sectiondata8e-consult1d4.duckdns.org Open in urlscan Pro
34.106.143.177 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sectiondata8e-consult1d4.duckdns.org/secure/
Submission: On December 07 via automatic, source openphish (December 7th 2021, 1:30:36 am UTC) — Scanned from DE

Summary HTTP 420 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 19 domains to perform 420 HTTP transactions. The main IP is 34.106.143.177, located in Salt Lake City, United States and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is sectiondata8e-consult1d4.duckdns.org.
TLS certificate: Issued by R3 on December 6th 2021. Valid for: 3 months.

This is the only time sectiondata8e-consult1d4.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 236	34.106.143.177 34.106.143.177	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
12	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
1 16	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	54.164.224.206 54.164.224.206	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.0.68 151.101.0.68	54113 (FASTLY) (FASTLY)
79	91.235.133.67 91.235.133.67	30286 (THM) (THM)
15	91.235.132.130 91.235.132.130	30286 (THM) (THM)
3	192.225.158.3 192.225.158.3	30286 (THM) (THM)
1	151.101.65.175 151.101.65.175	54113 (FASTLY) (FASTLY)
2	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	13.32.22.31 13.32.22.31	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:fc00:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	13.32.22.79 13.32.22.79	16509 (AMAZON-02) (AMAZON-02)
1	35.156.157.11 35.156.157.11	16509 (AMAZON-02) (AMAZON-02)
1	192.193.200.243 192.193.200.243	32287 (SOLANA-CI...) (SOLANA-CITIPLEX)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1 8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
420	25

236 34.106.143.177 (Salt Lake City, United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 177.143.106.34.bc.googleusercontent.com

sectiondata8e-consult1d4.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.164.224.206 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-224-206.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.68 (United States)

ASN54113 (FASTLY, US)

assets.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

79 91.235.133.67 (United States)

ASN30286 (THM, US)

content22.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net

89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-31.fra56.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:fc00:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

20822230p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-79.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.157.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-157-11.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.193.200.243 (New York, United States)

ASN32287 (SOLANA-CITIPLEX, US)

prod.report.nacustomerexperience.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.134.131 (United States)

ASN30286 (THM, US)

89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
236	duckdns.org 1 redirects sectiondata8e-consult1d4.duckdns.org	18 MB
81	citi.com www.citi.com Failed online.citi.com contents3.00110.citi.com Failed content22.online.citi.com prod.report.nacustomerexperience.citi.com	564 KB
21	online-metrix.net h.online-metrix.net 89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net 89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net 89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net 89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net 89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net 89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net	92 KB
16	google.com 1 redirects www.google.com	2 KB
12	ensighten.com nexus.ensighten.com	79 KB
8	google.de www.google.de	1 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net	9 KB
7	bing.com bat.bing.com	11 KB
7	googletagmanager.com www.googletagmanager.com	250 KB
5	tvpixel.com p.tvpixel.com c.tvpixel.com	32 KB
4	kampyle.com assets.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	7 KB
2	medallia.com resources.digital-cloud-citi.medallia.com	88 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	agkn.com d.agkn.com	593 B
1	rezync.com live.rezync.com	30 B
1	rfihub.com 1 redirects 20822230p.rfihub.com	706 B
1	rlcdn.com sr.rlcdn.com	98 B
1	pbbl.co cdn.pbbl.co
0	Failed function sub() { [native code] }. Failed
420	19

	Domain	Requested by
236	sectiondata8e-consult1d4.duckdns.org	1 redirects sectiondata8e-consult1d4.duckdns.org
79	content22.online.citi.com	sectiondata8e-consult1d4.duckdns.org content22.online.citi.com
16	www.google.com	1 redirects sectiondata8e-consult1d4.duckdns.org
15	h.online-metrix.net	sectiondata8e-consult1d4.duckdns.org content22.online.citi.com
12	nexus.ensighten.com	sectiondata8e-consult1d4.duckdns.org
8	www.google.de
8	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
7	bat.bing.com	sectiondata8e-consult1d4.duckdns.org bat.bing.com
7	www.googletagmanager.com	sectiondata8e-consult1d4.duckdns.org www.googletagmanager.com
4	p.tvpixel.com	sectiondata8e-consult1d4.duckdns.org
2	resources.digital-cloud-citi.medallia.com	nexus.ensighten.com sectiondata8e-consult1d4.duckdns.org
2	udc-neb.kampyle.com	sectiondata8e-consult1d4.duckdns.org
1	89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net
1	89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net
1	89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net
1	www.googleadservices.com	sectiondata8e-consult1d4.duckdns.org
1	prod.report.nacustomerexperience.citi.com	sectiondata8e-consult1d4.duckdns.org
1	d.agkn.com
1	live.rezync.com
1	20822230p.rfihub.com	1 redirects
1	c.tvpixel.com	sectiondata8e-consult1d4.duckdns.org
1	sr.rlcdn.com	nexus.ensighten.com
1	cdn.pbbl.co	nexus.ensighten.com
1	nebula-cdn.kampyle.com	sectiondata8e-consult1d4.duckdns.org
1	89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net	sectiondata8e-consult1d4.duckdns.org
1	89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net	sectiondata8e-consult1d4.duckdns.org
1	89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net	sectiondata8e-consult1d4.duckdns.org
1	assets.kampyle.com	sectiondata8e-consult1d4.duckdns.org
1	online.citi.com	sectiondata8e-consult1d4.duckdns.org
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	sectiondata8e-consult1d4.duckdns.org content22.online.citi.com
0	contents3.00110.citi.com Failed	sectiondata8e-consult1d4.duckdns.org
0	www.citi.com Failed	sectiondata8e-consult1d4.duckdns.org
420	32

This site contains links to these domains. Also see Links.

Domain
online.citi.com
www.citigroup.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
www.citi.com
play.google.com
itunes.apple.com
www.jdpower.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
mail.sectiondata8e-consult1d4.duckdns.org R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2020-03-13` - `2022-05-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.tvpixel.com Amazon	`2021-01-15` - `2022-02-12`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
content22.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-14` - `2022-08-06`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.d.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-04-07` - `2022-04-07`	a year	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2021-11-15` - `2022-10-20`	a year	crt.sh
*.pbbl.co Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
prod.report.nacustomerexperience.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-05-05` - `2022-07-04`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://sectiondata8e-consult1d4.duckdns.org/secure/
Frame ID: A9EDA4DD0D6A103B80546E7052506FFF
Requests: 174 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Frame ID: 27853C8DB8C1D2B35EF65D2A52AD78B7
Requests: 51 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/425466.html
Frame ID: EA5D453E35A925AF44CF4867255A2BF7
Requests: 1 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Frame ID: CD584CDC246442CC24C9C6493091EAFC
Requests: 48 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Frame ID: BDBA1532E6AEB271FE19F934F4082A09
Requests: 47 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/pixel.html
Frame ID: B6E33C4D44F27E87DC41AD82CF14094A
Requests: 1 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
Frame ID: F6FEC1FC9745B3FD07BC046083B6500F
Requests: 7 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(1).html
Frame ID: 01157D0D7CD5DE65107B117FC087FFD9
Requests: 3 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(1).html
Frame ID: B30E8BFAE4BDA1D93CAA7959BBE7EE19
Requests: 3 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/top_fp(1).html
Frame ID: 17DC9709F3E89CD02C0D1C0C54568E64
Requests: 1 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(2).html
Frame ID: 9C0B669815EBEEF766EA8C990C232D63
Requests: 3 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(2).html
Frame ID: 0727D0E8DDA4AF7316A01B13401DC76D
Requests: 3 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/top_fp(2).html
Frame ID: 155BE1D3C74CF2F99547DCD5E554ABFE
Requests: 1 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp.html
Frame ID: 57242065F6E98F5A69F4FF2807619746
Requests: 3 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp.html
Frame ID: CA3EEF6CF093890BCAD91697CFFCFD34
Requests: 3 HTTP requests in this frame

Frame: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/top_fp.html
Frame ID: D0F5C563604CB4C5E0DEE3A2152ABB67
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
Frame ID: B4B31C4C771EB0674385D7ABDA27912E
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
Frame ID: 8C56FBFD2D670B5AD02C756DAFB7B0DD
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
Frame ID: 41FD41058A73ADC4F24F236755E014DE
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
Frame ID: C32561251A7A71E896B9D43ED7D3CDAF
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
Frame ID: DEE3F022F76CEA6FE65396810F4192FC
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
Frame ID: 3BFD71A431DEFD5267C274142160FFC5
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
Frame ID: F0BE43C7DD497656A116F94236E2A047
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
Frame ID: 5C35CE689FD5557073B0155AADFE6152
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
Frame ID: 81EA8F0FFA9AE13AAB7E0EF067AD89DE
Requests: 1 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 996AF4FBC80F5C0139FC7E9A4A0EF849
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jb=343926246a736d7d3f4c6b6e77782662716f3f4e6b6e757a2468736a7d3f41607a6f6565266271603d4168706f6565253232313e
Frame ID: FCDD7BAAE59142B177A0F68CB14D363B
Requests: 13 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jb=3c39242462716d7d3d4c6b6675702e6a716f354e696c757a266a736a773d4368706d6f65266271603f416a706d6f67253a303936
Frame ID: 5A0E1FE297651390D062116B9425B17D
Requests: 13 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jb=363926266873677d3d4c6b6c77782468716d3f4c6b6c757a26627160753d43607a6d6f6d266a7b6a3f4168706d6d652732303b36
Frame ID: C3323E427BF040ED5D039F74654DBC9A
Requests: 12 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
Frame ID: 9F0A3AB305CA1CD7B3811C5308F6CE30
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
Frame ID: 726CF5425A8153057EF7E8CDFAFD4BF1
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
Frame ID: 0E197344793467F1A0833B8293AB887B
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
Frame ID: 3893AA634F7B2E56F30BC2515E33F219
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
Frame ID: 4695846AB3F08AEC24D9102165C00166
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
Frame ID: B466AB6A2B5CEE5E93AC629EC5A18483
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
Frame ID: CC43CA778F25D582B14EC9300D5B0090
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
Frame ID: C79B02221F48BB9F9958C93203774986
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
Frame ID: C58C96A95A55D9742D6F486720CD77AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On to Your Citi Account - Citibank

Page URL History Show full URLs

https://sectiondata8e-consult1d4.duckdns.org/secure HTTP 301
https://sectiondata8e-consult1d4.duckdns.org/secure/ Page URL

Page Statistics

420
Requests

97 %
HTTPS

24 %
IPv6

19
Domains

32
Subdomains

25
IPs

2
Countries

19189 kB
Transfer

22752 kB
Size

28
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citi.com/US/ag/forgot-userid-pwd/account-type?fuipFlowInd=userID
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/activate/index
Title: Activate a card

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/forgot-userid-pwd/account-type?fuipFlowInd=pwd
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/bank/registration/set-up-online-access
Title: Register for online access

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits and Services

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/citigold-private-client
Title: Citigold® Private Client

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/small-business-banking
Title: Small Business Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Personal Banking

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=todays_mortgage_rates&type=buy
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=home_equity_rates
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/personal-loans-and-lines-of-credit
Title: Lending

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/helptopic
Title: Help & FAQs

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/security-center
Title: Security Center

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title: Continue

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title: Continue

Search URL Search Domain Scan URL

URL: http://www.jdpower.com/awards
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citibank
Title: Continue

Search URL Search Domain Scan URL

URL: https://twitter.com/Citibank/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title: Continue

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/termsdisclaimer/termsdisclaimerhome
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://online.citi.com/JRS/portal/template.do?ID=Privacy#notice-at-collection
Title: Notice at Collection

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/dataprivacyhub
Title: CA Privacy Hub

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sectiondata8e-consult1d4.duckdns.org/secure HTTP 301
https://sectiondata8e-consult1d4.duckdns.org/secure/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 323

https://20822230p.rfihub.com/ca.html?rb=648&ca=20822230&ra=771842508&_o=17169175&_t=zx-cookie-match HTTP 302
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=5107433821974033916

Request Chain 384

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1638840631591&cv=9&fst=1638840631591&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/959299794/?random=1638840631591&cv=9&fst=1638838800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&is_vtc=1&random=1568103590&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/959299794/?random=1638840631591&cv=9&fst=1638838800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&is_vtc=1&random=1568103590&resp=GooglemKTybQhCsO&ipr=y

420 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
sectiondata8e-consult1d4.duckdns.org/secure/
Redirect Chain

https://sectiondata8e-consult1d4.duckdns.org/secure
https://sectiondata8e-consult1d4.duckdns.org/secure/

344 KB
344 KB

137ms
137ms

Document
text/html

34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 07 Dec 2021 01:30:23 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 07 Dec 2021 01:30:23 GMT
Server: Apache
Location: https://sectiondata8e-consult1d4.duckdns.org/secure/
Content-Length: 260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK f.txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 37 KB
37 KB 1316ms
133ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f.txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 38022

GET
H/1.1 200
OK cool-2.1.15.min.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 14 KB
14 KB 1347ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cool-2.1.15.min.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 13891

GET
H/1.1 200
OK tc.min.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 19 KB
19 KB 393ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tc.min.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 19498

GET
H/1.1 200
OK js Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 132ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 192342dece60dbba81a5d57f1ee771e2847dc75ca1028c4ff0caaa89ba0269ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 99403

GET
H/1.1 200
OK js(1) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 133ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(1)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ce27e9325578e87d56fb6067cea56737c8a1fec538e1a823a72e5c4c2de4ab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 99403

GET
H/1.1 200
OK js(2) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 133ms
133ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(2)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: feb51770e950d4375c64c7045dba448a58adf5363569fa1e1f3e06937aa11007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 99539

GET
H/1.1 200
OK js(3) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 137ms
137ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(3)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4c8e7a9b90d81d5546fd28d8dcc95c51329c2eeda5eac8348ce1ee5913e49fdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 99510

GET
H/1.1 200
OK js(4) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 132ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(4)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 193238ab76da5459deca110ce1d66df1e8c4704397e025072eb03b2ea88adf0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 99539

GET
H/1.1 200
OK js(5) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
98 KB 132ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(5)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 51369dbf29e69b578b41d4e58bfd7f7845ff88baa6595c954fa9fddf0dbecf5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 99633

GET
H/1.1 200
OK js(6) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 133ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(6)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf7853273ca8063f3944cca69bc18fdc056db7c373386b4534a9dbc3a9f8c6c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 99539

GET
H/1.1 200
OK js(7) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 133ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(7)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3950c8b755ebd006f07c6f1fd8595ddb482de737b2881e93bd25b4e932ba0832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 99539

GET
H/1.1 200
OK bat.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 35 KB
35 KB 132ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/bat.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 35663

GET
H/1.1 200
OK dpm_pixel_min.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 103 KB
103 KB 132ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/dpm_pixel_min.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 105110

GET
H/1.1 200
OK js(8) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 97 KB
97 KB 135ms
135ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(8)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 460d13e70e1f2ee022a7c67fd5ac1c6a3562b358f00a579e40bb89f4dbfe5a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 99518

GET
H/1.1 200
OK js(9) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 87 KB
87 KB 133ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(9)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8af070f2f55051d709a513db37d217d7109ae2150bf226100e6b9c7866844499

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 89356

GET
H/1.1 200
OK js(10) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 87 KB
87 KB 134ms
134ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(10)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2861b2d82fec30deb83e23b981db306dfef251b7712576ee2abfe668e1084ac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 89356

GET
H/1.1 200
OK js(11) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 87 KB
87 KB 138ms
137ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(11)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 94bd0aa5378cc695113022cf5f09877c2444520fe1e8c1100d7e26f048b25427

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 89356

GET
H/1.1 200
OK js(12) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 87 KB
87 KB 131ms
131ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(12)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4617d721a72730b105417ff7d971cad16a84a6fb8da05729ac45f69a02396600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 89356

GET
H/1.1 200
OK js(13) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 87 KB
87 KB 135ms
134ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(13)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8c9db6aae864c399cd193941140f47128eb99ef4310795eda5befe70ff7b3d91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 89335

GET
H/1.1 200
OK js(14) Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 87 KB
87 KB 136ms
136ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(14)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ff8ab7046d29477deea04c4871c3855e3bd73df92dec600c8b387d9905b62ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 89335

GET
H/1.1 200
OK d33293fff240236324c71f107f7c8dbd.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 4 KB
4 KB 132ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/d33293fff240236324c71f107f7c8dbd.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a52ab14f213aee9dd4812843a9ef65a6f636b6f7ae7120e9b9821ba96af70b4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 4069

GET
H/1.1 200
OK bb61038db92ca743e79ac88a2d977efe.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 340 B
594 B 132ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/bb61038db92ca743e79ac88a2d977efe.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 63a37c8b23a9f3953a94d7887a80395ebeb1c25c1c9561fff6a4991c4a6a8676

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 340

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 396 KB
396 KB 132ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 405607

GET
H/1.1 200
OK c1997fc4285b4ded7a3ef6dce5a65f2b.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 22 KB
23 KB 138ms
138ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/c1997fc4285b4ded7a3ef6dce5a65f2b.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 88fc4b693b8bbadd822119802f0b7f3039c7fdaffc03c6a4e4c1ee3b2127a674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 22873

GET
H/1.1 200
OK f1d424be7dfd03475beb6dfc2f1cd2ea.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 118 KB
119 KB 2452ms
135ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f1d424be7dfd03475beb6dfc2f1cd2ea.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ea443941c23136440c6e80fa8c83e99402564222964f960921476eb82bb431f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 121285

GET
H/1.1 200
OK 468b3e37a21c4198f4939c8aaca98066.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 1 KB
2 KB 2469ms
139ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/468b3e37a21c4198f4939c8aaca98066.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 1477

GET
H/1.1 200
OK 51aba9f62787efbaa13e53a8d1ae3892.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 1 KB
2 KB 2610ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/51aba9f62787efbaa13e53a8d1ae3892.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 1322

GET
H/1.1 200
OK a9780b65076b52465fb6be4319e40f20.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 155 KB
156 KB 2691ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/a9780b65076b52465fb6be4319e40f20.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0e0b42f83994ef5771755c73a41bea8af80a20a8f9deb44649ca34ff75863c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 159062

GET
H/1.1 200
OK 3ae5401499ebbfa990c60e4063f9b6af.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 2602ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/3ae5401499ebbfa990c60e4063f9b6af.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 381755f71c74f975a9ac540fe1ede4a3fc9b1fab96d800b86d635d526d27b8a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 1585

GET
H/1.1 200
OK 557566dc60916e3de69e006bef252459.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 2715ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/557566dc60916e3de69e006bef252459.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 2183

GET
H/1.1 200
OK 42d4d669434e7d621371bd59ca097dbf.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 5 KB
5 KB 642ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/42d4d669434e7d621371bd59ca097dbf.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 4796

GET
H/1.1 200
OK d90ce1a791ada193ee0ca4e9ce66632d.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 5 KB
5 KB 640ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/d90ce1a791ada193ee0ca4e9ce66632d.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=61
Content-Length: 4849

GET
H/1.1 200
OK fdf45a7c15c1cee06bb71e10dac4e26e.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 989 B
1 KB 535ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/fdf45a7c15c1cee06bb71e10dac4e26e.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 989

GET
H/1.1 200
OK serverComponent.php Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 435ms
141ms Script
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/serverComponent.php
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 016b0590183f82205fe441fee93850bd80df4d9552cdbd9fbba284b935242f64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 251 KB
251 KB 434ms
141ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/6c8322c7341eac98645c10e3d1d3c7ae.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e83d41b48708d19862e5bd32a6e7d25e7aa9c3bb4f49f967b36f2e93619eb0a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 256678

GET
H/1.1 200
OK tagging.min.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 42 KB
42 KB 434ms
141ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tagging.min.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3d594246baf1e88fe62fc2bf1adf9ff76c53e390731f99455eb71d7441ba8f00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43191

GET
H/1.1 200
OK banner.min.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 15 KB
15 KB 433ms
140ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/banner.min.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e6399fca6cbab33a9b3831e797db3e27e5438340da68f73b02710a3a75f58baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15472

GET
H/1.1 200
OK Bootstrap.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 289 KB
289 KB 478ms
142ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ff723ad535bb51caa4e379125786ca1d328f29faa1bb59733728bf16453053c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 295668

GET Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET
H/1.1 200
OK styles.187a58a1499ec83981b8.css
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 1 MB
1 MB 328ms
139ms Stylesheet
text/css 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 54114d6a66ff9b0a463cb8804b869581eb63483f4a78f5fc4367861bb2267a50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1261653

GET
H/1.1 200
OK tags.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 80 KB
80 KB 434ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tags.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 651ebd4bc6f8839724c4170e4a2a371ec8ef7ec4e84a137f272c7a3c0b405dcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 81693

GET
H/1.1 200
OK 1-es2015.d04d60e16e17d097d528.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 746 KB
746 KB 518ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/1-es2015.d04d60e16e17d097d528.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8322edb47f5a2f8dc4b8767813922f6918dcfa00d8c93de0017b04db649f63d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 763874

GET
H/1.1 200
OK logo.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 96 B
349 B 598ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/logo.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3fffb8d87957014886c19a6facfef2acbeb84d739b58be7bb01fd963448e2bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 96

GET
H/1.1 200
OK tags.js(1).download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 80 KB
80 KB 526ms
131ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tags.js(1).download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: c64cbd472959e09b0eb3f25f31c09c8e80547071c69abf8db3b66a4a711c77fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 81693

GET
H/1.1 200
OK cedric.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 602 KB
603 KB 441ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cedric.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 616835

GET
H/1.1 200
OK tags.js(2).download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 80 KB
80 KB 436ms
134ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tags.js(2).download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b71ccf6edf4f945fe0cb55240b606077eb77930db0f12fadb5859091a5967102

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 81693

GET
H/1.1 200
OK embed.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 351ms
133ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/embed.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 58edfbfc2f0d71cba3b2f3c7e20e86af09b6e7097c76db4e57cd9b4abe106b50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1573

GET
H/1.1 200
OK 16001692.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 0
252 B 173ms
133ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/16001692.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 0

GET
H/1.1 200
OK 16003743.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 0
252 B 169ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/16003743.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 0

GET
H/1.1 200
OK f(1).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 426ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(1).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 24ae3bdb3c016eefc3e7519084cccfe577540cc99624de7f50ecf8f651d100e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1767

GET
H/1.1 200
OK f(2).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 484ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(2).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3fd98b9b4f926fc187f5d96d89e84f6400995dbfca8ddb6ab2e25c983191a672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1787

GET
H/1.1 200
OK f(3).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 559ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(3).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 66142f608346ab15cd117ab93e2c97168ccbcbdcdf6523bc4fea489a18a852fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1767

GET
H/1.1 200
OK f(4).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 592ms
140ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(4).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5eddf6e04b7b4d877bcc41b695bc5ade3cd6dc80b2493fb06ff47f68b5d0eb79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1767

GET
H/1.1 200
OK f(5).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 619ms
135ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(5).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 60202d0a881aee000e3ef1b52abe7ce6759a52bdc50b97f60ddcb65783fa8d22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1767

GET
H/1.1 200
OK f(6).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 693ms
134ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(6).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 10d1a09ed85bc8ad803a16660940e68736b3a86d27bdaf7d96ca872152d55156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1767

GET
H/1.1 200
OK f(7).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 728ms
136ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(7).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9222fb53874d578cf7d2b8778f4d06c197a5ad3c6c044d3f4428988da18972f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1767

GET
H/1.1 200
OK f(8).txt Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 740ms
131ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/f(8).txt
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6608f3225dd3f373a0fe2701c42427936eb998509a1271ac52dce3b00af54834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:52 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1767

GET
H/1.1 200
OK citilogoredesign.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 520ms
133ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/citilogoredesign.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1799

GET
H/1.1 200
OK 050-location@2x.svg
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 382ms
144ms Image
image/svg+xml 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/050-location@2x.svg
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1752

GET
H/1.1 200
OK icon_globe_med-grey@2x.svg
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 3 KB
4 KB 784ms
132ms Image
image/svg+xml 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/icon_globe_med-grey@2x.svg
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 3523

GET
H/1.1 200
OK phone.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 10 KB
10 KB 139ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/phone.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 9873

GET
H/1.1 200
OK qrsignon.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 741 B
982 B 219ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/qrsignon.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 741

GET
H/1.1 200
OK laptop-and-phone-pairing.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 3 KB
3 KB 133ms
132ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/laptop-and-phone-pairing.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=59
Content-Length: 3044

GET
H/1.1 200
OK laptop-and-phone-success.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
3 KB 132ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/laptop-and-phone-success.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 2544

GET
H/1.1 200
OK 320_Citi-PLT@3x.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 11 KB
12 KB 132ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/320_Citi-PLT@3x.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 11562

GET
H/1.1 200
OK 1440_Citi-PLT@3x.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 27 KB
28 KB 518ms
133ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/1440_Citi-PLT@3x.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 28149

GET
H/1.1 200
OK runtime-es2015.d43ecfa67810809a922a.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
3 KB 152ms
151ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/runtime-es2015.d43ecfa67810809a922a.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3a4284fc3091796d852c047a85d6f8d91c95e1bb7b1b2c3bb3e69b1d29064488

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2519

GET
H/1.1 200
OK polyfills-es2015.208e90726d88af943fd8.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 175 KB
176 KB 134ms
133ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 627660443b6ba8e5a33bb1c0961f9a628a6b956ac4c9cfb3aca7991797d30bc3

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 179630

GET
H/1.1 200
OK scripts.ccc73c512668b4e837d7.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 49 KB
49 KB 132ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/scripts.ccc73c512668b4e837d7.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 50376

GET
H/1.1 200
OK main-es2015.926484ba20d93e7ff0df.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 3 MB
3 MB 139ms
137ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/main-es2015.926484ba20d93e7ff0df.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1ef8a96213dddc1092922838721a9944760936864f654a7975246e377b6271e6

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3071153

GET
H/1.1 200
OK jquery-3.5.1.min.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 87 KB
88 KB 132ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/jquery-3.5.1.min.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 89476

GET
H/1.1 200
OK xmsdk.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 1 MB
1 MB 148ms
146ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/xmsdk.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1331767

GET
H/1.1 200
OK qrlogin.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 6 KB
6 KB 144ms
143ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/qrlogin.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 80ca50c063371e37ab3ed2efb9842c2aac89bd9e2ac64de697950c588d4df7c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6321

GET
H/1.1 200
OK config.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 0
252 B 131ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/config.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=64
Content-Length: 0

GET
H/1.1 200
OK generic1634752371595.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 527 KB
528 KB 132ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/generic1634752371595.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=58
Content-Length: 540128

GET
H/1.1 200
OK 0
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 0
214 B 138ms
137ms Image
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/0
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 0

GET
H/1.1 200
OK 0(1)
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 0
214 B 138ms
137ms Image
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/0(1)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 0

GET
H/1.1 200
OK 0(2)
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 0
214 B 137ms
136ms Image
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/0(2)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=62
Content-Length: 0

GET
H/1.1 200
OK 0(3)
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 0
214 B 131ms
131ms Image
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/0(3)
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=62
Content-Length: 0

GET
H/1.1 200
OK 1592741950571_CTA_Feedback(final).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 2 KB
2 KB 307ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/1592741950571_CTA_Feedback(final).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2196

GET
H/1.1 200
OK kloader.gif
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ 19 KB
19 KB 133ms
133ms Image
image/gif 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/kloader.gif
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=63
Content-Length: 19110

GET
H/1.1 200
OK / Show response
sectiondata8e-consult1d4.duckdns.org/secure/ 344 KB
344 KB 268ms
136ms XHR
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tagging.min.js.download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061

Request headers

appVersion: CBOLV1.0.0
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
client_id: undefined

Response headers

Date: Tue, 07 Dec 2021 01:30:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
107 B 60ms
8ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 07 Dec 2021 01:30:24 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 1 KB
708 B 70ms
18ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Mon%20Nov%2022%2016:55:07%20GMT%202021&ClientID=1129&PageID=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1c8d486988286b27acecad98545f906aca181f7804289a8a263bb8f50eab30e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Tue, 07 Dec 2021 01:30:24 GMT

GET
BLOB 200
OK cbc6434b-9859-42e0-924b-a39aebfb5714
https://sectiondata8e-consult1d4.duckdns.org/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sectiondata8e-consult1d4.duckdns.org/cbc6434b-9859-42e0-924b-a39aebfb5714
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 165178

GET
H2 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
548 B 44ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1638132188423&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2841783379&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
108 B 49ms
25ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1638132189660&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4213411889&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
108 B 44ms
20ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1638132189676&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3958380041&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
108 B 24ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1638132189679&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4165928690&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
108 B 27ms
22ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1638132189841&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2866259313&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
108 B 25ms
20ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1638132189843&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2714526458&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
108 B 26ms
21ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1638132189847&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1975215411&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
108 B 26ms
21ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1638132189849&cv=9&fst=1638129600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin%3Fdeepdrop%3Dtrue%26checkAuth%3DY&ref=https%3A%2F%2Fbanking.citi.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1166593377&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LSO_4959.jpg
online.citi.com/nga-lite-signon/ 171 KB
172 KB 176ms
26ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/nga-lite-signon/LSO_4959.jpg

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
last-modified: Mon, 11 Jan 2021 11:55:43 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 174933
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found Citi-Branding-Sprite.png
sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 543ms
131ms Image
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Citi-Branding-Sprite.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Appstore-Googleplay-JDPower-Sprite.png
sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 381ms
144ms Image
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Appstore-Googleplay-JDPower-Sprite.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found social-media_facebook@3x.png
sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 517ms
132ms Image
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_facebook@3x.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found social-media_twitter@3x.png
sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 796ms
132ms Image
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_twitter@3x.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found social-media_youtube@3x.png
sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/ 315 B
315 B 785ms
132ms Image
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_youtube@3x.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 267ms
137ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 265ms
136ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.woff
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 267ms
132ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
nexus.ensighten.com/citi/na_prod/code/ 989 B
1 KB 12ms
10ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
last-modified: Tue, 14 May 2019 17:01:42 GMT
server: nginx
etag: "5cdaf476-3dd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 989

GET
H2 200 42d4d669434e7d621371bd59ca097dbf.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 12ms
11ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/42d4d669434e7d621371bd59ca097dbf.js?conditionId0=4897099
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 17:28:43 GMT
server: nginx
etag: W/"615f2e4b-12bc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 557566dc60916e3de69e006bef252459.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
961 B 12ms
11ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:59:12 GMT
server: nginx
etag: W/"5d656160-887"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 c942fa5b036f63cf515027e22894e5aa.js Show response
nexus.ensighten.com/citi/na_prod/code/ 156 KB
34 KB 17ms
15ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/c942fa5b036f63cf515027e22894e5aa.js?conditionId0=421908
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1a52e20a2d1a14c0f487d961757fe56caa17d172a64820c54950eba91c50933a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 17:36:41 GMT
server: nginx
etag: W/"61a66129-26e38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 d139e7d35fc18934e03ae7d1eb3769bf.js Show response
nexus.ensighten.com/citi/na_prod/code/ 119 KB
34 KB 37ms
37ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/d139e7d35fc18934e03ae7d1eb3769bf.js?conditionId0=486757
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e7ef42c5bbd7f8d71f7c0a6b1d7de5aab5ef30619267afd49f0f2d27998cdc93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 17:36:41 GMT
server: nginx
etag: W/"61a66129-1da35"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 98bee068f68171950fb97a251d5f5b81.js Show response
nexus.ensighten.com/citi/na_prod/code/ 22 KB
6 KB 45ms
44ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/98bee068f68171950fb97a251d5f5b81.js?conditionId0=467299
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6245952a84f047f47eabe2d7cc6ba2d90207b5396d594c07ef9ec58a10736740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 17:36:41 GMT
server: nginx
etag: W/"61a66129-57c5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 45ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b7f800227bb70a3dae3388e31fda8b0a9168eebaceb11c5cb18915799ecac7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35939
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
36 KB 37ms
14ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e0c9a5ac3a8a0a7738afb69481a216edf32993324e190e8ca7de61fa9429d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35940
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 58ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f04957972254d6626e13996490c1b69d00852cf9dd1609b7207176324cc82183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35947
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 61ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f71b34ee34c63409f8dd14a971efccc5cd72a76f8359349e4b4f87a817c8ee32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 62ms
32ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6415812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87cef7fe0bd0a2be044c8c4cc85790c8e9a99a31cb1567c804b06062b9b67b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35949
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 43ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f5b03cc93456ce6ad6fb19f01e6fb2c29756ae24ca9f3e1a2ed60b9ed77add3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H/1.1 404
Not Found Interstate-Bold.ttf
sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 145ms
144ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.ttf
sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 148ms
143ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Bold.ttf
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 274ms
132ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 141ms
131ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK saved_resource.html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 10 KB
10 KB 170ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 845fb8a7859de5499a50023135f5863388e4a464fd11a14fa77ac62a05d915b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 9985
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK 425466.html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame EA5D 427 B
668 B 171ms
133ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/425466.html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 83234a7ccf9b10289c35549b5528c0a8203e3ea5fa497c42ee556121368e37c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:06 GMT
Accept-Ranges: bytes
Content-Length: 427
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK saved_resource(1).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 10 KB
10 KB 171ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 410b2c6c4e5d803c112ac15ed2e11db6bb1278ed837fa0259d67feaca2d89e4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 9856
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK saved_resource(2).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 9 KB
10 KB 172ms
133ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e103d45f638ac5174b7428a7b0d2f0440766cb8d17c05886e41ae30e62e8825d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 9660
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK pixel.html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame B6E3 184 B
425 B 177ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/pixel.html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9c53af1ed22f8e1f67c76c9fc493d32cdfa1c3023a574778833a27e90b88e13b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:06 GMT
Accept-Ranges: bytes
Content-Length: 184
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK form1614870341292.html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame F6FE 348 KB
349 KB 188ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: be3a7fefd0171e451a0610798b1ddebec64cd0457d8a9e571498b417c5f15142

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:06 GMT
Accept-Ranges: bytes
Content-Length: 356697
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 404
Not Found Interstate-Bold.woff
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 250ms
131ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.ttf
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/ 0
0 234ms
131ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET cr.png
contents3.00110.citi.com/api/v1/ 0
0

GET
H/1.1 404
Not Found Interstate-Bold.ttf
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 163ms
131ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found Interstate-Light.woff
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 173ms
132ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 8ms
7ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2532573&did=551970&errorName=ReferenceError
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:26 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 8ms
7ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2670712&did=571630&errorName=ReferenceError
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:26 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 8ms
7ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2670634&did=572752&errorName=ReferenceError
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:26 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 07 Dec 2021 01:30:25 GMT

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 396 KB
396 KB 231ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 405607

GET
H/1.1 200
OK clear.png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 259ms
150ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 0

GET
H/1.1 200
OK clear(1).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 259ms
149ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(1).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 0

GET
H/1.1 200
OK clear(2).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 81 B
321 B 822ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(2).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 81

GET
H/1.1 200
OK clear(3).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 257ms
135ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(3).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear3.png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 255ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 200
OK clear(4).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 240ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(4).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(1).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 260ms
142ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(1).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 0

GET
H/1.1 200
OK clear(5).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 373ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(5).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 0

GET
H/1.1 200
OK clear1(3).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 715ms
132ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear1(3).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 0

GET
H/1.1 200
OK clear3(2).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 374ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(2).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(3).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 402ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(3).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(4).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 415ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(4).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(5).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 420ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(5).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(6).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 413ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(6).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(7).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(7).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(8).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(9).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(9).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(10).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 395ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(10).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(11).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(11).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(12).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 399ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(12).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(13).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(13).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(14).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(14).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(15).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(15).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(16).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 395ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(16).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(17).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(17).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(18).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 399ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(18).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(19).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(19).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 0

GET
H/1.1 200
OK clear3(20).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(20).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(21).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 402ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(21).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(22).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 403ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(22).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(23).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 397ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(23).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(24).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 399ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(24).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(25).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 402ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(25).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(26).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 402ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(26).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 0

GET
H/1.1 200
OK clear3(27).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 399ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(27).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear3(28).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 0
239 B 407ms
135ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(28).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 0

GET
H/1.1 200
OK clear(6).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 81 B
321 B 842ms
133ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(6).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 81

GET
H/1.1 200
OK check.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 403 KB
403 KB 404ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 472083aa55f0ce92f258f53c93181e695338e6c01857ceafbf6ced254b94c56d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 412439

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 396 KB
396 KB 258ms
141ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 405607

GET
H/1.1 200
OK clear(7).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 393ms
138ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(7).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK clear(8).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 393ms
137ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(8).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 0

GET
H/1.1 200
OK clear(9).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 81 B
321 B 976ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(9).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 81

GET
H/1.1 200
OK clear(10).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 257ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(10).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(29).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 273ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(29).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK clear(11).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 281ms
130ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(11).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear1(4).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 810ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear1(4).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=62
Content-Length: 0

GET
H/1.1 200
OK clear(12).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 289ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(12).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear3(30).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 389ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(30).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK clear3(31).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 389ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(31).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(32).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(32).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(33).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 396ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(34).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(34).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(35).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 399ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(35).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(36).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 401ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(36).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(37).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 401ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(37).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(38).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(38).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(39).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(39).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(40).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(40).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(41).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 399ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(41).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(42).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(42).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(43).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(43).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(44).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(44).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(45).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 397ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(45).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(46).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 395ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(46).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(47).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 398ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(47).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(48).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 402ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(48).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 0

GET
H/1.1 200
OK clear3(49).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 403ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(49).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(50).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 402ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(50).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(51).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 403ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(51).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear3(52).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 400ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(52).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(53).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 0
239 B 399ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(53).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear(13).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 81 B
321 B 841ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(13).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 81

GET
H/1.1 200
OK check.js(1).download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 403 KB
403 KB 402ms
132ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 232e458903366c81298221c77e27a787a9b023b461f4bf041d46cba54dbed529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 412439

GET
H/1.1 200
OK clear(14).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 388ms
135ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(14).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear(15).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 399ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(15).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 200
OK clear(16).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 81 B
321 B 843ms
132ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(16).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 81

GET
H/1.1 200
OK clear(17).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 387ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(17).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(54).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 399ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(54).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear(18).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 406ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(18).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 0

GET
H/1.1 200
OK clear1(5).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 711ms
133ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear1(5).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 0

GET
H/1.1 200
OK clear(19).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 416ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(19).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(55).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 516ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(55).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(56).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 517ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(56).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK clear3(57).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 401ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(57).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 0

GET
H/1.1 200
OK clear3(58).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 395ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 0

GET
H/1.1 200
OK clear3(59).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(59).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 0

GET
H/1.1 200
OK clear3(60).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 398ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(60).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(61).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 401ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(61).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(62).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(62).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(63).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(63).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 0

GET
H/1.1 200
OK clear3(64).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(64).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1 200
OK clear3(65).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 394ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(65).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:27 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 0

GET
H/1.1 200
OK clear3(66).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 399ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(66).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(67).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 399ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(67).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 0

GET
H/1.1 200
OK clear3(68).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 400ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(68).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:02 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(69).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 401ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(69).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 0

GET
H/1.1 200
OK clear3(70).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 400ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(70).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 0

GET
H/1.1 200
OK clear3(71).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 396ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(71).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(72).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 398ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(72).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear3(73).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 402ms
132ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(73).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 0

GET
H/1.1 200
OK clear3(74).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 403ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(74).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 0

GET
H/1.1 200
OK clear3(75).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 401ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(75).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 0

GET
H/1.1 200
OK clear3(76).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 404ms
134ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(76).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=67
Content-Length: 0

GET
H/1.1 200
OK clear3(77).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 405ms
134ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(77).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 0

GET
H/1.1 200
OK clear3(78).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 0
239 B 383ms
133ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(78).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 0

GET
H/1.1 200
OK clear(20).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 81 B
321 B 710ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(20).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 81

GET
H/1.1 200
OK check.js(2).download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 403 KB
403 KB 296ms
141ms Script
text/plain 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5aae2cfb75508c7fe149be48fb2de77689242a21e02dae364d4438161349b386

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 412439

GET
H/1.1 404
Not Found Interstate-Light.ttf
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/ 0
0 199ms
131ms Font
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/styles.187a58a1499ec83981b8.css
Origin: https://sectiondata8e-consult1d4.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
350 B 305ms
101ms XHR
text/plain 54.164.224.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.224.206 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-224-206.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://sectiondata8e-consult1d4.duckdns.org
date: Tue, 07 Dec 2021 01:30:27 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 323ms
98ms Preflight 54.164.224.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.224.206 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-224-206.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://sectiondata8e-consult1d4.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 01:30:26 GMT
content-length: 0
access-control-allow-origin: https://sectiondata8e-consult1d4.duckdns.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

GET
H/1.1 200
OK liveform-web-vendor-7a445f15ef.css
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame F6FE 739 KB
740 KB 166ms
131ms Stylesheet
text/css 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/liveform-web-vendor-7a445f15ef.css
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b86389100be1332c53c03d4aec32dce30ce00d9f4a803a7c6f7dc6155c4d84c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 757105

GET
H/1.1 200
OK liveform-web-style-bfa52db035.css
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame F6FE 176 KB
176 KB 194ms
139ms Stylesheet
text/css 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/liveform-web-style-bfa52db035.css
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e8e8f01dc620e1cd54ce35aa05a1c9c703bf8eede3772537ffb5cc10884bfeac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 179794

GET
H/1.1 200
OK liveform-web-vendor-fba5f1656e.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame F6FE 514 KB
514 KB 339ms
131ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/liveform-web-vendor-fba5f1656e.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ed000f9034b588160db0f2a7f4213cc23eacfd007d11980f8453b8e50bef87a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 526174

GET
H/1.1 200
OK liveform-web-app-59106c1093.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame F6FE 538 KB
539 KB 344ms
134ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/liveform-web-app-59106c1093.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 71137b95bc3d14f7a6de2ed96290422b4ae342c57a3ea8ff9ae6914fd7a9792a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/form1614870341292.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:26 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 551185

GET
H/1.1 200
OK Citi_placeholder_CSSv1.css
assets.kampyle.com/clients/nebula/citi/ Frame F6FE 4 KB
1 KB 48ms
7ms Stylesheet
text/css 151.101.0.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kampyle.com/clients/nebula/citi/Citi_placeholder_CSSv1.css
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/liveform-web-vendor-fba5f1656e.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e78de330792cb7190d2391e632fef62a7142470694ed01389149b3066bdca04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "3d67ac2ff5a333326d321c83c6c27fed"
Age: 315
Via: 1.1 varnish
X-Cache: HIT
Connection: keep-alive
Content-Length: 652
x-amz-id-2: myeAKqxOyuX/Ea+Eb8N+fu88B0YxSe1VLjDhdPCSZKv0hJ7Wnz387VF+1Maueqic7P2QW/sWYo4=
X-Served-By: cache-hhn4046-HHN
Last-Modified: Mon, 01 Jun 2020 23:50:43 GMT
Server: AmazonS3
X-Timer: S1638840627.134655,VS0,VE1
Date: Tue, 07 Dec 2021 01:30:27 GMT
Vary: Accept-Encoding
x-amz-request-id: D6TWDWKPQBDQHRPN
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Type: text/css
X-Cache-Hits: 1

GET
DATA 200
OK truncated
/ Frame F6FE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29559450cf2b7f8be98987d31923c299e84677b50c284f37ee590401848856a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame CD58 81 B
475 B 86ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&ck=0&m=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:28 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame BDBA 81 B
474 B 16ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&ck=0&m=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:28 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ls_fp(1).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 0115 82 KB
83 KB 137ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(1).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 76262472e3bdc3961a2981c15110635a80b249f424ad28be42366e50f4ffbe03

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html

Response headers

Date: Tue, 07 Dec 2021 01:30:28 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84477
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK sid_fp(1).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame B30E 96 KB
96 KB 228ms
134ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(1).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 488f2e5ca810789b86bf5dcb121eddb5ad06d69914e622971685b56bc8b16354

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 98068
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK top_fp(1).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 17DC 82 KB
82 KB 231ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/top_fp(1).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3ffeb7001287be5dd60d5a221874e2ea04d0aa6aab1000256616bf0efd82fdc4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84028
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK ls_fp(2).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 9C0B 82 KB
83 KB 233ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(2).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 21436b362a61dba68828fcad09704f865f1fc169f284ff7383927eead46a9d62

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84477
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK sid_fp(2).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 0727 96 KB
96 KB 235ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(2).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 48bbb9a9c2bcf37b69acde0cd56b87591edd09beb8efc629f95757eec1866e7f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 98068
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK top_fp(2).html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 155B 82 KB
82 KB 236ms
132ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/top_fp(2).html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 241e96ead3a633d9b84379afdc244cd93a9b63a786e4ec77f5bc73d5a52a09c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84028
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 2785 81 B
474 B 21ms
21ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&ck=0&m=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ls_fp.html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 5724 82 KB
83 KB 158ms
131ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp.html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f237cc206237c64f01c5eecc39d6a2826b0ffb42ac19bc613fe212ea005870eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84477
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK sid_fp.html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CA3E 96 KB
96 KB 159ms
133ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp.html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7fb20629e6af659742722f89cf23522dc448d94ca929ca7cc578ad693953992f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 98065
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK top_fp.html Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame D0F5 82 KB
82 KB 161ms
134ms Document
text/html 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/top_fp.html
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2de419797226f96c7acae89f033c5fc33491312ea4f305052209f9136632d6f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Accept-Ranges: bytes
Content-Length: 84028
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK clear(22).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 0115 0
239 B 144ms
134ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(22).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 0

GET
H/1.1 200
OK clear1(1).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame B30E 0
239 B 544ms
132ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear1(1).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(1).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 0

GET
H/1.1 200
OK clear(23).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 9C0B 0
239 B 218ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(23).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 0

GET
H/1.1 200
OK clear1(2).png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 0727 0
239 B 512ms
132ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear1(2).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(2).html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 0

GET
H/1.1 204
204 clear1.png;CIS3SID=EEEE39F6EF9E265B7C0195EBDF63B49B
h.online-metrix.net/fp/ Frame B30E 0
401 B 60ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=EEEE39F6EF9E265B7C0195EBDF63B49B?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jf=3c313a247b6b6657726e6635746c7a5f7636654f4368774044346d4a4170324a24716b645f6c6376673f3334313a3a343836323926736b6c5f747172653d7f656a3a67616c71632e736966576b6d713d31303d3b333231313036303f30613836363a6165336c323032333234323a3061303634386365316c30333833303738333c323232383666386437676d306c6a6564623f373532363a3232393a6130346433343731363c33323664323b326364626c3438613931673d62386c3a36333e663e3630343163606d66363b3d65693b3864383931336332633733376e643164313a366363333a333b66313533353630666b6335366566666a3665313034393830693731306e63247b69645d7b696f353332343e32323031323063653c663634383a646139393a343a6360323b673b66666e3733653639333f30343c6733343f646b6260346d32643f37643569323f3a3635383f33353536333530323a3330306236343b61633d606060366364673737306a6630356534603c38656b36306269613a6437333936303a30636669386d3f3967666d3a616163633461643163616626716b64723d39

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(1).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=6EDC59747E640E2C9918E8A8D8F8E2DF
h.online-metrix.net/fp/ Frame 0727 0
401 B 58ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=6EDC59747E640E2C9918E8A8D8F8E2DF?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jf=3631382671696c57726e663f7664705d37563651526e42513459335a7365484f2e716b6c5f64697c673f3134313838363036303924736b665d7679726d3d7567603a65636673692e7369665d69657b3f3132373931323131303e32353261383e3c3a616d3364383a3233303432383263383636386165316632313033383732313632303032346c3a35363731363933313a353b3733373230616c31323263383c3934333f34383b6b346735343a61333638383433363233663a3b62366c3866336333303133376939663735306062606033606034353a6661653a33323763383b6d64603d62646b693b3535603364333637666162666131613b316231383230636466366433612e7b69645d716b673f313236343030303132306c6135366435303b3b643e66353f6d33303134313233673863643332353266353536643b3460353765616361653e316532353a6035356037333a3961306637353830303130306c39673a3135626a3832333063606537313736663132376437303638666e6664663131333431376d3e6435613260613131353733623534343232303a616235322e7b6b647a3d31

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp(2).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 0115 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(1).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear(21).png Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 5724 0
239 B 212ms
131ms Script
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(21).png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:04:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 0

GET
H/1.1 200
OK clear1.png
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CA3E 0
239 B 477ms
131ms Image
image/png 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear1.png
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=60
Content-Length: 0

GET
H/1.1 204
204 clear1.png;CIS3SID=B805D4AC5F711323C20DCDA8DBF9F3E1
h.online-metrix.net/fp/ Frame CA3E 0
400 B 14ms
14ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=B805D4AC5F711323C20DCDA8DBF9F3E1?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jf=3431362473696657706e663d76647257495a485b4e32453a783038394b49775e2e7361645f6c6376653f31343330383430343a31247361645d7479786d3f7567623a65616473632e7169665f696579353130373b313031313234303f3a633a3e3c386b65336c3230303330343030326138343c3061653b643233303938353231343230323034663a373637333639313b3a373b3533353230636633383a613a3c39363937343031613667353438693334383a3e3b363239643a39623c6c3a66336133303331376339643735326062626a3362603635386661673031383f613a3b6d666a35626c616339353560316c333437646b6a66613b633b33623b38303063666636663161247b6b645d736b673d3b32343732303230303561383c6c61303c3d616a666130373763603530633c6635383b3b3160666b393133393a6e3267303131306466353b3835333a616663323a63313266333866323030313838663b3a6a333e65393063343067326462693438323a306b36343a61606430386d333066663738303336633e353337303133656d35376667303137666432326e6d2471616e723531

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/sid_fp.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 9C0B 0
387 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(2).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 5724 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame CD58 81 B
552 B 41ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/9db673e613bdc659903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a
Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Last-Modified: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Etag: b7b30bbcfa1e42d59609dd5d7be8710f
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sectiondata8e-consult1d4.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 06 Dec 2026 01:30:29 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame B4B3 82 KB
12 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3d4ed134e512a6eb311c096d9a967c28539006f8d1aa3a6195e544483ea0d778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CD58 0
387 B 30ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:29 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
h.online-metrix.net/fp/ Frame 8C56 95 KB
15 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

106d61ada031ebf3b464a3a555e1139dfb3a0e6ddaf0b3a2326d794fabbdf4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CD58 0
387 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jd=3d38242462646c35333824626660353466363b61303a30316365373e3b3339626460616366313a6067373333353134266266746e3d3038393435323138

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame CD58 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame 41FD 82 KB
13 KB 17ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f46fe5cbf2c79bcceeb14f708e2abfc16b539e79dc4e2bf0484fda66e802addc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame CD58 0
218 B 15ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&ja=3a30353b2e24613530267835302e6e3d33363832783332323026616e3f313630327a3332303824717a7b3f327a32246478723d312c313438302c3930303024313e30322e393032382c31343830243932323024333632302e313230382e302c30246f763d61303a3063606166613535646c666466396563303431393637303e62316135632e6f6c353426716b64353a34246c603f68767472732533492732462530447165637c6b6d6c666376633a672d6b6f6e73756c7639643426667563636466732c6d7a65273a4673676b757a6d2530466b6b746b5f64696c657b27324673637467645f7a67716d777061672a33292668746d6c26667a3d687c7670732d33492530442d30447b656376616f666c61766130672d616f6c73756c7c3364342e6677616b6466712c6d706527304471656b7572652532442e706c35312670603d3f3864303063633e6263646a6539393360373b3a376365326433626c60326434246a6a3d356a323567376132603763393e613833663730696361316163363a346e3133612e6871673d4c6b6675702e6a7162354168706f6f652532383b36266a716d773d4c616c777a24687160773f4360726f6d65266c60633d3c246e64653d302676786c3f477c6325304e5566636e6d7766246d63746a723d343832336431613060656338306734616137343232383a6164313535363831666c36353830313c3166346d63633a3464613134696e6266373a313131313b366126783f706c75656b6c5f666463716a5c64636e716721786c7567696e5d7f696e6c6d7773576d6d646b6357726e6979657056666964736721786e7565696c5f61646760655f6161706d62617c5c64636e716723726e756f696e5f71756b6b6b74616f655e6e6164736723786e776f696e5d7b68676b6b75617e675e64616e736521786e7567696c5d70656164726e637b67705c64636c7b6521706c7565616e5f7e6e635f786c6979677056646364736523786c7d6f696c5f6c6776636c74725e66696e736521726e776769665d7174655d746b6775657a5e66616c736729706c7d65696e576a6976635c6e636e7b6526677033356a3733303c60313039313839643c353633336161363536393a3467313064676134626e3934313765246f6c5f6b3f77656a67645767604f4e273a30312c38253a38284d706d6c474e25303045532d3030322e322730304360706d6f6b776f2b5567624f4c253230474e5b4c253a3245532d3238312c322d3032204f70676647442d3232455b273232474e534c253a324553253032332e302d3032416a706d6f6b776d215765624b69765f6562436b74253a305f65604544434c4f4c455d616e7b7c616c636d665f6372706179732d3142253232475a545f6a6e676c665d6f6b6c6f61702533422532324d585457616f6c6772576277646e67705768616e6e5f6e646f63742d314227323245585457646c6f61765d606c656666273140273032475a5457667261675f666d7074602733422d3238455a5657716a6964657057746d707477726d5d6c6d64273342253a324558545d766778747d70675d616d6f727067737b696f6e5f62727c63253b402532384550545d766d7a767d72655d6b6f65787267737b6b6f6c5f706774632d3142253232475a545f7c677a767770675d646b6c7c65725f616e6b7b6f747a6d70696b253b4227303855474a4b49565745505c5f766570767570655d66696c7c67725f616c6b716f747a6d726b612731402730304d58545f7352454a25334a27323043485a5f72637a636e64656c5d7b68696c65705f6b6d6d72696e6525334a2732304f47515d656c6d6f676c765d6b6c6667785775696e7425314a2532384d455357666a6f5d706d6c666d725f6f617065697027334a2732324f47535f737c636e646170665d64657a6b7463766b74677127334a2532304f4551577465707675726d5f6e6c6d637c27314a25323247455b577467787c7772675f646c6f617c5d6c696e67637025334a2730324d47515d7667787c7572655f686364665f6e6e6f617c253b422730384d475b5f746770747d7a655d68696e665d666e6f6174576e696e6563702733422d30324d47515d746770746d785f61727263715f6f6a6865637c253b4227303855474a474c5d6b6f6467725d627d646667725d666c6f697625334227303257454a454e5d616d6f727067737b65645f74657a7c75726d5d61737c632d3340273a32554d42474e576367657070657b7165665f766578747d70655f6576612733422d3032554740454e5d616f657072657373676c5f746d7a74757a65576576613927314a2532325f454a4f4c5d63676f7070657173656457766578747770675f733b766127314027303255454a4b49545f57474a474c57616f6d78726d7371676c5d766d7874777a65577b3376632d31422732325745424f4e5f636f6f727065737b67665d76677a7677706557733374635f717a67622d3142253a305f454045445d666d62756557726d666467726d705f6b6e646f25334a273230574740454c5f6c6772766a5d76677a76757a6525334225303857454a49495457574d42454e5766677874685d7c65707c7570652d31422732325745424f4e5f647263755d62756e646770712731402730305f4542474c5f6e67736557616f6e7c65707427314a27303857454043495c575747424f4e5f6e6f71655f63676c74657876273142253a32554740454e5d6f776c7c695f647261753936266f6e5f6835306a3037336b63603e32383239343a3d3561656b30613565373466383f6038343666343735303c672475656e743f4b6c746d6c253230496c6b2e267f656c7235496674676e2d3032417269712d32384770676e4f4e253030476e67696667266363663f3331&jb=3935312464733f456f7a6b646c692d32443526322530302a57696e6c6d77732530324c54253a3233322c3227314027323857696e3634273b42253a3278363c292d32324378726e6d57656043697c2d3244353b352e313627323028434a544d4c2730412532386e6b6967273032456763636f292532304160726f656725324e393e2e322c3c34343c2e34372d32385b6164617a6b2530463733372e3b34

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net/fp/ Frame CD58 81 B
438 B 1040ms
157ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&di=yes

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame BDBA 81 B
551 B 13ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/1cc475c444d53f08241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32
Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Etag: 0082bdb99dc341ba82031fdd4ca6840d
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sectiondata8e-consult1d4.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Sun, 06 Dec 2026 01:30:30 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame C325 82 KB
13 KB 19ms
19ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b7ece5a6038d46d1e7e858b6c54850d1ce9221977f08f9e2fb26bc0c69b017bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame BDBA 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
h.online-metrix.net/fp/ Frame DEE3 95 KB
14 KB 19ms
18ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

99c39b12cbe978ccefa53af3df50a9e8ace321efc7d23193c60a38c0938ec29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame BDBA 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jd=37362626686666353338246864683f3666343163323a3031636d35343933396a6e60616b6639306a67373133353336246a66766e3f303837383138

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame BDBA 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame 3BFD 82 KB
13 KB 18ms
18ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

36a4554ddb2f91d4a7666df38e63bb6cfd402d620003202affb4b8f088f4c765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=88
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame BDBA 0
218 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&ja=3030373824266b353026783f3226643f333432307a333232302e63643d313638387a333a30302e7b7a7b3d327a30266670723f312e313432322e313038302e333430302c333238382c313432322c333032322e313432302e313a32322c302c382e6f76356138303a6360636661373766646666663b65633a363331363f3034603b613761246d663534267161663d3036246e6a3d6a767472732d31432532462d3a44716d637461676c6661766338652f636f6c73776c763366362e667d6369666c732e6f70672d3a467367617772672730446169766b5f64696467712532467b6974676c5f726d7b6d7772616728322b2e68766d6e2666703f6a7476787327314325324627324e7b6563766b6d6e666376633a652f616f6c737d6e76316434266c776163646e7b266d706727304673676375706527324424726e3d312e706a3f353866323a61693e62636460673133316035313835636532643b60666232643c2e6a6a3563346e6d363a346636613337393337383b323331323735353d31613633653065246a7b673d4c6b6c7778246871603f436a706f6f652d3032393626627b6d77354c69667d7a246a7160753d4168726d6d67266c6a613f342466646f3f3a26747a663d4d7c63253044576e696c6d756c266f63746a72353632303364396b30606d63303a6d346163373430303a3261663137353632336464363d383a33363164366761693a3464613b36616460663530333331313b366924723d706c7d6f6b6c57666c697b6a5c66636e736523706c77676b6e5d756b6c646d7f735d6f676469615d7064697965705c64616e716723726c7765696c5f69666d62655f696b706d6a6174566e636e736723706c7767696c5f73756b616976696f6d5e64636e736521726c7d6f696e5d716a6f6169756374655c64616e736d23726c756761665d706d616c7864637b65705c66616e736523706e75656b6c5d766e6b5f726e637965725c666964736523726e75656b6c5d666574636c74725664636c736529786e776f696e577b74655f746b657767725e64616e736723726e7565616e5d686376615e6461647b6526677a313d60353332366233303931383166363736333b6b61363d3631303e673132646763366066393631356524656e5d633f7f6560656e576562454c2d3a30312c322732322a4d72676e454e2530304d5127323032263827303843687a676f6b756f2b576560474c273232474e514e2732324d53273032312e30273238204f70676c454c2730324751253032474e534427303045532d3a32332630253a38416a726d6f69756f295767624969765567604b6b7c253032556562474e41464f4c455d6b6c7376636c6167645d637270617171273342253a38475a5c5f62646d6c665f6f6b6e6d6378253142273232475a565f61676c6d705d62756664657a5768616e645d666e6d63762733402732324550565d666c6f697c5d6064656e6c2d31402530324558565f667061655f6667727668273b422730324558545d7360696465705d76657a767770675f6e6d6427334a27303045585c5776677074757a6d5d616f6f7272657173696d6e5d627276612733402d3232475a545f7467787c7d72655d616d6d7270677171696d6c5f70677c61273342253a38475a5c5f746d70767772675d66696e7465705f636e6b716d76726d786961273142253232574d4a4b49565d4758565d76677a747770655d66616e7665725f69666b7167747267786b612531402532324558565f71524540273142273a30494a505f706170616464656c5d716a616667705d616f6f72696e652d3140253230474d515d6d6c65656d6c765f6b6c64657a5f756b6e762531402730304d4d535d64606f5f72676e6c6d725f6f6b726d63722731402530324f4753577176616e64697a665d6c6572617e6376697467732531422530304d45515d766778767d72675d646c6f6176253b4a2532324d47535d76677a767570675f646c6763765f6c69666d63702d33422d3a324d45515d74657a747570655d68636e645d666e6761762731422532324f4d5b5f74677a767570675d6a636c645d666e6f69765d6c696e6d6970273b42253a384d47535d7465727665785d617072637b5d6d62686d6376273142253232574d4a474c5d616d6c6d705d6077666467725d66646d637425334a2d30325f45424f445d616f6f727265717365665f76657a767770655d697376612733422530305f4d42474e5d616f6f727067717367665f766570767772655f6d7c61273b42253a38554742454e5f636d6d707065717367665d76657a7c7570675d65746333253b4a253232554742454e5d616d6d72706571736d665d7465787c7d70675773337c6b2731422730305747424b4b545d574740454e5f61676d727067737365665f7c6d78747770675f71317661273340273232574d40454c5f63676572706d73736d6c5d76657a767572675f733174615f7170656025314a253032554542474e5f6c6d6275655d70656c66677067725d6b6e646f2d31402532305f4d4045445f646d78766a5f766778747772652733402530325547424941545d554742474c5d646d7874685d76677876777067273340273232574d40454c5f647a69755d6a75666e6d7071253140253232574540474e5f6e6d71675f61676e76677a74253340253a38574540494b545d554740454c5d6e6f716557616d6e7465707c27314a2532385f4740474e5d6d756e74695d64706175333424676e57683f326030353161616a3e32383233363237376167613263356537346e3a356238343e6c34373d30346d2e75656c743f496e76656c273232496c612c24776564723f4b6c74656c273238417269712730304d72676c454c273030476e6f6b6c6526636b6c3f33&jb=333533266e7135456f7a6b6e6e61273044372c302730302a57616c666f77732d3a324c5c25323839322c30273142253030576b6e34342731402732327036362b273230417270646d576560496b742730443731372c31362732382a4948544d442d30412d3230646169672530324765616b6f2b253030416a706d6d672d32443b342e302e36363e3c2e343727303051636463706927304637333f2c3136

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net/fp/ Frame BDBA 81 B
438 B 1434ms
151ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&di=yes

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 2785 81 B
551 B 14ms
14ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/bf12cc12c4406580a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22
Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Etag: 894fbac6ba90412bbfd2807f6202fb5f
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sectiondata8e-consult1d4.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
Expires: Sun, 06 Dec 2026 01:30:30 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame F0BE 82 KB
13 KB 34ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

249043702f809b67227fd2a3bf6fbec36aaa2ecb712ca5f77c8b67e94c76da63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 2785 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
h.online-metrix.net/fp/ Frame 5C35 95 KB
14 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

398787402ea915dba26c6376422c3f8091abc44c94acc012fd3b584c81cf2ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 2785 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jd=353626246a666c353138246a64683d3c66363161323830316167373e31313b6a6e626b6366313a6065373133373b36266a647c663f303236383338

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=89
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 2785 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame 81EA 82 KB
12 KB 33ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7a577a969ac3e4ed1b5ce11d30298f48b1fa33d1eaf3e2eb82a6d8dbe508ebdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=87
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 2785 0
218 B 17ms
17ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&ja=32303737262661353226783d32266635333632327a3132323224616e353334383878393230382471787b3d3278382664707035392e313e30322c313a38322e333630302e313232382e313430322c313a32302e333430302e3330303824322e382e6d7c3d61303a3061606366633f376464646c6e3b6569383631313c3f32346039613763266d6c3536267163663d323c246c6a3f6a747472712733492d30442d3a467b65637c6b6d6e6661766130652d636d667b776c7c3166342e6c7d6169666e732e6d7267273a447367637772652d3046616b76695f646b6e657b2d30447b69766d645f7a67716f777261652668746d6e2e6c703d60747670732d3b432730462532447365617c6b6f6c6463746130672d616d6c73756e7633643c2666776b636466732e67706525304671656b757265273a4e2470643d3126706035353a64323861633662616e606533313162373b3a376367326433606660326c3c246a6035356c613630323732353361383d323732316d3b35383e366137373c6a35333166266a716f3d4e616c757a26687362354168706d6f652530323b362e62716d7d354c616e757024687360753f4360726f6d672e666a633534246e6465353a24767a643d477463273a44556c6b6c6f7766246d63766a723d363232336c3961306a6d633832653e616135343032383a616431373d3c32316e643635383039363366366561633234666b3b3463666064373a313131333b366124723f70647d656b665766646173605c64616e736721786c75676b6657756966646d7773576567666b615f706e6179677a5c66636c716521786e75656b6c5f61666d606557696170676a617c5e66696e716523706e756f696e5f737d61616b7c696f655e6e696e716721706c7767696c5771686d636977617e675e64636e736523726e756f616c5d7a6d6164706c697b67725c66636c7b6521706e7d6f6b6e57766e635f7864637b67725e66636c736729726c77676b6e5f6c6776636e74725e64636e736d29726e7d6f69665f737e655d766b6575657a5e66616e7b6d2370647565696e57626374635e66616e7365246d7a333f623531303c6031303b313839663635363b3b61613c3d363938366d313066676334626e393431356d2e656c57633f77656a6f6e556762474c2732303326322530302a4f706d6c474e27303045512730303a2632273a384360726f656b776d2b5767624f4c2532324f44514c2d323245532d3a32332c30253232284f726d6c474e253030455b273232454e534c273032455b2d30323926302d32304b6a706f6f69776d2157656249617c55656a4b6b74253a38556760474c414c474c47576b6e7174636e636d665f6370706179712731422d3a3247505c5f6a6c6566665d6d6b6e6f6170253342273a3847585c5f616f6c677a5d6077666665705f686364645f646c6d61742d31422730324558565d646c6769765d6a64656664253b40273232455a545766726165576c67707c682733422d3a32475a545f736a6164677a5d7467787675726d5d6c6d6627334227303245505c5d766d70747d726557616d6d727267737b696f6e5d6a7876632d33402532384d5a565d7465787675726757616f6f707065737b6b6f6c5d706774612731422d3a3247505c5f7c65787c7770655d666b6c7c65725f636661716f7c726d70696b2d31402732305747424b4b5c5d455a545d746570767570675d66696e76677257696c6b7b67747a6f7061612733402530304d58545f715a4f40253b422732304340505d726172616e6c656e577168636467725f6b6d6d726b6e65253140273238474751576d6c6d6d6566765d696c6467785775696e762d3b40253a304d4553576e606d5d72656e6665725d656b706f617225334a2732324d47535f7176636e6c697066576c657a697669766b76677327334a2532304d4d5b5d746d787675726d57646e6d61742531422530384d45515f7665787c7772675d646c6f63765d6c616667637a2d334a2532384d47535d7467787c7572655d60696e6657666e6f617c2d31402732304f47535f766d7a747772675f68696e665d646e6f61765d6e69666d63702d3b422d32304747515f746570746d785f61707a697b5f67626865637c2d3140273230574742474e57616f6e6f705f627d646667705d666c6d6376253b4a2730385f454a474c57616d6d727267737b65645f766d7076757a655d61737c6b27314025323055454245445d636d6d7272657b7165665d76657876777065576d76612d3b422d32305f4740474e5f616f65707265717b6d665f7c657a74757a6d5d67766331253142253038554540474e5f63676f707067717365665d7665707c77706d57733b74632d314025303055454a4b49545d5f4d4047445f616f6d787a67717165645f766578767d70655d733174632d3142273032574540454e5f6b676f727a6d737b656457766778767570655773337461577b70676a253142253a38554740474c5f666562776f5d72676e6665726d705f6b6c646f2531402732385f47404f445f6c65707c6a5d74677876757a652533402d3a32574d42494954575f4740454c5f646770746a5776657a747772652d3142273032574540454e5f6c7a6375576a756e66657a712733402530305f4542474e57646d736d5f616f6e7c6d7a7627334225303057474a4949565f5545424f4e5f6e6d71655f616d6c746d7076273b4a253a30574d40454c5d6d776c7c695f6470697f33362e676e5f6835386032373163616036323a38333430353763656b306135673734663a3560383c3e66343d3d303c65267f656e763f496c746d6c2532324166612e2e77656c7235416c76676c25323249726b7b2732324f72656e4f4e253032476e676b6c67266b6b663f39&jb=313533246c713f456d7a6b6c6e61253a44352c322732302a556b6e6c6775712d3a304654253a3233302c3027334a25323055616634342d33402532387034362b2532304370706e6d5565604b6b74253a443531352c3336273032284340564f442d324b2532386e6b6b672530304f65636b6d212d30304b68706f6d6d2d30443b362e302c3436343c2c343725303053696461706b2732463731352e3b3e

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net/fp/ Frame 2785 81 B
438 B 1406ms
155ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&di=yes

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 45ms
7ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/generic1634752371595.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 135947
via: 1.1 varnish
x-cache: HIT
content-length: 5197
x-amz-id-2: 1EZi/eIMAUGdfP73nu+dEQ6LKqd3/l5N2RSA5NNxPAhSH27NXCYoqV4IPxb0JkgujzaSbpWgLxM=
x-served-by: cache-hhn4063-HHN
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1638840631.675439,VS0,VE0
date: Tue, 07 Dec 2021 01:30:30 GMT
vary: Accept-Encoding
x-amz-request-id: JDMH5ME6K10QN2PT
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 581

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CD58 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jac=1&je=39313a242e726f357965712e62697c73763d73206c6776676c223a392c30302c20717661747d71203820616a637065696667227d2661776c683d6b63376231653e65343a396161696336643a613f6b313b323131363134346235633b3337393660366638646c363a343232313a6467346e30336663643a3c3539

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=86
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame B4B3 0
387 B 15ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=2434C19851985120E5B9662DF048EFCF
content22.online.citi.com/fp/ Frame CD58 0
400 B 14ms
14ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jf=3c3134247b6b6657726e6635746c7a5f6c6a727a3557384f71767a414f35624d24716b645f6c6376673f3334313a3a343836323926736b6c5f747172653d7f656a3a67616c71632e736966576b6d713d31303d3b333231313036303f30613836363a6165336c323032333234323a3061303634386365316c30333833303738333c3232323836663a3536373b343139333a3731353137323061643338306338343334333734303161346737343a633134303836333432336c38396a3664386c3169333233393563396637353a626a6a6233626a36373a6661653231383563383367646035626c61633b353760336631343f6663626461316b39336a3130323a616e6634663963247b69645d7b696f353332343d32323031323039663e31326133663036653531643031343a3a60343b653d3964663263316b62663d31653269376936333a3963313f3339323a376a3c6235653f63613062663030323a3230653535303435333861373b61313432673066386165636334326c34373c3065336d656c31663a3b32366d6463333d33313e6564313e31396662313861613a3726736964703f30

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame C325 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=85
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame F0BE 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=84
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 126ms
96ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYzODg0MDYzMDczMCIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTdkOTI4MzdkYzg4MTQtMGFkMzMzMmFmZGZjMGUtOTc4MTgzYS0xZDRjMDAtMTdkOTI4MzdkYzliMmIiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9zZWN0aW9uZGF0YThlLWNvbnN1bHQxZDQuZHVja2Rucy5vcmcvc2VjdXJlLyIsIndlYnNpdGVJZCI6IDUwLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwMjUxLWY4NWYtNzc0NC00MjZiLTA4YzctYzcyNS0yMmRhLWU0MDgiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTYzODg0MDYzMDYzOCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA2NTgsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2Mzg4NDA2MzA2NDAsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0=
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-1nkz
date: Tue, 07 Dec 2021 01:30:30 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H/1.1 204
204 clear1.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A
content22.online.citi.com/fp/ Frame BDBA 0
400 B 14ms
14ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jf=3631342671696c57726e663f7664705d444c6b3975554e53544b506f5a4f5a3a2e716b6c5f64697c673f3134313838363036303924736b665d7679726d3d7567603a65636673692e7369665d69657b3f3132373931323131303e32353261383e3c3a616d3364383a3233303432383263383636386165316632313033383732313632303032346c3a35363731363933313a353b3733373230616c31323263383c3934333f34383b6b346735343a61333638383433363233663a3b62366c3866336333303133376939663735306062606033606034353a6661653a33323763383b6d64603d62646b693b3535603364333637666162666131613b316231383230636466366433612e7b69645d716b673f313236363030303031356b66336137346b6c663b3b66336b3f3160643a67396330623336623230363b613261676c6463373b3936623a613831633436633061643666313231673b6332323a3235356230303161643839303a69356632633466356164633b363b303130616637373e3234376134626637343f3c6231633763346636633b633067373033353934247369667a3532

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=83
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8
content22.online.citi.com/fp/ Frame 2785 0
400 B 15ms
15ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jf=3431382473696657706e663d766472576379746e7a444e6e58574a4f5257684b2e7361645f6c6376653f31343330383430343a31247361645d7479786d3f7567623a65616473632e7169665f696579353130373b313031313234303f3a633a3e3c386b65336c3230303330343030326138343c3061653b643233303938353231343230323034663a373637333639313b3a373b3533353230636633383a613a3c39363937343031613667353438693334383a3e3b363239643a39623c6c3a66336133303331376339643735326062626a3362603635386661673031383f613a3b6d666a35626c616339353560316c333437646b6a66613b633b33623b38303063666636663161247b6b645d736b673d3b3234343230323132323a626e3931643130623139636d606636673660356c353365643e3f363331396035323f6a663361346662313564616b663137383038306e67393737346535353132323a3932326c39383935666c336065616460653e386265353e3c3b383e343a32313e6a643733653739643634313b373037666666326c60666460673464646466316d3b34372e7b696e723d38

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=91
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame BDBA 0
388 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jac=1&je=33313726247065356e6f2460637471763f79206c6774656e2232332c30302c2a7b76637c75732a32206168637067696c67227f266375666a3f6161356a396734673638316163696b366630633563333b303b313631363660356b31333739366a3c663a6c6434303e3232333a6465346430336463663836373b

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=D9171905F9AAB9F5EB5DE2904FA93E38
h.online-metrix.net/fp/ Frame 5C35 0
400 B 20ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=D9171905F9AAB9F5EB5DE2904FA93E38?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jf=3431362473696657706e663d766472574a786f4d6353536377784d5b596a71412e7361645f6c6376653f31343330383430343b38247361645d7479786d3f7567623a65616473632e7169665f696579353130373b313031313234303f3a633a3e3c386b65336c3230303330343030326138343c3061653b643233303938353231343230323034323f666460643137323864383667373166643b3a363b6d3567386a633e65656d3a60316339606130653331613c3e373430363431633b6d673237366266373330603a306237373a3235303462353b363833303a3566313d35356c3e303b32366a643765303732626c6334333a393834663a616034363e3e3b3a34633134603938247b6b645d736b673d3b32343732303231323263626c3d313a6b30643d3162696466313b303a326966383031313d66663b303333353a3a6035336530333a3639606b3a623132333334693235363a606136673032323a38323a3b3a616b63326a316334373563306d39333661303937346d346063363f6d666037336330336566306d676261376763353d3036603a613061306060613f3e2471616e723531

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=E72A26C51EFA626A162B8C1B7DCE8B7F
h.online-metrix.net/fp/ Frame DEE3 0
400 B 18ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=E72A26C51EFA626A162B8C1B7DCE8B7F?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jf=3631342671696c57726e663f7664705d64374e5151466b6b674f31716a7842622e716b6c5f64697c673f3134313838363036313024736b665d7679726d3d7567603a65636673692e7369665d69657b3f3132373931323131303e32353261383e3c3a616d3364383a323330343238326338363638616531663231303338373231363230303234303f6663613a3261633b3466613133606636316c36666139623f3b30356a6238386a333735306131333466343a6161316661643a38666e326431373836323132306e66323132613733603337613266373037613164346366663c386463383334396b32333830673132323536663934303a343a3a3761386136343b33656661622e7b69645d716b673f313236363030303035623d3b3b6136643b6b61323d34616d6d63666632643164603665673460393366376039366d6430343235396331396d3b643160636666343b333b6138363b6532323a323435356138383a606931313a6b30643466306539613264603730363164323266306e613b63363230643135396c3438616736626431343a363266353730376c34247369667a3533

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=64AD9CE1D7FA33E430BEC77E4F61BE84
h.online-metrix.net/fp/ Frame 8C56 0
400 B 34ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=64AD9CE1D7FA33E430BEC77E4F61BE84?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jf=3c313a247b6b6657726e6635746c7a5f307a64463145466b4930494c646c657224716b645f6c6376673f3334313a3a343836333026736b6c5f747172653d7f656a3a67616c71632e736966576b6d713d31303d3b333231313036303f30613836363a6165336c323032333234323a3061303634386365316c30333833303738333c3232323836636a3731303a326e306236383a3a323630333134356a3a3936383b646466643f313737603632673437373e3861643362376c33653c3a66303a346c643a3b6b363a6c3762323a3931303533623067663b66376166666b6637373560613133653a3361666134303b3432326e3061626162316a30313c3b63666e313f333b633035247b69645d7b696f353332343e32323031323062646c3764666335303b316139303737366034643b37613b3134303237336d32616c3764646d643e6363676d37336b3634676e616b6e3135396e31633033363330323a3330306161366335626d36323030663b326630346c3435663830663133306b3a33366c63383866366e3634313961343866386c3536363937653432666334363c66383826716b64723d39

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 2785 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jac=1&je=313735242677676a7074615f6778746d706e636e5d69703f333b34263b342c3938382632302e756b6d3f7767627a74635f6b667c677266616e5f6d6c667124726d3d6e6d2662637c71743f7b206c657e676c2038332e30322e20737c6976777b2a3a2a6368697065696c67207d2e6175646a356b63376a396736653e30336161616336643261356b333930393136333c346237613131373b3460346c3066663c303638303330646734643031666b6438343731

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 2 KB
1 KB 57ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e78fd3a0c79a50c92811c6f4354790115560dd6d4e04ef95429cb5913ea39586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: CJPvc70DIVT8MhtJ23ewwKi8tH4WhNJl
content-encoding: gzip
etag: "e5578e667d049164695baab63fbafd25"
age: 526907
via: 1.1 varnish
x-cache: HIT
content-length: 675
x-amz-id-2: Tk8HBFRbkmCuAC/yHqhmgeCAbBKgfp+AljvehDyG4OOlwyx0c+IhW+OW5dsB7cyGq/M+79bu18E=
x-served-by: cache-hhn4039-HHN
last-modified: Tue, 30 Nov 2021 23:08:26 GMT
server: AmazonS3
x-timer: S1638840631.913280,VS0,VE0
date: Tue, 07 Dec 2021 01:30:30 GMT
vary: Accept-Encoding
x-amz-request-id: AMC794VK3PK54NG2
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 19

GET
H2 403 1560.js
cdn.pbbl.co/r/ 0
0 56ms
13ms Script
text/html 13.32.22.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/1560.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/42d4d669434e7d621371bd59ca097dbf.js?conditionId0=4897099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-31.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea12ab7a2a26ff50cabcdecc8e3f46d9c5f4823401afa3b1c2c2bdbf9eacac94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39593
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 01:30:30 GMT

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame 996A 0
98 B 156ms
113ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/98bee068f68171950fb97a251d5f5b81.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

date: Tue, 07 Dec 2021 01:30:30 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 43ms
11ms Script
application/javascript 2600:9000:214f:fc00:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&comscore=true
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:fc00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
age: 76270
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date: Tue, 07 Dec 2021 01:16:21 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: pvYaOq1Zz1KaSNzRAl-BTsUp9lGuQz-N2UPBBexcMfYtgXN2srIpag==

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 66ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/Bootstrap.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:30 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 35607FDA12834E32B806962102843FC1 Ref B: FRAEDGE1315 Ref C: 2021-12-07T01:30:30Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 13ms
12ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=bk_async%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3507512&did=609396&errorName=ReferenceError
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:30 GMT
cache-control: no-cache, no-store
server: nginx
expires: Tue, 07 Dec 2021 01:30:29 GMT

GET
H2

200

sync
live.rezync.com/
Redirect Chain

https://20822230p.rfihub.com/ca.html?rb=648&ca=20822230&ra=771842508&_o=17169175&_t=zx-cookie-match
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=5107433821974033916

30 B
30 B

213ms
158ms

Image
application/javascript

13.32.22.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=5107433821974033916
Protocol: H2
Server: 13.32.22.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-79.fra56.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:31 GMT
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
server: lighttpd/1.4.33
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 30
x-amz-cf-id: V_vLCzwDlaDtZV5irXPmISXhBE1JnP__vPk2qM_hdUai3Fgnc28NYA==

Redirect headers

Location: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=5107433821974033916
Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
d.agkn.com/pixel/9340/ 43 B
593 B 62ms
9ms Image
image/gif 35.156.157.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9340/?che=4301070553.23457&abid=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.157.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-157-11.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 generic1634752371595.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 527 KB
87 KB 25ms
10ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1634752371595.js
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/embed.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 6ztX3qWQv7AuHQ8Loe8lhcbddbcREYoc
content-encoding: gzip
etag: "045174c5e0174dd804b9dda17b772d12"
age: 512984
via: 1.1 varnish
x-cache: HIT
content-length: 89242
x-amz-id-2: B00ccX2hXE+VpjArJWUfm8TtSNg5As3senyonSFPtsMuCplQrRCTqFkt/BU6QchodqRj6Hl9k8k=
x-served-by: cache-hhn4039-HHN
last-modified: Wed, 20 Oct 2021 17:52:53 GMT
server: AmazonS3
x-timer: S1638840631.913373,VS0,VE1
date: Tue, 07 Dec 2021 01:30:30 GMT
vary: Accept-Encoding
x-amz-request-id: 9CFGP4ZTC1KJ7KSY
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK cls_report Show response
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 0
681 B 748ms
123ms XHR
text/plain 192.193.200.243
SOLANA-CITIPLEX

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?_cls_s=5d37ca04-c8d5-48c8-bec7-8057f981d939%3A0&_cls_v=45e083b3-21d2-40c4-aa5d-82a0192be772&pv=2&f_cls_s=true

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.200.243 New York, United States, ASN32287 (SOLANA-CITIPLEX, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains;
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: SWDC
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: https://sectiondata8e-consult1d4.duckdns.org
access-control-allow-credentials: true
Connection: close
Content-Length: 0

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame 2785 396 KB
396 KB 134ms
132ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=62
Content-Length: 405607

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame CD58 396 KB
396 KB 159ms
158ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=57
Content-Length: 405607

GET
H/1.1 200
OK 96e0eb995483e83e7b3f71968eedeed1.js.download Show response
sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ Frame BDBA 396 KB
396 KB 146ms
145ms Script
application/javascript 34.106.143.177
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/96e0eb995483e83e7b3f71968eedeed1.js.download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.106.143.177 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 177.143.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Last-Modified: Sun, 28 Nov 2021 14:03:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=61
Content-Length: 405607

GET
H/1.1 200
OK check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41 Show response
content22.online.citi.com/fp/ Frame FCDD 403 KB
72 KB 24ms
24ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jb=343926246a736d7d3f4c6b6e77782662716f3f4e6b6e757a2468736a7d3f41607a6f6565266271603d4168706f6565253232313e

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tags.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a4a0a2560eae9c0cd224e0f1b231d9674c0a532b43992029f50b98f70282af97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: 4f9266dc5b0e4e78
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame FCDD 81 B
474 B 14ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22 Show response
content22.online.citi.com/fp/ Frame 5A0E 403 KB
72 KB 24ms
22ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jb=3c39242462716d7d3d4c6b6675702e6a716f354e696c757a266a736a773d4368706d6f65266271603f416a706d6f67253a303936

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tags.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a21c10d4782f2e65efc759d72a0f42c3d91110ae56d7e381dce152593c6410e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: cbcc0172b6475b0e
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=82
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 5A0E 81 B
475 B 13ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5 Show response
content22.online.citi.com/fp/ Frame C332 403 KB
72 KB 23ms
22ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jb=363926266873677d3d4c6b6c77782468716d3f4c6b6c757a26627160753d43607a6d6f6d266a7b6a3f4168706d6d652732303b36

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/tags.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f998e7e1e3ebe9d300a9475bdd7d311f50396f79e2524bd47f1f4bad5c217c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: b7cb24b499b23050
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=89
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame C332 81 B
474 B 17ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame FCDD 81 B
474 B 30ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 5A0E 81 B
474 B 36ms
13ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame C332 81 B
475 B 21ms
12ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 16001692.js Show response
bat.bing.com/p/action/ 0
93 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/16001692.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 01:30:30 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ECA7EAFA142A4F33858B1ACC4343DF87 Ref B: FRAEDGE1315 Ref C: 2021-12-07T01:30:30Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
95 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=cc0c64b2-b658-4697-be3d-1a1caec87269&sid=4405ff8056fd11ec98a4533c0fb976c7&vid=4406607056fd11ecb95c612b9279bd68&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&r=&lt=7818&evt=pageLoad&msclkid=N&sv=1&rn=115664
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DABBC4244D984C8CB8244CE1C80099F6 Ref B: FRAEDGE1315 Ref C: 2021-12-07T01:30:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
149 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=cc0c64b2-b658-4697-be3d-1a1caec87269&sid=4405ff8056fd11ec98a4533c0fb976c7&vid=4406607056fd11ecb95c612b9279bd68&vids=0&ea=Application&evt=custom&msclkid=N&rn=383258
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CE2A69C5209441DEA30F1624886F2CE4 Ref B: FRAEDGE1315 Ref C: 2021-12-07T01:30:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 16003743.js Show response
bat.bing.com/p/action/ 0
93 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/16003743.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 01:30:30 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07A156D25D2F440C91E32AE698DCACC1 Ref B: FRAEDGE1315 Ref C: 2021-12-07T01:30:30Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=a22436b3-befb-45ca-a9a6-784e021da8f7&sid=4405ff8056fd11ec98a4533c0fb976c7&vid=4406607056fd11ecb95c612b9279bd68&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&r=&lt=7818&evt=pageLoad&msclkid=N&sv=1&rn=319775
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC4994C282214A02B7A0E1D3FBD0CC18 Ref B: FRAEDGE1315 Ref C: 2021-12-07T01:30:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
95 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=a22436b3-befb-45ca-a9a6-784e021da8f7&sid=4405ff8056fd11ec98a4533c0fb976c7&vid=4406607056fd11ecb95c612b9279bd68&vids=0&ea=Application&evt=custom&msclkid=N&rn=250038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DB98CF2E8F44D35B58216098D21AECF Ref B: FRAEDGE1315 Ref C: 2021-12-07T01:30:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 98ms
97ms Preflight 54.164.224.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.224.206 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-224-206.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://sectiondata8e-consult1d4.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 01:30:31 GMT
content-length: 0
access-control-allow-origin: https://sectiondata8e-consult1d4.duckdns.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
349 B 108ms
106ms XHR
text/plain 54.164.224.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/polyfills-es2015.208e90726d88af943fd8.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.224.206 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-224-206.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://sectiondata8e-consult1d4.duckdns.org
date: Tue, 07 Dec 2021 01:30:31 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 60ms
37ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/js(7)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 01:30:31 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 98ms
98ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYzODg0MDYzMTA3MyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTdkOTI4MzdkYzg4MTQtMGFkMzMzMmFmZGZjMGUtOTc4MTgzYS0xZDRjMDAtMTdkOTI4MzdkYzliMmIiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9zZWN0aW9uZGF0YThlLWNvbnN1bHQxZDQuZHVja2Rucy5vcmcvc2VjdXJlLyIsIndlYnNpdGVJZCI6IDUwLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwMjUxLWY4NWYtNzc0NC00MjZiLTA4YzctYzcyNS0yMmRhLWU0MDgiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTYzODg0MDYzMTA3MCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA3NTQsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2Mzg4NDA2MzEwNzMsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-9c11
date: Tue, 07 Dec 2021 01:30:31 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame 5A0E 81 B
551 B 13ms
12ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=9F63058A16C2C59ACBE8136612E5EF22?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jb=3c39242462716d7d3d4c6b6675702e6a716f354e696c757a266a736a773d4368706d6f65266271603f416a706d6f67253a303936

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/cbcc0172b6475b0e903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a
Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Last-Modified: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Etag: b920fd02bfaa499687e27d9f13080089
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sectiondata8e-consult1d4.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 81
Expires: Sun, 06 Dec 2026 01:30:31 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9 Show response
content22.online.citi.com/fp/ Frame 9F0A 82 KB
12 KB 16ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

265dc015ad95e6372ef9c1f9d77cc347bd3399e3884fc3247c781f7e0f7f3a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 5A0E 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9 Show response
h.online-metrix.net/fp/ Frame 726C 95 KB
15 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

ed2bc1d6241b185a941da3d61c592bd2a44244980e627d3a54c8d1c4b6b3c3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 5A0E 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jd=3d36242462646c35333824626660353466363b61303a30316365373e3b3339626460616366313a6067373333353134266266746e3d30383d3a3330

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=88
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 5A0E 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9 Show response
content22.online.citi.com/fp/ Frame 0E19 82 KB
13 KB 18ms
17ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

06f8609ddb7bd700e7d1c554b1a98caeb42cf263619e38d4a95c2cab250b9484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame 5A0E 0
218 B 16ms
16ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&ja=39393a332e24613530267835302e6e3d33363832783332323026616e3f313630327a3332303824717a7b3f327a32246478723d312c313438302c3930303024313e30322e393032382c31343830243932323024333632302e313230382e302c30246f763d61303a3063606166613535646c666466396563303431393637303e62316135632e6f6c353426716b64353a34246c603f68767472732533492732462530447165637c6b6d6c666376633a672d6b6f6e73756c7639643426667563636466732c6d7a65273a4673676b757a6d2530462e66723f26726c3d332e72683d373a6430386169346061646067333331623f3338376165326c33626c6032643c2660683f376a32356d3563326a3569313663383b64373061616139636b34323466333361266a7b6d3f4e6b6c777a2468736a3d4368726f6f6d2532383b3626627367753f4e616c7770266a716a75354b68706f6567266c68613d342666666d3d38247678643d4d7661273044576c696c6f7f6e266d61746a7a3d343832336439633a6267613830673e6363373e3038303263643937353630336664343d3a383134336634656169303666613b36636460643f32333133313b3e6126783f706c7d67616e5d64646371605e666364736d29706e756f6b6e5d776b6e646f7f715f6d65666b635f7064637b67705c64636e716529706c7567696c5761646760655f69637a6f60637c5c64696c73672970647d676b6e5773756b636974696d6d5c66616c716723706c7d656b6c5d716a6d6169776976655e66616e7b6521786e7567616e5772676364726e6979657056666964736721786e7565696c5f766c6b5d706c617b67705e66696e716723726e77656b6e57646576616c747a5e66696e736529706475656b665d717e675f7461657f6d725c66696e736721726c7567616c5f6a6174635c666164716724677a313f603531383462313239313039643c3536333b636b343734393a346d3332646d633e6a663b3439356524676e5f633d7f6762676c556760474c2d3032332c322730322a4f78656e474c25303845532d30303226302d32324160706d6569756f21576d6a474e253a32474e534e2532304d51253230332c322532382a4d72676c454e2730304d53253230474e5b4c253a3245532d3238312c322d30324b68726d65697d652955656a4969765767624b697c273230576760454c4146454e475d6b6c7176636e6b65645f6172706979732d3142253a304d58565d6a6e6766645f6f616e65697827334a273232455a545f63676e6f725f60776466657a5d6a636e645d646e6d617c2533422532324d585457646c6f697457626e676666273b4225303845505c5f647269655f6665727468253b40253230475a565f7360636667705d76677a76757a655f6c6f64273b42253a3245585c5f7c657a767d706757636f6f78726d7b736b6f665d627274612533422d30304558565d7665787c7770675d616d6f7270657b73696f6e5f706f74632d3142253a304d58565d7c677a7c7572675766616474677257636e6b736d74726f786b63253340273030574d40494b565d475a565d746d78747572655d6e696c7c67725f696e61736d767a6d72616325314a253a38455a545771524542273342253a324b48525d72637261646e676e5d716a6366677257636f6d70696e6d25334a27323047455b5f676e6d6f6766745f6b66646d705f776966762531422732304f4d515f66626d5d70656e6c67705d6f6b726f6372253b422532304f475b5f737c636e6469726c5f66677a6b74697469746d732d3b422732384d45515f766578747d70655f666e6d6374253b402730324d47515d766570747572655f64646f617c5d6c696665697227314a2730384f455157746d707477726d5d68636c645f666c6763742533402730304f4d515d76677a767770675f60616c665f666e676174576e696e6d617a2531402d30324745535d7e657a7c657a5f69707263795d6f626a6d6174253340273030574d40454e5d616d6e6d705f6a75666665725d6e6c6f697625334a253a3055474a454e57636f6f78726d7b7367645776657a747772655f697174632531402732305f4740454e5d616d6f72726d737365645f766d78747d70655f6d746b2531402d30325f454245445f6b676d72726d717367645d7465787c7772655f67766131253b40273032554740454e5f6b6f6d707265717b6564577665787c757a655d713b76612d3342273a305f4d4249495c5d574742454c5f63676f707265717167645f7c677a767770675d7131746b2533422532325f45424f4e5f63676d787267717b67665774657a7c757a6d5f71337c615f7172656225334a273230574740454c5f6c676077655d70676c66657a65725f696e646725334a2732305f454a474e5d6c67727c685f766d787c7d7267253b402530305545424b41565f574540454e5f646d72766a5d76677a7677726d2533422532325f45424f4e5f647a617f5f60776e64677a7325314a253a385747424f4e5f6e6f71655f63676c74657876273142253a32554740494b565d55454a474c5f6c6f716d5f63676c746570742d3340273a32554d42474e576d7d64746b5f6c706175313426676c576a3d306232373363616a34303a323336303737636d6332613765373c66383f6038343e643e3537323c67247f676c743549667c656e253a32496c632c26776764703d496e76676e2532384b706b712730324d726566474c25323047666769666726636b643531&jb=3935312464733f456f7a6b646c692d32443526322530302a57696e6c6d77732530324c54253a3233322c3227314027323857696e3634273b42253a3278363c292d32324378726e6d57656043697c2d3244353b352e313627323028434a544d4c2730412532386e6b6967273032456763636f292532304160726f656725324e393e2e322c3c34343c2e34372d32385b6164617a6b2530463733372e3b34

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net/fp/ Frame 5A0E 81 B
438 B 81ms
18ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame FCDD 81 B
551 B 17ms
16ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=67ABEA23BAA655B44EC1D28B065CBF41?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jb=343926246a736d7d3f4c6b6e77782662716f3f4e6b6e757a2468736a7d3f41607a6f6565266271603d4168706f6565253232313e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/4f9266dc5b0e4e78a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22
Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Last-Modified: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Etag: de33eeeaea88414084caf37569eb6f01
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sectiondata8e-consult1d4.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Length: 81
Expires: Sun, 06 Dec 2026 01:30:31 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0 Show response
content22.online.citi.com/fp/ Frame 3893 82 KB
13 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6f9551f15040ba3709bbf68e69eada1d5ba40e081b8a5fcf3ae045122f5a27fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame FCDD 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0 Show response
h.online-metrix.net/fp/ Frame 4695 95 KB
14 KB 20ms
20ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

cb883d76615555623bbdba0a4111a158d214c43255bd8d3211c79a0bb87aed23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame FCDD 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jd=353626246a666c353138246a64683d3c66363161323830316167373e31313b6a6e626b6366313a6065373133373b36266a647c663f303238383338

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=87
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame FCDD 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0 Show response
content22.online.citi.com/fp/ Frame B466 82 KB
12 KB 18ms
18ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

5eb31658b4133308b0e87ef2cbf3812fef10fe699f16f3e2073b983825909480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame FCDD 0
218 B 16ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&ja=31393833262661353226783d32266635333632327a3132323224616e353334383878393230382471787b3d3278382664707035392e313e30322c313a38322e333630302e313232382e313430322c313a32302e333430302e3330303824322e382e6d7c3d61303a3061606366633f376464646c6e3b6569383631313c3f32346039613763266d6c3536267163663d323c246c6a3f6a747472712733492d30442d3a467b65637c6b6d6e6661766130652d636d667b776c7c3166342e6c7d6169666e732e6d7267273a447367637772652d30462466703d26726e3f332e786a3f3f30663a386169346063646267313933623731303f636538643162646a3a66362468683d3764613430323530373163383d303730316733373a3434633f3f36603f39336e266a7b6d3f4c6b6e77782e6a73623f4b60706f6565273230313e2468716f753d4e696e7770246a7162773d4360706f6f67246e68613f3626666c6f3f302e7472643d4d7661253046576e636e6f776c2e65637460723f3430383b663361326265613032673e616337363230383a63643337373430336466343d303a333c39643e656169303664613936616e626437303b393131313663267035786e7765696e5f646c6171605c66636c716521786e75656b6c5f776b6c666f7f7b5d6f6d6c69695f7064637b65705e64616473652172647d6569665f63646f6a6d5d6361726f6263745e64696e736721726c756f6b6e5d7377696369766b6d6d566463647b6529706c7d656b6e5d736a6f6b6b7761746d5664616473672170647d656b6c5f7265636c706e697b65705e64616c7b6721726e7767696c5d746c6b57726e6971657a5e66696e716523706e756f696e5f666d7e636c7e725c6661647b6723726c75676b6e5f717e655f74696777657a5c66636e716521726e776761665d68697e61566661647167266778313d6a373130366a3930393b383b64343f3e313161633435343138346d313264656136626e3b3433356726676e5d613d7f6d6065645f656a474c2d3032312c30273238284f7067664f4e253a304753253a38302c322532304168726d656b756f295565624f4e253032454c534e2730304d5b273038392e382532382a4d70676e454c2d323045512d3a324744534e2532384d51273030312e322532324b6a726d6d6b756d21556560496b7457676049697c2d30325f6d624f4c4146454e455d696c737c616e63676c5763727a617b73253b4a2730324558545d626c6766665f6f696c6d6170273340273030455a565d6367646d70576a756e66657a5d6a616e665d66646f6174273b4a273238455a545f6e646d63765f626c676e64273b4025303047585457647263655d646572766a253b4a2730384d585c5f7360636665705f7665707475726757646d642d33402532384d5a565d7465787675726757616f6f707065737b6b6f6c5d607074612731422d3a3247505c5f7c65787c7770655d636d6d787265737161676c5f7a677663253b4a2730324558545d74657a7c7772675f64696c7c67725d636c69736d76706f786161273b4a253a30574d404949565f47585c5f74657a7c7d706557666b6c746d7a5d636c69736f76726f7261612531422732304d5a545d71504742273140253a38494a5a5770697261646e676c5d736a616c65725f616765726964652733422d3a324d47535f656e656d6766765f6b6e6665785777696c762733422730324f4d5b5d646a675f7a656e6c67705f6f69726d69702533402d3a324f4d535d73746966666370645f646772697469766974657125334a2732324d47535f76677a747d7a675d6e646f6974253b402732324f475357746578767d7a675f6e6c6d617457646b6c6761722531422530384d45515f7665787c7772675d6a616c645d646c676976273b4a253a304f4d515d74677876757a655f6863646e5d66646f63745f64616c6763722533402532324747535d766772746d7a5f63707061795d6d606a6d6b76273b4a253a30574d40454c5d636d6c67725f62776e6e677257666e6f617c2d3140273230574742474e57616f6f707065737b67645d766778747770675f697b76612d3b422d32305f4740474e5f616f65707265717b6d665f7c657a74757a6d5d6776632533402532325f4742454c5d636f65727267717165645d7667787c7d7067576d746b31253b402732325747424f4c5f636d657870657b7367645f7c6d7a767772655f713374612d314227323257454a4949565d554542454e5d63676572706d7b736d645f7c677a747772675f7b337463273b4a273238574742474457616d6f707265717365665776657a7477726557713376615d7372656027334a2d30325f4d424f4c5f6c676075655f706566646572677a576b6e6e6f2733422d3a32554742474c5d6465727c6a5f76657a74757a672531402732305547404b415c5d554d4a47445f646d7276685d7467787c757265273b4a273238574742474457667063775f62776666677a712531422732305f4742454e5d6c6f71675d6367667667707c253b42253a325545404b4b54575745424544576e6f7b655d636f667c677a76253342273230554d40474e5f6f756c7c6b5f66706377313424656c57603f326a38353963616a343038323136323d356365613a6935653d346438376a30363466363535323465247f656c743d4b6e746d6e2530324b6e632c247567647a3f4b667c65642532384b7069712530304770656e45442d30304d6e65696e6d2e6161663d32&jb=313533246c713f456d7a6b6c6e61253a44352c322732302a556b6e6c6775712d3a304654253a3233302c3027334a25323055616634342d33402532387034362b2532304370706e6d5565604b6b74253a443531352c3336273032284340564f442d324b2532386e6b6b672530304f65636b6d212d30304b68706f6d6d2d30443b362e302c3436343c2c343725303053696461706b2732463731352e3b3e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net/fp/ Frame FCDD 81 B
438 B 59ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CD58 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jac=1&je=3d3824247f67607a74635d6d787c6d726c61645d69723d3339342e3b342e31303a2c3030267f6b6f3f7567607076615f616e7465726e63645f6d6c6c73

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame C332 81 B
551 B 13ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=F998FE3FF0FBF82BC70EF04620EC0AA5?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jb=363926266873677d3d4c6b6c77782468716d3f4c6b6c757a26627160753d43607a6d6f6d266a7b6a3f4168706d6d652732303b36

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/b7cb24b499b23050241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32
Referer: https://sectiondata8e-consult1d4.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Last-Modified: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Etag: e35ca113d857421fa53cf7a3b616dcde
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sectiondata8e-consult1d4.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Content-Length: 81
Expires: Sun, 06 Dec 2026 01:30:31 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7 Show response
content22.online.citi.com/fp/ Frame CC43 82 KB
13 KB 16ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e9cded78ec9e6c7ba3e9cb83f59a157df774ccad1004533ddca95c39a50f9d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame C332 0
387 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7 Show response
h.online-metrix.net/fp/ Frame C79B 95 KB
14 KB 16ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

b6779b81d2c9de7cd1d5e6a99dea492916826e1aa07c5056247103a2615caa80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame C332 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jd=37362626686666353338246864683f3666343163323a3031636d35343933396a6e60616b6639306a67373133353336246a66766e3f303834383138

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=86
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame C332 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7 Show response
content22.online.citi.com/fp/ Frame C58C 82 KB
13 KB 16ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

864435f2f6b480ddb113f310b9a4aa6ca66e9d5d0be7ea7ef99b8a1d50dfe278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=91
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame C332 0
218 B 16ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&ja=3339383124266b353026783f3226643f333432307a333232302e63643d313638387a333a30302e7b7a7b3d327a30266670723f312e313432322e313038302e333430302c333238382c313432322c333032322e313432302e313a32322c302c382e6f76356138303a6360636661373766646666663b65633a363331363f3034603b613761246d663534267161663d3036246e6a3d6a767472732d31432532462d3a44716d637461676c6661766338652f636f6c73776c763366362e667d6369666c732e6f70672d3a467367617772672730442464703f26726c35312470683d3f3064303061613e6a616462673331336037333a3763653266316064603a6436246a683d6336666d3c383466366333373b31373a3930333332353d3537316334396d32672e6a7367354e6b6e777a266a71623d4168706f6f672730303b3e2668716d753d4c6b6e7d70266a7160773d416a706d6f65246c68613d3c246c646d3d302e76786c3d457c6b273046576c6b6e6d776e246d63746a703f3630323b6433613062656332326d3e6363373432303a306366333537363033666c36373838313c3966346d61613a3c66613936636662663732313131313b346324703f786c77656b6e5f666e617b605e66636e716523726e7765696c5d776b6e6c6d75735f6d6d6c6b6357706c697167705e64636c736721706e7565696c5d63666f606d5f6361706f6261765e6e696c736723726c77656b6c5d71776b636974616f675e6661647b6723786c756f616c5d736a6d636b756176675e64616e716723706e7d676b6c5d7265616e7064697965705c64616e716723726c7765696c5f7e6e615f706c69716770566661647b6723706e7767696c5f646776636c74705c64616e7b6523726e7567696c5f7b7e675f746b677767705c64636c716721726c7d656b6e5f6a697e635c6e616c7b6d246778313f623733303460313039313a3b6634353e3331616134353633383e6d33326467613660643b3633376724676e5f6b3f75656267645f67604f4c253a38332c30273030284d70656c474e2530324751253038322c32273230436a72676569756f2b556560454e273030454e534e253a324753253238392c322d3230204772676e454e2532324553273232474e514e2732324d53273032312e302732384b68726d6f6b756f2b5567604b6b76576762436b762532305f6d604544414e4f44475d696c7174616c6365665f637270637b7125314a2530324758545f606c6d66645f6f6b6c6d637a273140253032455a5457616d6c6f72576a77646e65725760636e665d646c6f6374253142273232475a565f64646f63765d626c656c642d3b422530324758565d647063675d66657274602731422532384d5a56577368696c67705f766778747772655d6c6d642731402732324d58565d7665787477726d57636f6f72706571716b6d6c5f60727461253b4027323045505c5d766d78747d7a675d636d6f70726773736b6f6c5f7065766125314a2530324758545f7665707c7572675d64696e7667705d616c6b736d747a6d726963253b4a27303857454a434b565f475a545f766578767570655d646b6e74677a5f636c6b736f74706f786163253140273232475a565d7350454227334a2730304b485a5772637a616c646d6e5d736a636465705f636d6d72696e67273142273a304d47515f656c676d6d66745f6b6c66657a5d776b6c742731422732384d47535f666a675d706d6e646d7a5d6f69726f61702733422732324f47515d71746366646370665f646570697e6974697467712531402730324f47515f766570767772655f6e646d637c25334a2d30324f47515f746778747772675f646e6d63745d64696c676372253340253a384f45515d76657a767770675f6a636c645f6e6e6d6174253b4a2730384f455b57766778767772655d68616e665d666e6d63765f6e616e6763702533422732384745535d74677276677a5d63727063795d6f6a68676374253b4a27303857454a4f4e5d636d6e6f725d6275646667725d646e6d61762d3340273030574540474457636f6f727065717167665d74677a7477726d5d637374632d3b40273a30574d4a454e5f616d6d707065737165665f76677a7675706d5f6776612533422732385f4542454e5d636d6f727067737167645d746d7a76757265576d76613925334a2d3032574740474c5d636f6f707065717167665f766d78767770655f7331746b2d3342273032574740494b565f554742454c57616d6d70726d7b71676c5f746d70767772675d73337663253142273232554740474e57636d6f7272657371656c5774657a767772675d713176635d717265622d31402532305f4d4045445f646d6a77655f70676e64677265705f6b6e646d273142273a30554740474c5f6665787c685f76677a7477706727314227303055454a494b545f574d4a454e576465787c6a5d74677a74757065253142273232554740474e57647063755f627564666d7a73253140273232554740454c5d6e6f716557616d6e7465707c27314a2532385f47404b4b565f574742474e5f6e6f71675d616f6c7c657a762733422530305f4d42474e5d6f756e766b5d667263753134266f6e5d683d306a3837336b61623e3a3a323136303535616563306135653736643a3760303434663435353036652e7f676c743f4b6e76676e2730304b6c632c267f656e723d49667c676e2d3230417a6b712530324f70676e474e253030476c656b6e672e6361663f31&jb=333533266e7135456f7a6b6e6e61273044372c302730302a57616c666f77732d3a324c5c25323839322c30273142253030576b6e34342731402732327036362b273230417270646d576560496b742730443731372c31362732382a4948544d442d30412d3230646169672530324765616b6f2b253030416a706d6d672d32443b342e302e36363e3c2e343727303051636463706927304637333f2c3136

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net/fp/ Frame C332 81 B
438 B 56ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame BDBA 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jac=1&je=3738262675656a7a74635d677a7467706c636e5f6b723d33393c2c31362e3138302c3038267761653f7565607074635d696e7665706e636e5d6f646c7b

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=85
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 2 KB
1 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1638840631583&cv=9&fst=1638840631583&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec34eb4bae48d5fe081b0d31ba183b410997a43cb997f2007d7e1b8f8a3625b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 2 KB
1 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1638840631587&cv=9&fst=1638840631587&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf989f454f9505c34a0bd80f4f4ca5bd76a15b94f6f85879a1a587d7026f57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ 2 KB
1 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1638840631588&cv=9&fst=1638840631588&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5e0f829caa438ad26c547792d42c9ad591a8a2b7f5e532a3c740f79a043826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 2 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1638840631589&cv=9&fst=1638840631589&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3445f606e78e4f4e95ca28fe478e4a40efd84cfe8383028d6af8a3283bbd3531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 2 KB
1 KB 39ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1638840631590&cv=9&fst=1638840631590&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ec4c4017d3615c24f26b410345ce19c24a30e5a563c90f7fa58498d1cb3d1aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ 2 KB
1 KB 37ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1638840631591&cv=9&fst=1638840631591&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c51c4f74c39812fa3893a33531464a1ec54a928a0cfaaa259f13d791baa2bc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/959299794/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1638840631591&cv=9&fst=1638840631591&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/959299794/?random=1638840631591&cv=9&fst=1638838800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/959299794/?random=1638840631591&cv=9&fst=1638838800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
108 B

31ms
20ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/959299794/?random=1638840631591&cv=9&fst=1638838800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&is_vtc=1&random=1568103590&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/959299794/?random=1638840631591&cv=9&fst=1638838800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&is_vtc=1&random=1568103590&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ 2 KB
1 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1638840631592&cv=9&fst=1638840631592&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6067f039414c0c33e948241340e75df111544fffaaf40a96d48c27d0186425b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 5A0E 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jac=1&je=393135242e726f356e6f246a617c7b743f7b2a6e6574656e223a312632302c2271766374757b203820616a6370656b6e6f227d26617566603d63693562396d366d363a336b61636b36663069376b393930393b3433363660356333393539366236663a64643c3a343232313a64673666383366636438363d39

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=84
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 9F0A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 3893 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=83
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1638840631583&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2613240016&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/644574043/ 42 B
548 B 42ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/644574043/?random=1638840631583&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2613240016&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame CC43 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=82
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1638840631592&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3193834252&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975701947/ 42 B
108 B 33ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975701947/?random=1638840631592&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3193834252&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9
content22.online.citi.com/fp/ Frame 5A0E 0
400 B 18ms
17ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jf=3c3134247b6b6657726e6635746c7a5f4d6a3a3146716934754b397d5546304224716b645f6c6376673f3334313a3a343836323926736b6c5f747172653d7f656a3a67616c71632e736966576b6d713d31303d3b333231313036303f30613836363a6165336c323032333234323a3061303634386365316c30333833303738333c3232323836663a3536373b343139333a3731353137323061643338306338343334333734303161346737343a633134303836333432336c38396a3664386c3169333233393563396637353a626a6a6233626a36373a6661653231383563383367646035626c61633b353760336631343f6663626461316b39336a3130323a616e6634663963247b69645d7b696f353332343d32323031323066356b3b613763643a3b31626d3b6036326036643b37636930623333623a3863386a3a62326a376e6460673d33673d3135673d38313a363b66393b363337353830323a3232343234316439396b3b363367666366356134693338303335363c64393e33353930373d3566313130376e3837376c373e313360646d636132333b3632316b3a26736964703f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=89
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=4E39819CB992D565C304E34A1BB606B0
content22.online.citi.com/fp/ Frame FCDD 0
400 B 19ms
19ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jf=3431362473696657706e663d766472574b3470784b365245506565316d5770632e7361645f6c6376653f31343330383430343a31247361645d7479786d3f7567623a65616473632e7169665f696579353130373b313031313234303f3a633a3e3c386b65336c3230303330343030326138343c3061653b643233303938353231343230323034663a373637333639313b3a373b3533353230636633383a613a3c39363937343031613667353438693334383a3e3b363239643a39623c6c3a66336133303331376339643735326062626a3362603635386661673031383f613a3b6d666a35626c616339353560316c333437646b6a66613b633b33623b38303063666636663161247b6b645d736b673d3b32343732303230333061646d6c3661383c663e6537693b3636613467643b363439313a3033666c363035666b31303537623635353131616b333967326639633e3637316737636532303031383863306c6b303034623d333263343033373b343063303e3d61333e396635666e3931643b346438643331363b326463643b63353f6333673b346165316461353f302471616e723530

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1638840631588&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3195579761&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819500023/ 42 B
108 B 24ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819500023/?random=1638840631588&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3195579761&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1638840631587&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3798074367&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
108 B 23ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1638840631587&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3798074367&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1638840631589&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2632363329&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/830907969/ 42 B
108 B 24ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830907969/?random=1638840631589&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2632363329&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1638840631591&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1981848853&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/695231162/ 42 B
108 B 21ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695231162/?random=1638840631591&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1981848853&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1638840631590&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3032365582&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/960621875/ 42 B
108 B 23ms
23ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960621875/?random=1638840631590&cv=9&fst=1638838800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsectiondata8e-consult1d4.duckdns.org%2Fsecure%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3032365582&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 01:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame FCDD 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jac=1&je=3131382426706f357b6571266061747b763d79206e6576676e203a39263232242a737c61747d71203a20636a617a67696e652a7524617d646a3d63693f603b673665363a3163616961366432633763393b323b31343334346037633b39353b3e6a346c38646c363a36323031386e653466323b6e616430343739

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7
content22.online.citi.com/fp/ Frame C332 0
400 B 20ms
20ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jf=3631342671696c57726e663f7664705d654f77504933706a4762774e754b345e2e716b6c5f64697c673f3134313838363036303924736b665d7679726d3d7567603a65636673692e7369665d69657b3f3132373931323131303e32353261383e3c3a616d3364383a3233303432383263383636386165316632313033383732313632303032346c3a35363731363933313a353b3733373230616c31323263383c3934333f34383b6b346735343a61333638383433363233663a3b62366c3866336333303133376939663735306062606033606034353a6661653a33323763383b6d64603d62646b693b3535603364333637666162666131613b316231383230636466366433612e7b69645d716b673f31323636303030303639383160386662316a34323a37353d3964353631366664366530363535643131636066326d3236366164316432616d3d656532633339643a6330366130643432323a3231393261386b66323833306d386730623761313163366166656439673a376431613c666133646361656032693d3536603332616366603433666464306336313a247369667a3532

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=88
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=25E716A6B190477FE81B79AF20B1D6C0
h.online-metrix.net/fp/ Frame 726C 0
400 B 20ms
18ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=25E716A6B190477FE81B79AF20B1D6C0?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jf=3c3136247b6b6657726e6635746c7a5f60414b324d50514b4e43727261636b5924716b645f6c6376673f3334313a3a343836333026736b6c5f747172653d7f656a3a67616c71632e736966576b6d713d31303d3b333231313036303f30613836363a6165336c323032333234323a3061303634386365316c30333833303738333c3232323836636a3731303a326e306236383a3a323630333134356a3a3936383b646466643f313737603632673437373e3861643362376c33653c3a66303a346c643a3b6b363a6c3762323a3931303533623067663b66376166666b6637373560613133653a3361666134303b3432326e3061626162316a30313c3b63666e313f333b633035247b69645d7b696f353332343c32323030363031636e6464656632343261333133613460336330373b306a6164396235363139333e3a656531626c64333b3f36303e3435353c613b3e3836663e66313362323232303e313438323b3636313969663561616735323a6637693334386433363933353e3136626b616d61313a3f6730396539336c32383b6437383b67336461613036392e716966723f33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=B0CC8E2271B40CC14DEF0D62B2CE7630
h.online-metrix.net/fp/ Frame 4695 0
400 B 19ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=B0CC8E2271B40CC14DEF0D62B2CE7630?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jf=3431382473696657706e663d766472573a55324a68423141616a707f66497b622e7361645f6c6376653f31343330383430343b38247361645d7479786d3f7567623a65616473632e7169665f696579353130373b313031313234303f3a633a3e3c386b65336c3230303330343030326138343c3061653b643233303938353231343230323034636a353130323066386a3638303a303430333336356a303b343031666e66643f313735603432653e3537363a696c31623d64316534306e3230366464383b63343a6c356232323b39383d33623a67643966376364666b6c35353d6a633b33653a336164613630393e30326632696a63623b62323134316b646433373339633837247b6b645d736b673d3b3234343230323132326061693c30673a69353b31636b3160623a34356430346162603f6935616c303b6531313d3b6435313533356535643b676434613232623167663734613263663632323a3932326a6d336d393638613a62303561393f663366643a39613339336732623e6b3a3a64646230366563336c3b6634396762396a36373b30313139333137666c6d67322e7b696e723d39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=A355F1806830F85006DE4D79BF16B0C4
h.online-metrix.net/fp/ Frame C79B 0
401 B 17ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=A355F1806830F85006DE4D79BF16B0C4?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jf=3631382671696c57726e663f7664705d6f656539516b61754e5870376570517a2e716b6c5f64697c673f3134313838363036313024736b665d7679726d3d7567603a65636673692e7369665d69657b3f3132373931323131303e32353261383e3c3a616d3364383a323330343238326338363638616531663231303338373231363230303234696a3731303030663a60363a303830363033313c3760383936303164646e64373b3d376034326736353536386364316237663167343a6e303036666438396134306c376232303b393a3733603a65643b6637616e64616437373d6a61313b6532396b666136303b36303066306362636231603233343b6b666433353339613a372e7b69645d716b673f313236343030303132306b66313263656c6931376a32316d6b663539603436323237343531663060663730383569373b31366233313b39313f356336353263373a6735666164613434613830303130306e3131336d61353c3b30606261353835356231313063303a633a3a61323e353b316337373131303f3f3830673732636467606036363264383562383a3a3639322e7b6b647a3d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame C332 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jac=1&je=3337362624776d6a7274615d67787667706c636c5d6b703f3131362c33362e39383a2c3a30267f616f3f7767607274615f696c7467726c636e5d6d66667324726f3d796571266a697473763f79226e6774676e2238332e32302420717461747d7b20382a6368697a656b6e65207d266375646a3d616135603b6736673e383361616163366432693f63313b303b3334313634603561313135393e60366438646c3c3a34383033306e673666323166636638343739

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:32 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=87
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame 5A0E 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jac=1&je=3d3824247f67607a74635d6d787c6d726c61645d69723d3339342e3b342e31303a2c3030267f6b6f3f7567607076615f616e7465726e63645f6d6c6c73

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:32 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=86
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame FCDD 0
387 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jac=1&je=353826247765607a76635d657a74657a6c616e5d6b703d333b362e3b3e2c3338302e3a30267f6b6f3d756560727c635f696c7c6d706e696c5d6d64667b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 01:30:32 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=85
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF Show response
content22.online.citi.com/fp/ Frame CD58 0
219 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=2434C19851985120E5B9662DF048EFCF?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=9db673e613bdc659&pageid=1&jac=1&je=30342424786567352537402d323a7e6570253a30253141312532432d3032756e666764696e6d6632324d52564b4d4c302d3232253341273d4266696e73652d324b253030475256414f4e273a322d3a4336253d46253544

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A Show response
content22.online.citi.com/fp/ Frame BDBA 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C21B904CBCE2E140DE388E8ACB6D170A?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=1cc475c444d53f08&pageid=1&jac=1&je=3a34262672676d3525374027303274677027303227314131253a4127323275666c6764616e656c38324d50564b4f4e3225323025314127374064616e7b652730412532324d505c414f4e27303025304136273744273544

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8 Show response
content22.online.citi.com/fp/ Frame 2785 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=A27033F25FDAD680FA2C165DEBDFFCC8?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=bf12cc12c4406580&pageid=1&jac=1&je=3834262470676735273740253032766d70253030273341312730432d3a3077666c656e696e6d6632304d505649474e3025303a2d31412d35406661647b672730432532304f5056414d4e27323025324b36253746273744

Requested by

Host: sectiondata8e-consult1d4.duckdns.org
URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/check.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9 Show response
content22.online.citi.com/fp/ Frame 5A0E 0
218 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=EAD4C2F6A5DB89377AA0B16FA7A5C7C9?org_id=89oebq5k&session_id=903c97794138e981f5861cdb5119ba106375d87236f263649d1aee390487119a&nonce=cbcc0172b6475b0e&pageid=1&jac=1&je=30342424786567352537402d323a7e6570253a30253141312532432d3032756e666764696e6d6632324d52564b4d4c302d3232253341273d4266696e73652d324b253030475256414f4e273a322d3a4336253d46253544

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:35 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=4E39819CB992D565C304E34A1BB606B0 Show response
content22.online.citi.com/fp/ Frame FCDD 0
218 B 20ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=4E39819CB992D565C304E34A1BB606B0?org_id=89oebq5k&session_id=a40f1db92d34c019cd32fad22fa992798e9449bfdf47e8d0ac88258dcee88f22&nonce=4f9266dc5b0e4e78&pageid=1&jac=1&je=3834262470676735273740253032766d70253030273341312730432d3a3077666c656e696e6d6632304d505649474e3025303a2d31412d35406661647b672730432532304f5056414d4e27323025324b36253746273744

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:35 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7 Show response
content22.online.citi.com/fp/ Frame C332 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear3.png;CIS3SID=C36193EF2B1E8C9D7FCBA4735AE5F1D7?org_id=89oebq5k&session_id=241af589d42274c7336e77e7e97f5a1886780e8863a6b407ee3af1cf360b8d32&nonce=b7cb24b499b23050&pageid=1&jac=1&je=3a34262672676d3525374027303274677027303227314131253a4127323275666c6764616e656c38324d50564b4f4e3225323025314127374064616e7b652730412532324d505c414f4e27303025304136273744273544

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sectiondata8e-consult1d4.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 01:30:35 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Domain: contents3.00110.citi.com
URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1638840625650-sjn0000950-041aa7e0-864a-467e-9129-a5f913b6c051&muid=1638840625074-EB308CE6-5CAF-43F5-AED7-5B37263F2A5F

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

351 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prod.report.nacustomerexperience.citi.com/glassbox/reporting	1969-12-31 23:59:59	Name: _cls_s Value: 5d37ca04-c8d5-48c8-bec7-8057f981d939:0
prod.report.nacustomerexperience.citi.com/glassbox/reporting	1969-12-31 23:59:59	Name: _cls_v Value: 45e083b3-21d2-40c4-aa5d-82a0192be772
.sectiondata8e-consult1d4.duckdns.org/	1969-12-31 23:59:59	Name: cdContextId Value: 1
.sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: bmuid Value: 1638840625074-EB308CE6-5CAF-43F5-AED7-5B37263F2A5F
sectiondata8e-consult1d4.duckdns.org/	1970-01-19 23:14:02	Name: 7830 Value: error
sectiondata8e-consult1d4.duckdns.org/	1970-01-19 23:14:02	Name: 7018 Value:
sectiondata8e-consult1d4.duckdns.org/	1970-01-20 01:23:36	Name: 64072 Value:
.sectiondata8e-consult1d4.duckdns.org/	1970-01-20 01:23:36	Name: _gcl_au Value: 1.1.1978530933.1638840625
.sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: cdSNum Value: 1638840625650-sjn0000950-041aa7e0-864a-467e-9129-a5f913b6c051
.sectiondata8e-consult1d4.duckdns.org/	1970-01-19 23:14:02	Name: _dpm_ses.61e7 Value: *
sectiondata8e-consult1d4.duckdns.org/	1969-12-31 23:59:59	Name: _cls_s Value: 5d37ca04-c8d5-48c8-bec7-8057f981d939:0
.tvpixel.com/	1970-01-20 07:59:36	Name: sp Value: 46ef75a3-fc6a-4a0c-9e9f-67da8c9276cb
sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: mdLogger Value: false
sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: kampyle_userid Value: 0251-f85f-7744-426b-08c7-c725-22da-e408
.bing.com/	1970-01-20 08:35:36	Name: MUID Value: 2FC43662053663AA2C6E276404E462C1
.agkn.com/	1970-01-20 07:59:36	Name: ab Value: 0001%3A9afvYViivIlpa8Fj5Ip12EJwYr0X4zgV
.agkn.com/	1970-01-20 07:59:36	Name: u Value: C\|0CAApQXW2KUF1tgAAAAAAATPZAAAAAA
.sectiondata8e-consult1d4.duckdns.org/	1970-01-19 23:15:27	Name: _uetsid Value: 4405ff8056fd11ec98a4533c0fb976c7
.sectiondata8e-consult1d4.duckdns.org/	1970-01-20 08:35:36	Name: _uetvid Value: 4406607056fd11ecb95c612b9279bd68
.sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: _dpm_id.61e7 Value: c0f91675-23ac-4591-acdd-7c2f393fdfd5.1638840627.1.1638840631.1638840627.0d641520-c9a6-43e4-92ae-25ef4c8e4bb5
.rfihub.com/	1970-01-20 08:35:36	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMrQ0NzEwNrY0NBPiM9QNjkz2DQt0T_EIKDOT4jU0M7awMDEwMzY0MDABAA9qLNg0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMrQ0NzEwNrY0NBPiM9QNjkz2DQt0T_EIKDMDAE_vhmwlAAAA
sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: kampyleUserSession Value: 1638840631070
sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: kampyleUserSessionsCount Value: 2
sectiondata8e-consult1d4.duckdns.org/	1970-01-20 07:59:36	Name: kampyleSessionPageCounter Value: 1
.rezync.com/	1970-01-20 03:32:43	Name: zync-uuid Value: 796838ed-f169-4ecf-8e23-042d199f59a2:1638840631.38
live.rezync.com/	1970-01-20 03:33:12	Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjp7IiBiIjoiTnprMk9ETTRaV1F0WmpFMk9TMDBaV05tTFRobE1qTXRNRFF5WkRFNU9XWTFPV0V5T2pFMk16ZzROREEyTXpFdU16Zz0ifX0.FJBKtw.bQyPn_AxyDKKOoIp5YHBokY3KVs
.doubleclick.net/	1970-01-20 08:35:36	Name: IDE Value: AHWqTUk6QCellaF1-2M-lGUq5qdE46Qi0dd0WZ3vNnhWMZL7TZdSn_Xu4qEdQ-qs

361 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Appstore-Googleplay-JDPower-Sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
deprecation	warning	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/xmsdk.js.download(Line 18) Message: RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_facebook@3x.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
deprecation	warning	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cedric.js.download(Line 7) Message: Plan B SDP semantics, which is used when constructing an RTCPeerConnection with {sdpSemantics:"plan-b"}, is a legacy version of the Session Description Protocol that has severe compatibility issues on modern browsers. The standardized SDP format, "unified-plan", has been used by default since M72 (January, 2019). Dropping support for Plan B is targeted for M93. See https://www.chromestatus.com/feature/5823036655665152 for more details, including the possibility of registering for a Deprecation Trial in order to extend the Plan B deprecation deadline for a limited amount of time.
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/Citi-Branding-Sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/cds-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_youtube@3x.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_twitter@3x.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: Access to XMLHttpRequest at 'https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1638840625650-sjn0000950-041aa7e0-864a-467e-9129-a5f913b6c051&muid=1638840625074-EB308CE6-5CAF-43F5-AED7-5B37263F2A5F' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1638840625650-sjn0000950-041aa7e0-864a-467e-9129-a5f913b6c051&muid=1638840625074-EB308CE6-5CAF-43F5-AED7-5B37263F2A5F Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(1).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(7).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(14).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(15).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(3).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(4).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(1).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(5).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(2).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(10).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(29).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(11).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(12).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(30).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(31).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(17).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(54).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(18).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(19).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(55).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(56).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(3).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(4).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(5).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(6).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(7).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(32).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(6).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(31).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(34).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(35).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(36).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(37).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(57).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(56).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(59).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(60).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(61).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(62).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(9).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(10).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(11).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(12).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(13).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(14).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(38).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(39).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(40).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(41).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(42).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(43).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(63).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(64).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(65).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(66).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(67).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(68).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(15).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(16).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(17).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(18).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(19).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(44).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(45).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(20).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(46).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(47).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(69).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(48).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(49).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(70).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(71).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(72).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(73).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(21).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(74).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(22).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(23).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(24).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(25).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(50).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(26).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(51).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(52).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(53).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(33).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(75).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(76).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(77).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(78).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(58).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(27).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(28).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear3(8).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(1).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(22).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp(2).html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(23).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/ls_fp.html Message: Refused to execute script from 'https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/clear(21).png' because its MIME type ('image/png') is not executable.
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(1).html Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource(2).html Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/citi_files/saved_resource.html Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cdn.pbbl.co/r/1560.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://sectiondata8e-consult1d4.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://sectiondata8e-consult1d4.duckdns.org/secure/ Message: The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20822230p.rfihub.com
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswr1cc475c444d53f08sac.d.aa.online-metrix.net
89oebq5kiv2fqgzodvfcm2qxb5byua3rv3ugiswrb7cb24b499b23050am1.e.aa.online-metrix.net
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigc4f9266dc5b0e4e78am1.e.aa.online-metrix.net
89oebq5kvqeiymge2j3p2mah4ntwtc7csfe2cigcbf12cc12c4406580sac.d.aa.online-metrix.net
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6l9db673e613bdc659sac.d.aa.online-metrix.net
89oebq5kz2oopejtozbm2rh4ceahm42i7ezxgv6lcbcc0172b6475b0eam1.e.aa.online-metrix.net
assets.kampyle.com
bat.bing.com
c.tvpixel.com
cdn.pbbl.co
content22.online.citi.com
contents3.00110.citi.com
d.agkn.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
h.online-metrix.net
live.rezync.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online.citi.com
p.tvpixel.com
prod.report.nacustomerexperience.citi.com
resources.digital-cloud-citi.medallia.com
sectiondata8e-consult1d4.duckdns.org
sr.rlcdn.com
udc-neb.kampyle.com
www.citi.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
contents3.00110.citi.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
www.citi.com
104.111.238.178
13.32.22.31
13.32.22.79
151.101.0.68
151.101.194.133
151.101.65.175
172.217.18.98
18.195.42.228
192.193.200.243
192.225.158.3
193.0.160.129
2600:9000:214f:fc00:1d:bf0a:0:93a1
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2003
34.106.143.177
35.156.157.11
35.190.60.146
35.241.45.82
54.164.224.206
91.235.132.130
91.235.133.67
91.235.134.131
016b0590183f82205fe441fee93850bd80df4d9552cdbd9fbba284b935242f64
06f8609ddb7bd700e7d1c554b1a98caeb42cf263619e38d4a95c2cab250b9484
0ce27e9325578e87d56fb6067cea56737c8a1fec538e1a823a72e5c4c2de4ab0
0e0b42f83994ef5771755c73a41bea8af80a20a8f9deb44649ca34ff75863c04
0ec34eb4bae48d5fe081b0d31ba183b410997a43cb997f2007d7e1b8f8a3625b
0ff723ad535bb51caa4e379125786ca1d328f29faa1bb59733728bf16453053c
0ff8ab7046d29477deea04c4871c3855e3bd73df92dec600c8b387d9905b62ae
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
106d61ada031ebf3b464a3a555e1139dfb3a0e6ddaf0b3a2326d794fabbdf4eb
10d1a09ed85bc8ad803a16660940e68736b3a86d27bdaf7d96ca872152d55156
192342dece60dbba81a5d57f1ee771e2847dc75ca1028c4ff0caaa89ba0269ad
193238ab76da5459deca110ce1d66df1e8c4704397e025072eb03b2ea88adf0b
1a05bf7684aab3fbe33332b1e227670f492102d9e345e29a62a5a4eb0c20b061
1a52e20a2d1a14c0f487d961757fe56caa17d172a64820c54950eba91c50933a
1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf
1c8d486988286b27acecad98545f906aca181f7804289a8a263bb8f50eab30e8
1ef8a96213dddc1092922838721a9944760936864f654a7975246e377b6271e6
1f5b03cc93456ce6ad6fb19f01e6fb2c29756ae24ca9f3e1a2ed60b9ed77add3
21436b362a61dba68828fcad09704f865f1fc169f284ff7383927eead46a9d62
232e458903366c81298221c77e27a787a9b023b461f4bf041d46cba54dbed529
241e96ead3a633d9b84379afdc244cd93a9b63a786e4ec77f5bc73d5a52a09c2
249043702f809b67227fd2a3bf6fbec36aaa2ecb712ca5f77c8b67e94c76da63
24ae3bdb3c016eefc3e7519084cccfe577540cc99624de7f50ecf8f651d100e0
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
265dc015ad95e6372ef9c1f9d77cc347bd3399e3884fc3247c781f7e0f7f3a79
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2861b2d82fec30deb83e23b981db306dfef251b7712576ee2abfe668e1084ac3
29559450cf2b7f8be98987d31923c299e84677b50c284f37ee590401848856a0
2d5e0f829caa438ad26c547792d42c9ad591a8a2b7f5e532a3c740f79a043826
2de419797226f96c7acae89f033c5fc33491312ea4f305052209f9136632d6f5
2e0c9a5ac3a8a0a7738afb69481a216edf32993324e190e8ca7de61fa9429d26
316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
3445f606e78e4f4e95ca28fe478e4a40efd84cfe8383028d6af8a3283bbd3531
36a4554ddb2f91d4a7666df38e63bb6cfd402d620003202affb4b8f088f4c765
381755f71c74f975a9ac540fe1ede4a3fc9b1fab96d800b86d635d526d27b8a4
3950c8b755ebd006f07c6f1fd8595ddb482de737b2881e93bd25b4e932ba0832
398787402ea915dba26c6376422c3f8091abc44c94acc012fd3b584c81cf2ff0
3a4284fc3091796d852c047a85d6f8d91c95e1bb7b1b2c3bb3e69b1d29064488
3d4ed134e512a6eb311c096d9a967c28539006f8d1aa3a6195e544483ea0d778
3d594246baf1e88fe62fc2bf1adf9ff76c53e390731f99455eb71d7441ba8f00
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3ec4c4017d3615c24f26b410345ce19c24a30e5a563c90f7fa58498d1cb3d1aa
3fd98b9b4f926fc187f5d96d89e84f6400995dbfca8ddb6ab2e25c983191a672
3ffeb7001287be5dd60d5a221874e2ea04d0aa6aab1000256616bf0efd82fdc4
3fffb8d87957014886c19a6facfef2acbeb84d739b58be7bb01fd963448e2bcc
410b2c6c4e5d803c112ac15ed2e11db6bb1278ed837fa0259d67feaca2d89e4d
460d13e70e1f2ee022a7c67fd5ac1c6a3562b358f00a579e40bb89f4dbfe5a86
4617d721a72730b105417ff7d971cad16a84a6fb8da05729ac45f69a02396600
472083aa55f0ce92f258f53c93181e695338e6c01857ceafbf6ced254b94c56d
48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a
488f2e5ca810789b86bf5dcb121eddb5ad06d69914e622971685b56bc8b16354
48bbb9a9c2bcf37b69acde0cd56b87591edd09beb8efc629f95757eec1866e7f
48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593
4c8e7a9b90d81d5546fd28d8dcc95c51329c2eeda5eac8348ce1ee5913e49fdc
51369dbf29e69b578b41d4e58bfd7f7845ff88baa6595c954fa9fddf0dbecf5d
51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a
54114d6a66ff9b0a463cb8804b869581eb63483f4a78f5fc4367861bb2267a50
58edfbfc2f0d71cba3b2f3c7e20e86af09b6e7097c76db4e57cd9b4abe106b50
5aae2cfb75508c7fe149be48fb2de77689242a21e02dae364d4438161349b386
5b7f800227bb70a3dae3388e31fda8b0a9168eebaceb11c5cb18915799ecac7e
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
5eb31658b4133308b0e87ef2cbf3812fef10fe699f16f3e2073b983825909480
5eddf6e04b7b4d877bcc41b695bc5ade3cd6dc80b2493fb06ff47f68b5d0eb79
60202d0a881aee000e3ef1b52abe7ce6759a52bdc50b97f60ddcb65783fa8d22
6067f039414c0c33e948241340e75df111544fffaaf40a96d48c27d0186425b0
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
6245952a84f047f47eabe2d7cc6ba2d90207b5396d594c07ef9ec58a10736740
627660443b6ba8e5a33bb1c0961f9a628a6b956ac4c9cfb3aca7991797d30bc3
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
63a37c8b23a9f3953a94d7887a80395ebeb1c25c1c9561fff6a4991c4a6a8676
651ebd4bc6f8839724c4170e4a2a371ec8ef7ec4e84a137f272c7a3c0b405dcb
6608f3225dd3f373a0fe2701c42427936eb998509a1271ac52dce3b00af54834
66142f608346ab15cd117ab93e2c97168ccbcbdcdf6523bc4fea489a18a852fa
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
6f9551f15040ba3709bbf68e69eada1d5ba40e081b8a5fcf3ae045122f5a27fb
71137b95bc3d14f7a6de2ed96290422b4ae342c57a3ea8ff9ae6914fd7a9792a
76262472e3bdc3961a2981c15110635a80b249f424ad28be42366e50f4ffbe03
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b
7a577a969ac3e4ed1b5ce11d30298f48b1fa33d1eaf3e2eb82a6d8dbe508ebdf
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fb20629e6af659742722f89cf23522dc448d94ca929ca7cc578ad693953992f
80ca50c063371e37ab3ed2efb9842c2aac89bd9e2ac64de697950c588d4df7c2
8322edb47f5a2f8dc4b8767813922f6918dcfa00d8c93de0017b04db649f63d6
83234a7ccf9b10289c35549b5528c0a8203e3ea5fa497c42ee556121368e37c5
845fb8a7859de5499a50023135f5863388e4a464fd11a14fa77ac62a05d915b5
864435f2f6b480ddb113f310b9a4aa6ca66e9d5d0be7ea7ef99b8a1d50dfe278
87cef7fe0bd0a2be044c8c4cc85790c8e9a99a31cb1567c804b06062b9b67b2a
88fc4b693b8bbadd822119802f0b7f3039c7fdaffc03c6a4e4c1ee3b2127a674
8af070f2f55051d709a513db37d217d7109ae2150bf226100e6b9c7866844499
8c9db6aae864c399cd193941140f47128eb99ef4310795eda5befe70ff7b3d91
915afa3a684b0562c638837fddc86f51700d954a4a13ed16d9857a066462edec
9222fb53874d578cf7d2b8778f4d06c197a5ad3c6c044d3f4428988da18972f6
94bd0aa5378cc695113022cf5f09877c2444520fe1e8c1100d7e26f048b25427
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
99c39b12cbe978ccefa53af3df50a9e8ace321efc7d23193c60a38c0938ec29e
9c53af1ed22f8e1f67c76c9fc493d32cdfa1c3023a574778833a27e90b88e13b
9e78de330792cb7190d2391e632fef62a7142470694ed01389149b3066bdca04
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a21c10d4782f2e65efc759d72a0f42c3d91110ae56d7e381dce152593c6410e4
a4a0a2560eae9c0cd224e0f1b231d9674c0a532b43992029f50b98f70282af97
a52ab14f213aee9dd4812843a9ef65a6f636b6f7ae7120e9b9821ba96af70b4e
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
b6779b81d2c9de7cd1d5e6a99dea492916826e1aa07c5056247103a2615caa80
b71ccf6edf4f945fe0cb55240b606077eb77930db0f12fadb5859091a5967102
b7ece5a6038d46d1e7e858b6c54850d1ce9221977f08f9e2fb26bc0c69b017bb
b86389100be1332c53c03d4aec32dce30ce00d9f4a803a7c6f7dc6155c4d84c1
be3a7fefd0171e451a0610798b1ddebec64cd0457d8a9e571498b417c5f15142
bf7853273ca8063f3944cca69bc18fdc056db7c373386b4534a9dbc3a9f8c6c7
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29
c51c4f74c39812fa3893a33531464a1ec54a928a0cfaaa259f13d791baa2bc68
c64cbd472959e09b0eb3f25f31c09c8e80547071c69abf8db3b66a4a711c77fc
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
cb883d76615555623bbdba0a4111a158d214c43255bd8d3211c79a0bb87aed23
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
daf989f454f9505c34a0bd80f4f4ca5bd76a15b94f6f85879a1a587d7026f57c
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e103d45f638ac5174b7428a7b0d2f0440766cb8d17c05886e41ae30e62e8825d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
e6399fca6cbab33a9b3831e797db3e27e5438340da68f73b02710a3a75f58baf
e78fd3a0c79a50c92811c6f4354790115560dd6d4e04ef95429cb5913ea39586
e7ef42c5bbd7f8d71f7c0a6b1d7de5aab5ef30619267afd49f0f2d27998cdc93
e83d41b48708d19862e5bd32a6e7d25e7aa9c3bb4f49f967b36f2e93619eb0a7
e8e8f01dc620e1cd54ce35aa05a1c9c703bf8eede3772537ffb5cc10884bfeac
e9cded78ec9e6c7ba3e9cb83f59a157df774ccad1004533ddca95c39a50f9d30
ea12ab7a2a26ff50cabcdecc8e3f46d9c5f4823401afa3b1c2c2bdbf9eacac94
ea443941c23136440c6e80fa8c83e99402564222964f960921476eb82bb431f4
ed000f9034b588160db0f2a7f4213cc23eacfd007d11980f8453b8e50bef87a7
ed2bc1d6241b185a941da3d61c592bd2a44244980e627d3a54c8d1c4b6b3c3d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04957972254d6626e13996490c1b69d00852cf9dd1609b7207176324cc82183
f237cc206237c64f01c5eecc39d6a2826b0ffb42ac19bc613fe212ea005870eb
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
f46fe5cbf2c79bcceeb14f708e2abfc16b539e79dc4e2bf0484fda66e802addc
f71b34ee34c63409f8dd14a971efccc5cd72a76f8359349e4b4f87a817c8ee32
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f998e7e1e3ebe9d300a9475bdd7d311f50396f79e2524bd47f1f4bad5c217c50
feb51770e950d4375c64c7045dba448a58adf5363569fa1e1f3e06937aa11007

sectiondata8e-consult1d4.duckdns.org Open in urlscan Pro 34.106.143.177 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

420 Requests

97 %HTTPS

24 %IPv6

19 Domains

32 Subdomains

25 IPs

2 Countries

19189 kBTransfer

22752 kBSize

28 Cookies

35 Outgoing links

Page URL History

Redirected requests

420 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sectiondata8e-consult1d4.duckdns.org Open in urlscan Pro
34.106.143.177 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

420
Requests

97 %
HTTPS

24 %
IPv6

19
Domains

32
Subdomains

25
IPs

2
Countries

19189 kB
Transfer

22752 kB
Size

28
Cookies

420 HTTP transactions
1 data transactions