWWHB1gCgwj3lUMkQ4lBJbFQrnYR7hawa_ukvpt55J2Y6W8b_ZoZVsM26-HP5V78EHExTEeuC7KgfqjUt&jb=353826266a7b6f75354c696c7d7026627b6f354e6b6e77702468736a773d4b6a706f6d6d266273623d4b6872676d65273a38313839
Frame ID: DF1A5CAB566B2A9DA25C5B6CB9960038
Requests: 12 HTTP requests in this frame

Frame: https://content.citadele.lv/tRaJq6Zji8rVFDkr?e0ffc1e40381f65b=xzFM2e8I0zWHDk304nqrRRmpjniW-YPUFaPUMQFt564mQkW8NfHrQCdt_IzRj9Nr9zw7OAv1UlJvF8f0yvllQGB-RNL2XGJlZODSiCXp34_Bk26mB23fCywsnf6DCteB5Yq0JtS6CXgpDgNa6NIQ1SBqQ0W51StPbnsqNbv1I3GxgeuLHCsyQJlL4AEwJuK81PMDCMH9DdZqP0sLAWk
Frame ID: 20346CF4896AB3A745D9EAC833376DC6
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/uEvjvxiKhp3xF-1w?039f77cdc38c4ba0=8hKRGphlF7J1hfXSq5O2aIPaxyw_qcYqYk5O3RySZ-wz3atE2i6bc7c_M_CCPXdyM1meqU2Ypjnoixm7byHdGWaENVRqbi5_QutsxsPZiE4aFbtjBcnElWNAv0jYx7U0qF23ol2UXvPHnKR5HZiURMqcF4K7MrTMNEtRw9myIra3TCRMJ2a0LsDQ7IV0Jj4qM-zkvtCVMzokoo4SpsG6
Frame ID: 051FC9FEDFE587BB0243B8E4F9518D96
Requests: 2 HTTP requests in this frame

Frame: https://content.citadele.lv/PhbWlCWFhv77-7Fz?7f75aaaec4ac590b=WtSDqn7xcnj9iEFA1XT3KswwnR_Nc4JIuHaKELl2xWao_HPZhjLuoSKFs1n7mnEjcn13ydbrMmoNQzdJWk23tLK1eAdwdNyM8fq9P3pQNj-yYVszpAtY9jDGm0lCIVLiBelXfEQ103MFwFxM0OdW2P0v10qiWjagg2mFkyXRJ_VHx60AIR0R81dBbmTxAu1QyXch6gPJPwZhWZaOPa8h
Frame ID: 7DFDB4871C3FD8A522EB20DA44AF9144
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

„Citadele“ интернет-банковское дело

Page Statistics

44
Requests

82 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

570 kB
Transfer

1267 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.yandex.com/

Search URL Search Domain Scan URL

URL: https://yandex.com/

Search URL Search Domain Scan URL

URL: https://online.citadele.lv/ibbf/lt_lt
Title: online.citadele.lv

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://h.online-metrix.net/rwczmeUJjhU2hdxJ?0b13be527ec572ee=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bz-78vtluBhXTVVK0cROg7TIjHHRoq6xK1GX0fVZucnM HTTP 302
https://h.online-metrix.net/rwczmeUJjhU2hdxJ?8f241b03a57b43f8=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bzw9WGZMGog5c4d_PNHsgBnE&k=2

44 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lt_lt Show response
z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/ 19 KB
19 KB 396ms
275ms Document
text/html 2a02:6b8::1:193
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ebf1f6eef92442a1e9d9c55031e9bbfa0a05026f60093e9d78c6cc9c8999824e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=120
content-length: 19039
content-type: text/html; charset=utf-8
date: Wed, 18 May 2022 09:45:54 GMT
etag: "bd722187640bbac75512f5875cdb4465069991ec"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000

GET
H2 200 turbo.js Show response
yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/ 16 KB
6 KB 112ms
36ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/turbo.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c87c165d3d7589b0f278507e42f3dad032c3ae9b77bcd212d56c467daa882719

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
Origin: https://z5h64q92x9.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 10:55:36 GMT
server: nginx/1.17.9
etag: W/"3c4268d7ec333b649a19b2c24534d5b4"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 18 May 2023 15:34:49 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 0fd14b0b590b1d02

GET
H2 200 tr_page_popup.css
yastatic.net/s3/translate/v21.51.3/dist/styles/misc/ 10 KB
3 KB 113ms
37ms Stylesheet
text/css 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/translate/v21.51.3/dist/styles/misc/tr_page_popup.css

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 10:55:37 GMT
server: nginx/1.17.9
etag: W/"17e415f83f90752e80dd978e2a5d611f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 18 May 2023 15:30:25 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 67c88748fd9d10b9

GET
H2 200 tr_page_stripe.css
yastatic.net/s3/translate/v21.51.3/dist/styles/misc/ 31 KB
10 KB 142ms
66ms Stylesheet
text/css 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/translate/v21.51.3/dist/styles/misc/tr_page_stripe.css

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1b9edefe2d832941acc9935f4af9e9b7d0b92282af28f9b7cd02533b1597cd1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 10:55:37 GMT
server: nginx/1.17.9
etag: W/"b47bb6654d9512ec00924bad8172aedc"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 18 May 2023 15:30:33 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: c4d69f1ba5cdad2a

GET
H2 200 tr_page.js Show response
yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/ 120 KB
38 KB 156ms
81ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/tr_page.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3d78d12bf35e0677616be381885b977219d13a23e5600f3e23c9b95c099107f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 10:55:35 GMT
server: nginx/1.17.9
etag: W/"31e339323dfb823e72d6a5f48f7d62ee"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 18 May 2023 15:30:43 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 21fc64ddcf6e47dc

GET
H2 200 tr_page_popup.js Show response
yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/ 8 KB
3 KB 179ms
104ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/tr_page_popup.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dc22751b4af1a349fb9e84f9bf177f30f9a1a45f08f9c3e9cf654dadcf9f734c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 10:55:35 GMT
server: nginx/1.17.9
etag: W/"7049e9b0b1e0d71a1c72d451e87b623f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 18 May 2023 15:34:49 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 53eafbb2500ecc3a

GET
H2 200 tr_page_worker.js Show response
yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/ 2 KB
2 KB 180ms
104ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/tr_page_worker.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1fd90b09e01b9b2b77029305c77159fa085b775a8656a03f064a03e8fe988dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 10:55:35 GMT
server: nginx/1.17.9
etag: W/"ad2edeb26d4abf0c482baead750d22d0"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 18 May 2023 15:34:49 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 0a2376ab84f044db

GET
H/1.1 200
OK ibbf-verrel-102_2_1.css
online.citadele.lv/ibbf/css/ 153 KB
154 KB 276ms
37ms Stylesheet
text/css 193.178.178.229
AS16279_CITADELE ...

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citadele.lv/ibbf/css/ibbf-verrel-102_2_1.css

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.178.178.229 Riga, Latvia, ASN16279 (AS16279_CITADELE AS will be used to provide connectivity, LV),

Reverse DNS

online.citadele.lv

Software

Apache /

Resource Hash

39c97b2ecbd30926a825c670febdbe49de317410569ad3a95d16e1263a0d37d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 18 May 2022 09:45:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 May 2022 09:56:44 GMT
Server: Apache
ETag: W/"157126-1652349404000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 157126
X-XSS-Protection: 1; mode=block

GET
H2 200 inline-verrel-102_2_1.js Show response
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/ 1 KB
1 KB 1789ms
1788ms Script
application/javascript 2a02:6b8::1:193
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/inline-verrel-102_2_1.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

26477d659bc592c591b7a7bc67de31389d78777eaae776e9e8cb0c12d5159adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
cache-control: max-age=120
referrer-policy: no-referrer-when-downgrade
etag: "f6238809d6364e446bb48759a1b5f7715151c708"
content-length: 1358
strict-transport-security: max-age=31536000
content-type: application/javascript

GET
H2 200 dependencies-verrel-102_2_1.js Show response
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/ 90 KB
90 KB 272ms
271ms Script
application/javascript 2a02:6b8::1:193
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/dependencies-verrel-102_2_1.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1667cdaa7bb56db2fd67096cf20b4db20ee25be9162bb35805c893e4b3716ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
cache-control: max-age=120
referrer-policy: no-referrer-when-downgrade
etag: "78839f4c621be1a5f1e4ee968057626ec954bfd4"
content-length: 91791
strict-transport-security: max-age=31536000
content-type: application/javascript

GET
H2 200 ibbf-verrel-102_2_1.js Show response
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/ 110 KB
111 KB 151ms
150ms Script
application/javascript 2a02:6b8::1:193
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/ibbf-verrel-102_2_1.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0ee549745fe7f5001d7331f7d08743c84aa6818052f1d7198f2d4bec45d09437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:55 GMT
cache-control: max-age=120
referrer-policy: no-referrer-when-downgrade
etag: "e61f10856b2f86b00d1089ed86d54b527fd1ae30"
content-length: 113097
strict-transport-security: max-age=31536000
content-type: application/javascript

GET
H2 200 login-verrel-102_2_1.js Show response
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/views/ 3 KB
3 KB 165ms
165ms Script
application/javascript 2a02:6b8::1:193
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/views/login-verrel-102_2_1.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3ed0fc906b79d7d514a362092c963bd5f7f513756149c1f1779e5da53b4fb037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:55 GMT
cache-control: max-age=120
referrer-policy: no-referrer-when-downgrade
etag: "790091459102d1718a17e433a6187a0113c0fd1b"
content-length: 2592
strict-transport-security: max-age=31536000
content-type: application/javascript

GET
H2 200 wwQtPMzdY-verrel-102_2_1.js Show response
z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/tags/ 3 KB
4 KB 208ms
208ms Script
application/javascript 2a02:6b8::1:193
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/tags/wwQtPMzdY-verrel-102_2_1.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e14ce723c0dd3263c0a3af0aa89b0b4c7dc2755ebe9199932e8f3680aa89601e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:54 GMT
cache-control: max-age=120
referrer-policy: no-referrer-when-downgrade
etag: "30e1e3c1aaf8bc044c3dac23c6982ec06e313c5f"
content-length: 3579
strict-transport-security: max-age=31536000
content-type: application/javascript

GET
H/1.1 200
OK logo-verrel-102_2_1.svg
online.citadele.lv/ibbf/images/citadele/logo/ 5 KB
6 KB 38ms
38ms Image
image/svg+xml 193.178.178.229
AS16279_CITADELE ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citadele.lv/ibbf/images/citadele/logo/logo-verrel-102_2_1.svg

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.178.178.229 Riga, Latvia, ASN16279 (AS16279_CITADELE AS will be used to provide connectivity, LV),

Reverse DNS

online.citadele.lv

Software

Apache /

Resource Hash

d5794ec5af63437a244a70be18d8f9c8cfe16b0bef99494f33a26d90c8b0532d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 18 May 2022 09:45:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 May 2022 09:56:44 GMT
Server: Apache
ETag: W/"5338-1652349404000"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 5338
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mrzi5z08btxx2eki.js Show response
content.citadele.lv/ 92 KB
13 KB 64ms
15ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citadele.lv/mrzi5z08btxx2eki.js?n4lal8khp996dow5=aom4xb8t&hvfj21yl2p7supmk=e95e595a-5078-4890-b70c-6fe87d86cae9

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/0.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/js/tags/wwQtPMzdY-verrel-102_2_1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6cb74a85b777fb7cbe607a0bf502440ec32bffc40b65922988cb607811a9687a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET OpenSans-Bold.otf
online.citadele.lv/ibbf/fonts/ 0
0

GET OpenSans-Regular.otf
online.citadele.lv/ibbf/fonts/ 0
0

GET Material-Design-Iconic-Font.woff2
online.citadele.lv/ibbf/icons/ 0
0

GET OpenSans-Semibold.otf
online.citadele.lv/ibbf/fonts/ 0
0

GET
H2 200 turbo.js Show response
yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/ 16 KB
6 KB 34ms
34ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/turbo.js

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c87c165d3d7589b0f278507e42f3dad032c3ae9b77bcd212d56c467daa882719

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:45:56 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 10:55:36 GMT
server: nginx/1.17.9
etag: W/"3c4268d7ec333b649a19b2c24534d5b4"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 18 May 2023 15:34:49 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 0fd14b0b590b1d02

GET
H2 200 *
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=2322/ytr_host=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_lang=lt-ru/ytr_url=https%3A%... 43 B
323 B 172ms
56ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=2322/ytr_host=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_lang=lt-ru/ytr_url=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_sid=4acd7660.6284c052.dca20078.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.51.3/ytr_dir=lt-ru/ytr_key=first_translation_request/ytr_cur_ts=1652867156418/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length: 43
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17debd4cf9b88dd58ced17e48348bc9ca5e1d28abda99f5c675190a6c1beb35f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd5a685828cfb2e15f004e38db63c2a9cf8b069a90e01925cf3cd8d9bac8c04e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c7a99b43c1be7d66d5bdad96ba3d8eb997b46b525d6c68180d37ef641faa4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 602 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b58dfa9c08da7011544d09166e6de38c3998e09193872cea7061d0e03c08055

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 *
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=2331/ytr_host=https://online.citadele.lv/ibbf/lt_lt/ytr_lang=en-ru/ytr_url=https://online.citadele.lv/ibbf/lt_... 43 B
577 B 163ms
54ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=2331/ytr_host=https://online.citadele.lv/ibbf/lt_lt/ytr_lang=en-ru/ytr_url=https://online.citadele.lv/ibbf/lt_lt/ytr_sid=4acd7660.6284c052.dca20078.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.51.3/ytr_dir=lt-ru/ytr_key=dcl_event/ytr_cur_ts=1652867156427/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length: 43
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif

GET
H2 200 translate Show response
translate.yandex.net/api/v1/tr.json/ 1 KB
1 KB 252ms
138ms XHR
application/json 2a02:6b8::194
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.yandex.net/api/v1/tr.json/translate?context_title=%E2%80%9ECitadele%E2%80%9C%20internetin%C4%97%20bankininkyst%C4%97&id=4acd7660.6284c052.dca20078.74722d75726c-0-0&context_host=online.citadele.lv&srv=tr-url&text=%E2%80%9ECitadele%E2%80%9C%20internetin%C4%97%20bankininkyst%C4%97&text=%20%20Atnaujintas%20interneto%20banko%20dizainas%20&text=%20%20Atnaujiname%20%E2%80%9ECitadele%E2%80%9C%20interneto%20bank%C4%85%2C%20kad%20klientams%20b%C5%ABt%C5%B3%20patogiau%20juo%20naudotis.%20Pakeit%C4%97me%20pirmojo%20puslapio%20i%C5%A1d%C4%97stym%C4%85%2C%20spalvas%20ir%20atnaujinome%20logotip%C4%85.%20Susipa%C5%BEinkite%20su%20poky%C4%8Diais.%20%20%20%20&text=%20%20Latvija%20%20&text=%20%20Estija%20%20&text=%20%20Lietuva%20%20&text=LT&text=RU&text=EN&text=Sveiki%20atvyk%C4%99%20%C4%AF%20%26quot%3BCitadele%26quot%3B%20internetin%C4%99%20bankininkyst%C4%99&text=Kod%C5%B3%20kortel%C4%97%2FGeneratorius&text=M.%20para%C5%A1as&text=MobileSCAN%2FDigipass%20780&text=Naudotojo%20vardas&text=Slapta%C5%BEodis&text=T%C4%99sti&text=Pamir%C5%A1ote%20slapta%C5%BEod%C4%AF%3F&text=%20%20Pagalba%20%20&text=Apie%20interneto%20bank%C4%85&lang=lt-ru&format=html&options=2&

Requested by

Host: yastatic.net
URL: https://yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/tr_page.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::194 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4373ef86c2dcaa9679cd5080175f740fc838aedb136cc5a5ddda3f2683e1d7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://z5h64q92x9.net
date: Wed, 18 May 2022 09:45:56 GMT
cache-control: no-store
x-content-type-options: nosniff
content-length: 1113
content-type: application/json; charset=utf-8

GET
H2 200 translate Show response
translate.yandex.net/api/v1/tr.json/ 260 B
539 B 237ms
123ms XHR
application/json 2a02:6b8::194
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: yastatic.net
URL: https://yastatic.net/s3/translate/v21.51.3/dist/scripts/addons/tr_page.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::194 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d08e96260a29dee1eef4103086cbd6a8fdaa738c9ae96d7af9a489e1b0bf6ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://z5h64q92x9.net
date: Wed, 18 May 2022 09:45:56 GMT
cache-control: no-store
x-content-type-options: nosniff
content-length: 260
content-type: application/json; charset=utf-8

GET Material-Design-Iconic-Font.woff
online.citadele.lv/ibbf/icons/ 0
0

GET Material-Design-Iconic-Font.ttf
online.citadele.lv/ibbf/icons/ 0
0

GET
H2 200 *
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_response/ytr_time=2578/ytr_host=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_lang=lt-ru/ytr_url=https%3A... 43 B
168 B 54ms
54ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_response/ytr_time=2578/ytr_host=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_lang=lt-ru/ytr_url=https%3A%2F%2Fonline.citadele.lv%2Fibbf%2Flt_lt/ytr_sid=4acd7660.6284c052.dca20078.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.51.3/ytr_dir=lt-ru/ytr_key=first_translation_response/ytr_cur_ts=1652867156674/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*

Requested by

Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length: 43
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif

GET
H/1.1 200
OK 5NNcWzHoF35aCtSc Show response
content.citadele.lv/ Frame DF1A 299 KB
52 KB 23ms
23ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citadele.lv/5NNcWzHoF35aCtSc?dae7c6cc0a9869d3=jttvp7-ILW6UXoyvLtSfmXF5UUkId4mXFpnJaz3N9OpbiH6k7fcI2qRcaEnyRCGC_hb3lJOsWfAfdy0CyDr_euh9_Yl3Jq2tMO3-pxiBtdi3FFvjzH9WEpRBFnJnDFcFWWHB1gCgwj3lUMkQ4lBJbFQrnYR7hawa_ukvpt55J2Y6W8b_ZoZVsM26-HP5V78EHExTEeuC7KgfqjUt&jb=353826266a7b6f75354c696c7d7026627b6f354e6b6e77702468736a773d4b6a706f6d6d266273623d4b6872676d65273a38313839

Requested by

Host: content.citadele.lv
URL: https://content.citadele.lv/mrzi5z08btxx2eki.js?n4lal8khp996dow5=aom4xb8t&hvfj21yl2p7supmk=e95e595a-5078-4890-b70c-6fe87d86cae9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

48cd2e1b7a93d2a4ac98dd5e9ba30967390434b9f40658cea90471b0a27e6230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 3f337f02521c5ae0
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK oP_XQU2qxLnceRXp
content.citadele.lv/ Frame DF1A 81 B
475 B 37ms
12ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.citadele.lv/oP_XQU2qxLnceRXp?50accc62c5bda0b2=RUIJRvvtycY2R6LRP_ZnFP-OqeZSLENwAM3U4wiXC9FrMN3aNnzwnEwGKphTex5q7xY3ktvkeNT-X-gQkSDoJ7f0xJXwrCS-gHmBp0XgaVMUCg3CZvaBFuE8l9r74NS4gXbSryjy-yCImpGDrLZ4sFCEoRw83is2aWoWo0c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:56 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Q2ieMOXPYjmgsGjZ
content.citadele.lv/ Frame DF1A 81 B
475 B 37ms
12ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.citadele.lv/Q2ieMOXPYjmgsGjZ?2c6da7cafa160852=t6NN28C-FSodpUgmmrABcBzOGXEACyHJTRwX1Bvij0OTiodO_X_z0W4QBOy0SX6Qu69cJzKfi73MojjBVS9g_fK1FezBaVaQ7uY_V3GnsQZrQO82xRoTQqBCpZ6dOfyOwIQ6EWIARYRBA3JG4s5koP0tiBeMX0wkByacRgE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:56 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content.citadele.lv/fp/ Frame DF1A 81 B
530 B 38ms
12ms XHR
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citadele.lv/fp/clear.png

Requested by

Host: content.citadele.lv
URL: https://content.citadele.lv/5NNcWzHoF35aCtSc?dae7c6cc0a9869d3=jttvp7-ILW6UXoyvLtSfmXF5UUkId4mXFpnJaz3N9OpbiH6k7fcI2qRcaEnyRCGC_hb3lJOsWfAfdy0CyDr_euh9_Yl3Jq2tMO3-pxiBtdi3FFvjzH9WEpRBFnJnDFcFWWHB1gCgwj3lUMkQ4lBJbFQrnYR7hawa_ukvpt55J2Y6W8b_ZoZVsM26-HP5V78EHExTEeuC7KgfqjUt&jb=353826266a7b6f75354c696c7d7026627b6f354e6b6e77702468736a773d4b6a706f6d6d266273623d4b6872676d65273a38313839

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, aom4xb8t/3f337f02521c5ae0e95e595a-5078-4890-b70c-6fe87d86cae9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 18 May 2022 09:45:56 GMT
Last-Modified: Wed, 18 May 2022 09:45:56 GMT
Server: Apache
Etag: f8a005f76d5b4207be29c57878b79a44
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://z5h64q92x9.net
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Mon, 17 May 2027 09:45:56 GMT

GET
H/1.1

204
No Content

rwczmeUJjhU2hdxJ Show response
h.online-metrix.net/ Frame DF1A
Redirect Chain

https://h.online-metrix.net/rwczmeUJjhU2hdxJ?0b13be527ec572ee=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bz-7...
https://h.online-metrix.net/rwczmeUJjhU2hdxJ?8f241b03a57b43f8=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bzw9...

0
387 B

13ms
12ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/rwczmeUJjhU2hdxJ?8f241b03a57b43f8=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bzw9WGZMGog5c4d_PNHsgBnE&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 18 May 2022 09:45:57 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/rwczmeUJjhU2hdxJ?8f241b03a57b43f8=UTEptXTBCiBsfdKRuCA_FbbWJki2tjRxHPCB2TA0ps5fF8cGaK7KQzSRdkOlAy8j9-NfzTrQOVIjq5Cxi1FtQuhCcXjmjyocwct-Wl6FzDuyneg92nf7sdzqyRSHYopAZe2Bzw9WGZMGog5c4d_PNHsgBnE&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Content-Length: 409

GET
H/1.1 200
OK tRaJq6Zji8rVFDkr Show response
content.citadele.lv/ Frame 2034 89 KB
13 KB 16ms
15ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citadele.lv/tRaJq6Zji8rVFDkr?e0ffc1e40381f65b=xzFM2e8I0zWHDk304nqrRRmpjniW-YPUFaPUMQFt564mQkW8NfHrQCdt_IzRj9Nr9zw7OAv1UlJvF8f0yvllQGB-RNL2XGJlZODSiCXp34_Bk26mB23fCywsnf6DCteB5Yq0JtS6CXgpDgNa6NIQ1SBqQ0W51StPbnsqNbv1I3GxgeuLHCsyQJlL4AEwJuK81PMDCMH9DdZqP0sLAWk

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3936037e0a15c71321f53c1e5b055c504f5369031b067bbffdf3edf1e11ad80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 May 2022 09:45:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content 4R3tymB9zcWMTI62 Show response
content.citadele.lv/ Frame DF1A 0
387 B 13ms
12ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:56 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK uEvjvxiKhp3xF-1w Show response
h.online-metrix.net/ Frame 051F 102 KB
16 KB 140ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/uEvjvxiKhp3xF-1w?039f77cdc38c4ba0=8hKRGphlF7J1hfXSq5O2aIPaxyw_qcYqYk5O3RySZ-wz3atE2i6bc7c_M_CCPXdyM1meqU2Ypjnoixm7byHdGWaENVRqbi5_QutsxsPZiE4aFbtjBcnElWNAv0jYx7U0qF23ol2UXvPHnKR5HZiURMqcF4K7MrTMNEtRw9myIra3TCRMJ2a0LsDQ7IV0Jj4qM-zkvtCVMzokoo4SpsG6

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

729e0880ff4152b94d05f5e2aaa78d124877b87a9ab93756a4ba476c3d370844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 May 2022 09:45:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content 4R3tymB9zcWMTI62 Show response
content.citadele.lv/ Frame DF1A 0
387 B 13ms
12ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame DF1A 0
0

GET
H/1.1 200
OK PhbWlCWFhv77-7Fz Show response
content.citadele.lv/ Frame 7DFD 89 KB
14 KB 16ms
15ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citadele.lv/PhbWlCWFhv77-7Fz?7f75aaaec4ac590b=WtSDqn7xcnj9iEFA1XT3KswwnR_Nc4JIuHaKELl2xWao_HPZhjLuoSKFs1n7mnEjcn13ydbrMmoNQzdJWk23tLK1eAdwdNyM8fq9P3pQNj-yYVszpAtY9jDGm0lCIVLiBelXfEQ103MFwFxM0OdW2P0v10qiWjagg2mFkyXRJ_VHx60AIR0R81dBbmTxAu1QyXch6gPJPwZhWZaOPa8h

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8b2f5033a1e1ae4ec3999d9b5772457435a198d8377b03382e49c4e8b79da51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 May 2022 09:45:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 4R3tymB9zcWMTI62 Show response
content.citadele.lv/ Frame DF1A 0
218 B 14ms
14ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citadele.lv/4R3tymB9zcWMTI62?6430671f1f35eaa5=37boZnCIoyX4qjrNErF-jsYMiBZUfNsRlatSn9uvhfmQ29WqJcj8OmMa-FmdF5gSnhOcNYYbjTkwmegYMDfjHzKyETKh0Plb-NyYzCdGDJtK16rxLJlQ4Cxqx203PEt5iAvo-gFC-RE_sm8-hVcqrAuTjBM&ja=31313739262e633d38267a3f382e6635393638327a3130383224616e3f313e323278313a3038267378713d3070302666787a3d3924313e32322c333a32322c393430382e333230382c3936303024313238302c333e383024393238322e302e38246f7435633830306362636c633f3764646e64663165613a3c39313c3f303e603b613569246f6e3536267b61663d323c2664683d687c74707b2533432d3a462d3a4672376a3636793b3078312c6e6d7627324678726778795f7d25324e6c742f7a7d2e6d662e313a3237336e67632d3e30376e3161313525333a6137643c6332253734353a3a643f3c366e353736313e3a27324e6a747c727125324e6f666c696e6d2e63617461666d64652664762d304469606a6427324e6e74576e7626647a3d2e706c3d3b2670603d373a6e3a386969366a61646267393331623f31383f636730643b626c6232643c2668603d35316a6a616a6a383e676661676a6333386963356b3234353439356a6139393b266a7b6f3d4e616675702e6a7b603f436a7a6d6f652d3030393233266a7b6f7d3d4c696675782e6a73607d3543607a6f6567246e6a6b3f362666666d353a24747a6c3d4d7463253a4655666b6e6d7f662665697460703f3432383166316b30626d613232653e636b353630383832696431373d3c30396e643c373a38333c3366366d63613a366663393c616e6264373a33313b313934692e7035786c7d656b6e5d6e6e6373605c66696e716521786c7d67696e57776966646f757b576d6d6c69695d726c637167705e6e636c7b6723706c7d67616e5f616c6f626d5f61617a6762697c5e6e636e736729726e756f6b6e57737769636374616d655e6e616c7b652172647d6761665f7b6a6d63697f637465566461647167217064756f696e5f7a656164706c63716d72566e61647167217264776569665d7664615d706c69796d725e66696c736d21706e7d6f696657646d74636c747a5c646164716529726e7567616e577376675776696d776570566e61647b6529726e7565616c5d6a6974615664636c736d266f6c5f633577656a676c556d6a47442d3238332c30273a322a4f78676e4f4e2732304d532d3230322630253a30436a7a676d617d6d2155676245442730304f4e5344273030455b253a30312e38253238284f726d6647442d32384751253038454e5344273238475125323831263025323843687a6f6d6b7d65295f6d62436b7657676a496b742d30305f6760474c494e4f4c455f616e737c616e616d6c5f697a72697b7125314a2730304d5a5457606e656e6c5f65696e6d6978253b422530384d585c5763676e6d725d6a7764666d705f60636e665f6e6c676174253b42253a30455a5c57666467617c5d606c67666627334a273238475a545f6e7269675f646d7074602533402d3a304d505457716a61666d705d746d7a747d70675f6c67642d3342253a304550545f766d70747d7a6557616d6d727a677173616d6e57607274632d334a2532304d58545774657a7c7d726d5763676f7272677b716b6f665d726f766125334a253a3045585c5f746d7874777a6d5f6e616c7c67705f63666b716f7c706f786b6125334a253a3057454a4b495c5f455a5c57746d70747d70675f64616e76657a5d61666b716f747a6f786963253b42253a30455a5c57735a4f422d31402530384d475357676c6d6f676e74576966646578577569667425314a2d323847455b5d64626d5770676e6c6772576f6b706d69702d3342253a304f4d535f717c696e6c69726c5d666570617463746174657b273142253a304745535f7c65787c757267576e6c6769742d31402530384d475357766570767772655766646f6174576c69666561702d3b422d3a304747515f766d7a76757a675f60636e665f6e6c676174253b42253a304f475b57746d70747d70675f6a696e645f6e6e6f69765d6c696665697225334a2532384f4551577e657a7c65705d637270697b5d6f6a68656b762733422d32385745424f4c5f6b6f6c6d7a57627d6e666d705d666e676376253b40253a325545424f4c57636f6d7872657b736566577c65707c757a675d61717c6127334a27323855474247445f6b6f6d707a65737b65645d7c6d787c7d726d5d6774612d3140253a32574d40454c5f6b6f657072657b73656c5f7467707c757a6d5f6d766131273b4027323855454a454e5f63676d787265737b65645774657a7c7d726d57733b766125314a2730305f4742434b565f574d424f4c5f63676d707a6573716d6c5f7c6d787c7770655d7b3176632d31422d303257454a47445f636f6570726d7373676c57746d70747d70675f713b76615f7b70676a273142253a305f454247445f646d627565577a65666c657a67705f6b66646d253b40253a325545424f4c576465707c685f7c6578767d7a652d3b422d303257474a494b545755454a454e5f646d707c685f746d78747d7265273b4a253a38574d40454c5d6c7063775760756e646772732d334a2532305f45424f4c5f6e677b65576b6f66766778762d3140253a32574d4049495457574d42474c576c6f7b655f616766746d70742d31402530385547424f4e5f65776e746957647a6177313e2667645f683f3b3130383e306d376735373b3164376e63666a373261346965383531346e66363a3861363b39616b2e776f6e743d4b6676676c2d3030416c612e267f6764723d4966746564253232417a697b2d32384d72656c4f4e273238476e6f6b6c65266b636c3d35&jb=313d34266c793d4d677a696e6469253a4e35263227323220556b6e6c6d777b2730304e5c253a3031302630253b422530385f69663e342d31402530387a3434212732384372706c6d576d624b697c25324e353335263b362d3a3020494a544f442730432d3030646b6965253a304f65636b6729253a30436a7a676d6d2d324e3332312c382c36393d332e3e362732305b616e6172692d32463d33372c3b3e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 18 May 2022 09:45:57 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK FHSuEP8VrlxkLQg6
aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net/ Frame DF1A 81 B
438 B 57ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net/FHSuEP8VrlxkLQg6?920f9c9b0c9a31f3=5XPDTz3JsBqWCRCvkN9rE2h6_KlLXJzgzIwTVZXS2I3d1JQoVt_jqYQsJCYxlNWPAh1ZKLCWtuxQ2NHAb3UtVj44rfQIL0mK-r95w-1fWglfuZDij40sFoHLYWt3OLpbfAd-8Lxi7FuYjBMplCclLjr9coUx1cRC-odx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content 2suahH8-LSm_OTmz Show response
content.citadele.lv/ Frame 2034 0
387 B 13ms
13ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citadele.lv/2suahH8-LSm_OTmz?bb9eebbfb5f005d9=AUi0kI5pLBwoBlv5oX7GeH1yJnb_uPOZSa3EmixH01iOmRMcaM8hc7dDVIf-4WP0Ge46Oa4CYfxeqwZNvcqc2Lc9IFnanPlii5QY-UO8gen49qf9ZcyqQdKXvzyHeOKDTC1rODxF4Gua6FK074z_Av2Oupg&jf=333e266c736a3d316965383b3b6d326c69646c3630613030303b663f67653d303b33363b363a65

Requested by

Host: content.citadele.lv
URL: https://content.citadele.lv/tRaJq6Zji8rVFDkr?e0ffc1e40381f65b=xzFM2e8I0zWHDk304nqrRRmpjniW-YPUFaPUMQFt564mQkW8NfHrQCdt_IzRj9Nr9zw7OAv1UlJvF8f0yvllQGB-RNL2XGJlZODSiCXp34_Bk26mB23fCywsnf6DCteB5Yq0JtS6CXgpDgNa6NIQ1SBqQ0W51StPbnsqNbv1I3GxgeuLHCsyQJlL4AEwJuK81PMDCMH9DdZqP0sLAWk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.citadele.lv/tRaJq6Zji8rVFDkr?e0ffc1e40381f65b=xzFM2e8I0zWHDk304nqrRRmpjniW-YPUFaPUMQFt564mQkW8NfHrQCdt_IzRj9Nr9zw7OAv1UlJvF8f0yvllQGB-RNL2XGJlZODSiCXp34_Bk26mB23fCywsnf6DCteB5Yq0JtS6CXgpDgNa6NIQ1SBqQ0W51StPbnsqNbv1I3GxgeuLHCsyQJlL4AEwJuK81PMDCMH9DdZqP0sLAWk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 Nl4XJ1uzE5SbfR75
content.citadele.lv/ Frame DF1A 0
400 B 15ms
15ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.citadele.lv/Nl4XJ1uzE5SbfR75?f368a7b206b1fd20=d1btVygt_rtFWOoefmlmD1BPTwRaVhvwryy55U8S9l4TgGFn2FbcjT6sgEtTUHgxcA09ru2hE31OlFMl35cImcs5f4gJWehR4VDJu2ZnAR30z2NkdLUNnQK8wasouSKc69KIop5-yuCp_cgzG9RTqE-WgMI1dXbUsxzbqE2qZR9ACvzIgSBT-X9qM-hcloxbOvPLSzHdvs016tdhHZc&jf=343934267361645f7a6e643f7c6c725779444a4a6f6a4c6e43456445735740702473696c5f6c6174653531363d3238343f39353f2e7361665d747b78673f776d603a6d616673612e7361645f6b6d793d3b30353b3b38313b3836383530613a3e363a636d316438303231303e30303261383e34386b653366383b303938373831363232383236343c60356d333439333e643e3436336935343e6639336a3139693e383c613363633d3036623a64643f3a64646531643e6264333c34386e366560396e373f6e326e3061323b69303a363f61343e363066353c616d6538643a3563383935673d6a336d6e623d31333834393461613d61333e643263613b653e3463626c61393e352671616c5f7b61673531323436383030303b673669603a37616c333c6432366d39653f3737673b3e33316c396a643736646b3637616b3a376a666731333b393a3239626d66383d35613b6a3f346e6b623b323032323e6032613033373b343639303961396239373963373930323b6a6b30303c613a34343433393a31313136626a343263646b666b3961313c37323b37333a316e362e7b696e703f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 rkWK7ThETl7MzC7N
h.online-metrix.net/ Frame 051F 0
400 B 15ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/rkWK7ThETl7MzC7N?9d7c8823d550cd62=uAEp8M7Bpi10ocXzxOk6OjzHLeMs6Cwk8DqnOi57SCvqhfoy72Y4IEpinP-FxkP89jaOYs5ENMyaxcX8v7kxdkAIFanamzvF7nJRT_ifrI8i1Wlkhz08_K0qhEf14GpQn0QZrDWIWjcGPVYP__BtPrV04SPtsHq8Ip23n7vfzbJPR79tl7JKjorImKTXX9TKdj5M_x5_b9voRyW13OA&jf=343938267361645f7a6e643f7c6c7257637a6c437347577c6c6a6830786540472473696c5f6c6174653531363d3238343f39353f2e7361665d747b78673f776d603a6d616673612e7361645f6b6d793d3b30353b3b38313b3836383530613a3e363a636d316438303231303e30303261383e34386b653366383b30393837383136323238323663693b353e346464376a30383134356d33393c363166303e383e6c313d313332373c3330386c61613e6037306239636a666432696638383666303b3033386d3639633b38323f333233313b64383367643538636b6431333162306e36653b6d31313a383930643030343e3a37303d64636d673533666a396c6435633e61376c622671616c5f7b61673531323434383030313832613f616762333a383f6435393f38316d6165336d3d383d6931393b3661603b6364313c306631346637666e39306432663a65626b6561373e3f303130383e646330303a3332306c676539323632386c643e3762623936356d6538633830373a6b63303667303a3a6030646a35366e636761326e38393638396b38373e6232346c30643f38303c247169647a3f33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/uEvjvxiKhp3xF-1w?039f77cdc38c4ba0=8hKRGphlF7J1hfXSq5O2aIPaxyw_qcYqYk5O3RySZ-wz3atE2i6bc7c_M_CCPXdyM1meqU2Ypjnoixm7byHdGWaENVRqbi5_QutsxsPZiE4aFbtjBcnElWNAv0jYx7U0qF23ol2UXvPHnKR5HZiURMqcF4K7MrTMNEtRw9myIra3TCRMJ2a0LsDQ7IV0Jj4qM-zkvtCVMzokoo4SpsG6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content 4R3tymB9zcWMTI62 Show response
content.citadele.lv/ Frame DF1A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 09:45:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.citadele.lv
URL: https://online.citadele.lv/ibbf/fonts/OpenSans-Bold.otf

Domain: online.citadele.lv
URL: https://online.citadele.lv/ibbf/fonts/OpenSans-Regular.otf

Domain: online.citadele.lv
URL: https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff2

Domain: online.citadele.lv
URL: https://online.citadele.lv/ibbf/fonts/OpenSans-Semibold.otf

Domain: online.citadele.lv
URL: https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff

Domain: online.citadele.lv
URL: https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.ttf

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banka Citadele (Banking)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.z5h64q92x9.net/	1970-01-20 03:50:59	Name: _yasc Value: A/nshP4V6uhv87DoppOjhF+N4Y35b0FxpSCiw453ugmRkw==
content.citadele.lv/	1970-01-21 22:19:47	Name: thx_guid Value: ffc57cb02ebb4acaa44edf60b1065936
.yandex.ru/	1970-01-20 20:38:59	Name: i Value: gtBQWSEemZsLsUF8aza4J+gtSSofhAJ194Pp848tvgMCIqGu0H1w1AMMotIYSJbvyWWtDYMuHWUARl0l45JsBkqrB+U=
h.online-metrix.net/	1970-01-21 22:19:47	Name: thx_global_guid Value: f0a404ec88774a0e8bf2126fd9a1dbb8

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: A preload for 'https://yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/turbo.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	error	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: Access to font at 'https://online.citadele.lv/ibbf/fonts/OpenSans-Bold.otf' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.citadele.lv/ibbf/fonts/OpenSans-Bold.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: Access to font at 'https://online.citadele.lv/ibbf/fonts/OpenSans-Regular.otf' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.citadele.lv/ibbf/fonts/OpenSans-Regular.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: Access to font at 'https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff2' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: Access to font at 'https://online.citadele.lv/ibbf/fonts/OpenSans-Semibold.otf' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.citadele.lv/ibbf/fonts/OpenSans-Semibold.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: Access to font at 'https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: Access to font at 'https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.ttf' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://online.citadele.lv/ibbf/icons/Material-Design-Iconic-Font.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://z5h64q92x9.net/proxy_u/lt-ru.en.98071fea-627f3c15-32a7d4c2-74722d746f756368/https/online.citadele.lv/ibbf/lt_lt Message: The resource https://yastatic.net/s3/translate/v21.51.3/dist/scripts/bundles/turbo.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aom4xb8tio5nvlaf7h7f2oca4enkwwbqsfll7qqm3f337f02521c5ae0am1.e.aa.online-metrix.net
content.citadele.lv
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
online.citadele.lv
translate.yandex.net
yandex.ru
yastatic.net
z5h64q92x9.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
online.citadele.lv
193.178.178.229
2a02:6b8:20::215
2a02:6b8::194
2a02:6b8::1:193
2a02:6b8:a::a
91.235.132.130
91.235.133.182
91.235.134.131
0ee549745fe7f5001d7331f7d08743c84aa6818052f1d7198f2d4bec45d09437
1667cdaa7bb56db2fd67096cf20b4db20ee25be9162bb35805c893e4b3716ff7
17debd4cf9b88dd58ced17e48348bc9ca5e1d28abda99f5c675190a6c1beb35f
1b9edefe2d832941acc9935f4af9e9b7d0b92282af28f9b7cd02533b1597cd1e
1fd90b09e01b9b2b77029305c77159fa085b775a8656a03f064a03e8fe988dfe
2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe
26477d659bc592c591b7a7bc67de31389d78777eaae776e9e8cb0c12d5159adb
3936037e0a15c71321f53c1e5b055c504f5369031b067bbffdf3edf1e11ad80e
39c97b2ecbd30926a825c670febdbe49de317410569ad3a95d16e1263a0d37d9
3d78d12bf35e0677616be381885b977219d13a23e5600f3e23c9b95c099107f4
3ed0fc906b79d7d514a362092c963bd5f7f513756149c1f1779e5da53b4fb037
4373ef86c2dcaa9679cd5080175f740fc838aedb136cc5a5ddda3f2683e1d7d7
48cd2e1b7a93d2a4ac98dd5e9ba30967390434b9f40658cea90471b0a27e6230
4b58dfa9c08da7011544d09166e6de38c3998e09193872cea7061d0e03c08055
5c7a99b43c1be7d66d5bdad96ba3d8eb997b46b525d6c68180d37ef641faa4cd
6cb74a85b777fb7cbe607a0bf502440ec32bffc40b65922988cb607811a9687a
729e0880ff4152b94d05f5e2aaa78d124877b87a9ab93756a4ba476c3d370844
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
8b2f5033a1e1ae4ec3999d9b5772457435a198d8377b03382e49c4e8b79da51f
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
bd5a685828cfb2e15f004e38db63c2a9cf8b069a90e01925cf3cd8d9bac8c04e
c87c165d3d7589b0f278507e42f3dad032c3ae9b77bcd212d56c467daa882719
d08e96260a29dee1eef4103086cbd6a8fdaa738c9ae96d7af9a489e1b0bf6ff4
d5794ec5af63437a244a70be18d8f9c8cfe16b0bef99494f33a26d90c8b0532d
dc22751b4af1a349fb9e84f9bf177f30f9a1a45f08f9c3e9cf654dadcf9f734c
e14ce723c0dd3263c0a3af0aa89b0b4c7dc2755ebe9199932e8f3680aa89601e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf1f6eef92442a1e9d9c55031e9bbfa0a05026f60093e9d78c6cc9c8999824e

z5h64q92x9.net Open in urlscan Pro 2a02:6b8::1:193 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

44 Requests

82 %HTTPS

50 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

570 kBTransfer

1267 kBSize

4 Cookies

3 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

z5h64q92x9.net Open in urlscan Pro
2a02:6b8::1:193 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

82 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

570 kB
Transfer

1267 kB
Size

4
Cookies

44 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!