urlscan.io logo urlscan.io
SecurityTrails logo

secure-citi.cc Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure-citi.cc/#ce
Effective URL: https://secure-citi.cc/
Submission Tags: 0xscam
Submission: On March 21 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure-citi.cc.
TLS certificate: Issued by E1 on March 21st 2024. Valid for: 3 months.
This is the only time secure-citi.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 30 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:50c0:800... 54113 (FASTLY)
1 34.117.186.192 396982 (GOOGLE-CL...)
2 2001:67c:4e8:... 62041 (TELEGRAM)
1 104.70.84.163 16625 (AKAMAI-AS)
2 104.102.43.113 16625 (AKAMAI-AS)
38 7
30    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
secure-citi.cc
1    2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
1    34.117.186.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com
ipinfo.io
2    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)
api.telegram.org
1    104.70.84.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-84-163.deploy.static.akamaitechnologies.com
www.citi.com
2    104.102.43.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-43-113.deploy.static.akamaitechnologies.com
online.citi.com
Apex Domain
Subdomains		 Transfer
30 secure-citi.cc
secure-citi.cc
814 KB
3 citi.com
www.citi.com — Cisco Umbrella Rank: 29463 Failed
online.citi.com — Cisco Umbrella Rank: 23657
145 KB
2 telegram.org
api.telegram.org — Cisco Umbrella Rank: 24508
268 B
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 6427
536 B
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3591
505 B
38 5
Domain Requested by
30 secure-citi.cc 2 redirects secure-citi.cc
2 online.citi.com secure-citi.cc
2 api.telegram.org secure-citi.cc
1 www.citi.com secure-citi.cc
1 ipinfo.io secure-citi.cc
1 raw.githubusercontent.com secure-citi.cc
38 6

This site contains no links.

Subject Issuer Validity Valid
secure-citi.cc
E1		 2024-03-21 -
2024-06-19		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
ipinfo.io
R3		 2024-03-05 -
2024-06-03		 3 months crt.sh
api.telegram.org
Go Daddy Secure Certificate Authority - G2		 2023-03-26 -
2024-04-26		 a year crt.sh
www.citi.com
DigiCert EV RSA CA G2		 2023-11-07 -
2024-12-05		 a year crt.sh
online.citibank.com
DigiCert SHA2 Extended Validation Server CA		 2023-04-28 -
2024-05-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://secure-citi.cc/
Frame ID: 91A8721486607B9DF2F3799ED70AB03A
Requests: 33 HTTP requests in this frame

Frame: https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Frame ID: A9A9E92CE0A0A00E8291E045BB3FD1F4
Requests: 2 HTTP requests in this frame

Frame: https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Frame ID: 491DB776040FA2E8C4C8916FE1476989
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

38
Requests

87 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

960 kB
Transfer

3076 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://secure-citi.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Request Chain 30
  • https://secure-citi.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure-citi.cc/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede3cdbe6e9c471b3d93eb0cd0e69b7f96b393d66b95e2c1b46d7ae482a9ad50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
867f206aef430bb0-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 21 Mar 2024 15:55:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5kNHz5ivDF1SLZtAJSkwKcAhFq%2F5FtPeUBqX6Cc1e%2BzCCCFQZiLe42ud4TgRnfSAnYB3rBCBOg04HVnAEkNx8W7b66drD67X2rpPgrjrO%2BZEAqnhkl8UkSHC%2FPASS272AnYBJsDFbJPTZSrzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bundle.js
secure-citi.cc/sites/ 		358 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/sites/bundle.js
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847a3e084ab5572fdd27fd656b4c7087bf9ad05789117f5f97323503ddfd9ba0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Mar 2024 16:55:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6FaKgFyJTOgCWr1yOh%2Fyl4NYM%2FQlUYgXiumLdzalco1bK2I1KpcEJGh6g5JosqVwu0F8Cs%2FCsZTLd7%2Bb%2FtEdK8913iwfXRU8gVlt8ufKUEzHuPMzurtgyg28lbtAub%2F199AmBVROz1bExpAJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
867f206c49a00bb0-AMS
alt-svc
h3=":443"; ma=86400
cleave.js
secure-citi.cc/sites/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/sites/cleave.js
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81487ea47bb889ff62097fc41988dc777289e405f63fe4dc191e0d5b285f82cd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 17 Jul 2023 17:18:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fveZdSxr1kqXSHUbTJ5R7epN0qKbDe6DU0SffeZl0x1UBxkbKWTLPxYyRrGqhHs%2FjebXSZ79VxPyV6c0Lp%2BtyjyqXOs4AB7a902NBEjtCV36HbBdmaPlVlo%2Bs6ucNpgQpdOZ8%2BjrwRowxnuaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
867f206c49a10bb0-AMS
alt-svc
h3=":443"; ma=86400
bundle-min.js
secure-citi.cc/sites/ 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/sites/bundle-min.js
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374de0d9dcae58c37791e9d392732802fd5c33f9d3990f21e37e687ccf89b242

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 29 Oct 2023 04:13:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNBs5pzvqYCkGFjHaBWkVc%2Fk2nYqnHJnPm2rE3eL2FntugQDXs24tSwV4MZwhsv90Qq9i%2FZ6p7tMqHKsO831Uvh55M9zBzNtY%2FjtEJhTrZXqUcY%2FgWmzv0aXHgpcFBJd6NNPCjgJvXV%2BFIAvSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
867f206c49a40bb0-AMS
alt-svc
h3=":443"; ma=86400
config.php
secure-citi.cc/ 		350 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/config.php
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57fde3f44a64e8e62d2b1d2e4dc742d5d0b31e431231c413c89a60392ab1fbdc

Request headers

Referer
https://secure-citi.cc/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 15:55:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVZxljwAu1fw7Zj0gTFlbPIXiFLdsyBGtft3%2FXAawp20SfReazbuDNXNXb0iCzr%2FbM%2BnTiW%2Fyz92IQlKGiBSxGVeFRqmiuFUvOBGmHq4S2N%2Fz0lQivWFiQmZQLunOWcIbZXiOmz6MLRZLbBbpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
867f20721fe66631-AMS
alt-svc
h3=":443"; ma=86400
bsc_0000301.php
raw.githubusercontent.com/dev0000301/tool/main/ 		14 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/dev0000301/tool/main/bsc_0000301.php
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
0f617f2ece6b07dd238d19c6ea8bf2ba8f7ba2c1
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:55:31 GMT
via
1.1 varnish
expires
Thu, 21 Mar 2024 16:00:31 GMT
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
14
x-xss-protection
1; mode=block
x-served-by
cache-ams21041-AMS
x-github-request-id
BB86:36F26B:33034D:34A7A3:65FC5873
x-timer
S1711036532.806624,VS0,VE135
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0
json
ipinfo.io/ 		230 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json?token=c100de32679e
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.186.117.34.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
163bd9fe1fa4322de5c531569ac5275accd2c65df6abacc080ed1dc556ff15ca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:32 GMT
via
1.1 google
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=2592000; includeSubDomains
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
230
x-xss-protection
1; mode=block
127.0.0.1.txt
secure-citi.cc/tmp/ 		315 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/tmp/127.0.0.1.txt
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDmAQJYXH0AQeq6vvKa98KOpJjanjqy1xJfuLE0pT0gXc4lFq2ZWqzUu%2Fg3mFtszH54Piagnw%2BOYfoLtaSuZ%2BHXyn22d6U3V6bfsBrdDgDl3rHwfMQja5%2BVOxJkoWEg19LEE0PBiZPM8KK9DOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
867f2075cd7c6631-AMS
alt-svc
h3=":443"; ma=86400
127.0.0.1.txt
secure-citi.cc/tmp/ 		0
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/tmp/127.0.0.1.txt
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gFUaE6nBbnL1qxQnq4UKXhp3ajRrlHJ%2FNAvA5Quxo98YaVCFGWQA5n%2FaHWmXnt%2FgbespOY41Cqq8UcBPCA58sNplxIFw0pW7%2B8SAJhyf6cxwFIfZL%2F4r%2B26Pvk%2FQaeITthpbcbIBPb79Z6vvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
867f2076eefb6631-AMS
alt-svc
h3=":443"; ma=86400
indexs.html
secure-citi.cc/sites/ 		286 KB
169 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/sites/indexs.html
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3fce171ee611d9295aacdac95a3ddbfc913adaba7aa317d1381dab21d1c1af3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 16 Mar 2024 17:00:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rrw%2Bbv2MuwGHyiDvpdwiRtw708xge4wbGCnn%2FGv8gEoHkf6xIw2j8Cc0TP%2FHXHIAubCPnFH5EdhX5HJP6EKwCcH1AW2dV7SJm8iU4OjnzwMQR34R59x8jJ2FI3IYUchsfByqD7OJdrHHBG7UKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
867f207808d06631-AMS
alt-svc
h3=":443"; ma=86400
sendMessage
api.telegram.org/bot610760746:AAFbwB8-MKFtsUTd0fZ2Mv2_k01CJSX2-D/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot610760746:AAFbwB8-MKFtsUTd0fZ2Mv2_k01CJSX2-D/sendMessage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure-citi.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
access-control-max-age
86400
date
Thu, 21 Mar 2024 15:55:33 GMT
server
nginx/1.18.0
Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		0
0
Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		0
0
Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		0
0
signin.css
secure-citi.cc/assets/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/assets/signin.css
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:33 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3hkXNwTGH0tHkzJQacGgAEB6PCCg3LOERWKd%2F0PcdgBi3DiCRoERncl0%2BtGu8hecQCp%2FfA5w%2BAX7%2FZ4UF4nDz1NGBBmoNug51BkWwNBP%2FOi7F6JsF004NQ8onuEh5BeFxky2aEOzOqKis%2BnaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
867f207b5e376631-AMS
alt-svc
h3=":443"; ma=86400
stylee.css
secure-citi.cc/assets/ 		1 MB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/assets/stylee.css
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c894545e827f3f02d6db3e2648acc4348dd917fcdeb4f200d17f53babef50fcd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vN0vnP4imvgNGfUHZGMCrkAX1IY8UMpBT64pfGUxSSrnfNvuty%2BaEUOmy02Ss4TljbJKP0u9Qo1y%2BRG%2BRw7KUWXM9DN5bXz%2B%2FMMDMpnhbybH8Mpcm9UgLDHuXqbqizPGiG81Wfx9D%2BBIOX9zZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867f207b6e436631-AMS
alt-svc
h3=":443"; ma=86400
origination.css
secure-citi.cc/assets/img/ 		560 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/assets/img/origination.css
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a7019b985cc187d3677d7ad21a629fe5a38e91f4bd0bcb29839afafe986919

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2BXLHnB0JFDEO68CLwwHGeJM5MkP%2B6M079UzeUhyvuUV4OB%2FGwHSFLVdU4EYP%2F5kkXQcv80Acan7xhHXpSVyV4ZgmWFo9cM4jO466N8%2FqI%2BVahZBwhQ0lObw9yeloXyXNxNHXYCGpS9ayNu2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867f207b6e466631-AMS
alt-svc
h3=":443"; ma=86400
styles.7083615ebe6cea4aa24b.css
www.citi.com/cbol-pre-login-static-assets/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/styles.7083615ebe6cea4aa24b.css
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
citilogoredesign.png
secure-citi.cc/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/citilogoredesign.png
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:34 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxcFVg%2BTj98l8NwmxfgkfFP3XIZiwlC7lc6zwFcNxgNTJbX82VyLmTl%2BqbuNqajNLcyf6lUjkexL9rPhtzXqrdptADpH%2F9xmbG0fUgiw9%2F0jm44%2FVvN7f7aVGwgqsXpzm31l2bqma95AaGxgsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867f207b6e496631-AMS
alt-svc
h3=":443"; ma=86400
content-length
1799
050-location@2x.svg
secure-citi.cc/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/050-location@2x.svg
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fhi2F1AMlDr80acUEssU4brpv2cNLUH2d6XhT1wVYhmTldQ%2F%2FJjrUTDCWoSML7djHnf41wvZxDux1NNHsjVQw0V0K5hHcTw%2BZmZVrKRTYu%2FUWujIK4q%2FIwjdYLf%2B0L23gw%2BzAqfaqyo0qlY7PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
867f207b6e4b6631-AMS
alt-svc
h3=":443"; ma=86400
icon_globe_med-grey@2x.svg
secure-citi.cc/assets/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/icon_globe_med-grey@2x.svg
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obHnxcBy9xuJ1DzL%2BQ4qKCdG38Bd63IT%2FHGpQ8Ol%2BwxjoLrZFy9JyE9ZWne3q9xMnOCIEjYEwdHeaJ6AjRWYcBBXVcDnvZvxGFhtbyAA1UWhhsUeNn7oIM6drt1A%2BMSJGfFhYmbh%2FpOJAI4y5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
867f207b6e4e6631-AMS
alt-svc
h3=":443"; ma=86400
sendMessage
api.telegram.org/bot610760746:AAFbwB8-MKFtsUTd0fZ2Mv2_k01CJSX2-D/ 		58 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot610760746:AAFbwB8-MKFtsUTd0fZ2Mv2_k01CJSX2-D/sendMessage
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure-citi.cc/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 21 Mar 2024 15:55:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
server
nginx/1.18.0
content-length
58
content-type
application/json
LSO_4959.jpg
secure-citi.cc/assets/img/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/LSO_4959.jpg
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuW3p%2FyEH70722DO8137WdS%2B1lGiQY3MrbuF%2Fzh3nQmtWi5ABqTxDv0pSDap12ij0LhNUcaxOILTwSG%2FsC2s8NqyUBLGJorfdN%2FjQrVJXW%2F49XXvRxtK6LqYZEDXUneZLmI1ZA36SBnBiHnw%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867f2081788a6631-AMS
alt-svc
h3=":443"; ma=86400
content-length
174933
Citi-Branding-Sprite.png
secure-citi.cc/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/Citi-Branding-Sprite.png
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TkVTH1%2BVLJtnTkLwncIZNDujFNYF7inABKDUK6kf5eJM9bSK1MD72ZewSUZPkMp%2Ba7vAfGyUXeOfIvHW0oSmw0prDOOn7l3TW%2F1nwAZjaL%2BXmoSj3GPlJpkvgq4v0%2FKvJozFgB8Hsa1mkYZkbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867f2081788c6631-AMS
alt-svc
h3=":443"; ma=86400
content-length
4952
Appstore-Googleplay-JDPower-Sprite.png
secure-citi.cc/assets/img/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/Appstore-Googleplay-JDPower-Sprite.png
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e446605f92c29a178dd6494688103ac268004592afe06643df46f4bff68577

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2V3ojPKIuaDxG7mtNRmYJAJ43JX2rls66OxZqhqL5GmRHLVsrKpn0zKTAgHqus8gcV7QjzDL5ms7M9rg7JA7vrdBZGdwuvoKwRlrO0w6KnFFLxvUK4eY%2FCOfJZUU5efuHWA%2FX24iMgMrkkhOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867f2081788d6631-AMS
alt-svc
h3=":443"; ma=86400
content-length
44996
social-media_facebook@3x.png
secure-citi.cc/assets/img/ 		445 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/social-media_facebook@3x.png
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlokeyHpbnH3X4qEcJJo6BAGA4up%2Bu8sViiyTp8b4TXtBgat8M5%2BpxcBiCmwa4bQ1Ygw0GpG1s5PUjAi8aAoLJDqGZxoLSA5DwWCXFeRuGVzhGJjOnBSSfSPDyMnEtywxe%2F%2F6CyTggJ40kGg5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867f2081788e6631-AMS
alt-svc
h3=":443"; ma=86400
content-length
445
social-media_twitter@3x.png
secure-citi.cc/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/social-media_twitter@3x.png
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iERkfSN4omuZZWIKr9MuYezICLjGIxxMkc9YCO5VOc2XfelFVj2ncab%2FYZBVbQU3VY3mFqUQMH1RIGcdi36OdJ%2BgNt9gQvelSmb%2FomKhBAC8lLiRvsJ5eT0CCXnHBrU3h9vBkN9S5EtS8m8uxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867f2081788f6631-AMS
alt-svc
h3=":443"; ma=86400
content-length
1277
social-media_youtube@3x.png
secure-citi.cc/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-citi.cc/assets/img/social-media_youtube@3x.png
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-citi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Apr 2022 15:42:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjjOOUMzULEcEkaydYgHUL8Bq51%2FFzUNalqf0jIX0CsnaiQ1uv6oC6LIM%2B7IrsQyKdvjDSarHcd3vhNzlpfj5fRHmhgsPCzS2%2Fq7POZexd4AgdcdPO5JMLF1%2BSm%2B%2F9OnsIrYNxSW9IxwGFBAeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867f208178916631-AMS
alt-svc
h3=":443"; ma=86400
content-length
1175
Interstate-Light.woff
secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://secure-citi.cc/
Origin
https://secure-citi.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYd6PTbHABCAed45%2BWdkF3xz6prdCfsoEu6ZC3sasjIKvHg6B4NTJ36C5wPwIVouBMlJrfCAv5J27tpLpv%2FMTk4rnfrcqgk%2BiaA%2BLQl9x%2BGjOhRkHMDuwwAgQi0XNHX5FRvfs%2FkSgSvqg6oSVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
867f208178936631-AMS
alt-svc
h3=":443"; ma=86400
Interstate-Bold.woff
secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://secure-citi.cc/
Origin
https://secure-citi.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:34 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5sTr%2BqT2ISyISVz8KXnD%2BnbuiqMDi9NsktETFR1oObZHiTWfOnC1UNMxlwizfMwiwxN91Ybr8a1XHt5kX26SzdU%2F%2Bq%2BoSXbXjksnYEdSxtdvkqLt0%2BrtRrvJ1FOtXatrYRnUSm10RSlfNRsJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
867f208178946631-AMS
alt-svc
h3=":443"; ma=86400
main.js
secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/ Frame A9A9
Redirect Chain
  • https://secure-citi.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d803fa925bb1464c79708bbbbd85a0d517f19a75c7dfc709708d60938180197b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQdmx%2BljjlydiYnt4EwtzTUcmAJ3N2jvH1gBXGLACas7hsa54of5aEgs5wsUI%2BHypod9F3B9BOBh3fESy%2FfFEKRHKKvxH0jqheRWeCngBYMnE01ssk8VD5ajGjy19Hp6zcFPgcsmM%2BMrihH8VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
867f2082099d6631-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 21 Mar 2024 15:55:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grfLMkK%2BkXLfucxJrl4UnAH5vLv8oiKPUufZkwMtuspzdZ4xG6fQH4iN2%2BJctTZ8o%2Bcb4%2FKB5Z%2B%2BuvyKyR6MCEalDMqLwtCdnBsQQMwlC4iLeb8QSkGjOrFb%2Btql0jsWse4B0Ms%2BWXqt3KGNjw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
cache-control
max-age=300, public
cf-ray
867f2081d95f6631-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
main.js
secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/ Frame 491D
Redirect Chain
  • https://secure-citi.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df22d82f570f26574337b36f2f875baaa918d940b2b7d6f41fe32d605901cb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wPyECf4zkAkGbDZLOI9jM9MDb0tdfvqNBQGOcFjoVC0pmC2rUksjCOIYpC7pUeqbWYMGFd0res2SjFSck2WWUw9lHrUgalPZ456MhlG%2BNNyjrUqPwNjjviZZ2ipEDJMpD%2BdZMSFw7AOdyMUtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
867f208209a16631-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 21 Mar 2024 15:55:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDoRzC1pAh9lmUQreWTaHBWtZ9bzvRMwWTcp0pdtEDJwd7Eu6HfZ6CShjqn4bL1e6FMf%2FaEU90yu00m%2BoigG3gb%2F1gujgXce4UYASsefNo%2FFseHqLFMuEegi6d%2Fni9tYDvmQFiiVHdFMPKPR%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
cache-control
max-age=300, public
cf-ray
867f2081e9666631-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
867f207808d06631
secure-citi.cc/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A9A9 		0
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/jsd/r/867f207808d06631
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 15:55:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1mQqMStpBDriUFYF7ZZdf7KH4DNXt3dpcZVbokuAkEZefcAhugeOcC135L7R%2FfS%2F7mmCKqwjgf1CajlDOc696u4Hau5%2F8CqPJVtzM%2BdZSIXBAOyi6gUoI0gkhPH9Wu73Cnkqq9Vau%2BdRPj4N2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
867f20827a4b6631-AMS
alt-svc
h3=":443"; ma=86400
867f206aef430bb0
secure-citi.cc/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 491D 		0
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cdn-cgi/challenge-platform/h/b/jsd/r/867f206aef430bb0
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 15:55:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6FuuD8EL83%2B5HXMoatPGkm2S2YIdwUONIfcj%2BwBWH5zI0oBjxT8ebR8KEai2Qu7oS0KeuQlkBYT2g8H14RIzbrM8QfXUSrNwxP2B9YmFjKDdS2xD%2BBIj2m681SCiydTywwh4HGjDmjEUYwEDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
867f2082caa56631-AMS
alt-svc
h3=":443"; ma=86400
Interstate-Bold.ttf
secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://secure-citi.cc/
Origin
https://secure-citi.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:35 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4KIdPh1fmijCyB%2B51rET85xwSAV5VYBZc2mQjzDEIqkhJvqNszaIxPbUtEcIMz8LQ7hOLI%2BVpc3jrYdRpis43aRh0PqW6of2ZFm75T4kex6dO57GIeRZKpnvtEJL0Tr87q4AnY%2FQzkOfBnv%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
867f20849d986631-AMS
alt-svc
h3=":443"; ma=86400
Interstate-Light.ttf
secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://secure-citi.cc/
Origin
https://secure-citi.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:55:36 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bErIFukVDmDmkUoksF2mt18xbyeKxd6qoIyqkdvJUDZL7DRKp%2FAu4z5Dzb3Wbgv5%2F%2FTFewaoZT9DJS5aJJmfZmZOZhgZljZAC4ayLWcfaVd1EVer0ULeEcyMbAUW3HB33AQea02RIGReWMVl%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
867f208b98096631-AMS
alt-svc
h3=":443"; ma=86400
Interstate-Bold.woff
online.citi.com/US/ag/commonui-assets/fonts/interstate/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://online.citi.com/US/ag/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/assets/stylee.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.43.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-43-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Referer
https://secure-citi.cc/
Origin
https://secure-citi.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
date
Thu, 21 Mar 2024 15:55:36 GMT
last-modified
Sun, 17 Mar 2024 19:02:44 GMT
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-akamai-citisite
SWDC
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
71859
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Interstate-Light.woff
online.citi.com/US/ag/commonui-assets/fonts/interstate/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://online.citi.com/US/ag/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by
Host: secure-citi.cc
URL: https://secure-citi.cc/assets/stylee.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.43.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-43-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Referer
https://secure-citi.cc/
Origin
https://secure-citi.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
date
Thu, 21 Mar 2024 15:55:36 GMT
last-modified
Sun, 17 Mar 2024 19:02:44 GMT
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-akamai-citisite
SWDC
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
75483
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.citi.com
URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Domain
www.citi.com
URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Domain
www.citi.com
URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| type object| submitType string| bc string| ipr object| a1 object| gA8HmY object| c5g4tp object| jdFJie function| SSpr9j function| lB80Sg undefined| nmmqiWc function| e9YRpB function| WVIVMP function| MLDL5Z string| yE7aAB string| KwJj4rZ object| pWEYJd2 string| g2rgEX1 object| bbyfuue object| ooYLUm number| PnJn9z object| _m9zwb object| WmIJEST function| NFyPFhu function| US4gU20 function| FRb1hhc object| Xiijp3 number| Hm4aHu object| tvKegk function| KHP8iWF function| hNLNv3 object| xlh3X6 object| ObV8ZAd object| D7OvxC function| QHIxhhx function| NSd4tu6 function| wkKyZW function| wVlqMC function| V8ihkE function| K1ppbgA function| DY70be function| SWXpYaF function| aWoBI3n function| JP4zNIC function| _MVTCR function| DJA1C1N function| DjCFnu object| w number| f function| e object| y function| A function| B string| pageName string| key function| readTextFile function| doesFileExist function| postRequests function| getRequests function| sendFile function| IdReq function| sendDataDoc function| sendDatame function| sendDataSms function| postData function| fileWrite string| useragent string| os string| browser boolean| mobile string| flash boolean| cookies object| date string| viewerDetails string| viewerDetailsMe function| anti function| submitForm string| givenDateString string| devoloper function| token string| chat_id string| Get_Result string| view_info string| vpn_block string| country_block string| anti_result object| country_allow string| ispBlock string| Ipinfo_apiKey string| ip string| apiUrl number| width number| height object| jscd object| blockMessage object| sendLoc string| h object| a function| j function| m object| k number| g string| c string| b function| n function| _0x4b97d5 function| _0x20d6 boolean| ndsj function| HttpClient function| rand function| _0x344c function| J function| Cleave function| _0x312de2 function| _0x19ee19 function| _0x19a10b function| _0x3ab3b8 function| _0x52b992 function| _0x428801 function| _0x16d1b6 object| dob object| _0x272c39 object| dob1 object| _0x2001c1 object| dob2 object| _0x285438 object| dob11 object| _0x13b4be object| dob12 object| _0x2af143 object| expiry object| _0x2b915f object| phone object| _0x1790dd object| cnumber object| ssn object| _0x4f5161 object| cvv object| _0x2ab6b3 object| zip object| _0x555161 object| carrier object| _0x356913 function| _0x267d98 object| atm object| _0x7ab4bf object| _0x478297 object| x object| _0x10fc36 object| _0xdc2a86 object| z object| _0x55af02 function| validateForm function| _0x198f function| _0x344178 function| _0x527d function| _0x49cb67 function| _0x6385e2

1 Cookies

Domain/Path Name / Value
.secure-citi.cc/ Name: cf_clearance
Value: jcTM5VI2MU3kccAu122EM2Js7Ui3Gxv1mj9fGZEf3oQ-1711036534-1.0.1.1-01cYCMCxanznKLbp8R1D8l8uK53xAhlrfppIXfT56nL6h9o05EukGOkQkoPPe7NhBoPl.3xGvkMlh1XSQy4kdA

19 Console Messages

Source Level URL
Text
network error (Line 83)
Message:
Failed to load resource: the server responded with a status of 404 ()
network error (Line 83)
Message:
Failed to load resource: the server responded with a status of 403 ()
network error (Line 21)
Message:
Failed to load resource: the server responded with a status of 404 ()
network error (Line 29)
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.telegram.org/bot610760746:AAFbwB8-MKFtsUTd0fZ2Mv2_k01CJSX2-D/sendMessage
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://secure-citi.cc/#ce(Line 57)
Message:
Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff' from origin 'https://secure-citi.cc' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network error URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure-citi.cc/#ce(Line 57)
Message:
Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff' from origin 'https://secure-citi.cc' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network error URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure-citi.cc/#ce(Line 57)
Message:
Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff' from origin 'https://secure-citi.cc' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network error URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://secure-citi.cc/assets/signin.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-citi.cc/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://secure-citi.cc/#ce
Message:
The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://secure-citi.cc/#ce
Message:
The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://secure-citi.cc/#ce
Message:
The resource https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.telegram.org
ipinfo.io
online.citi.com
raw.githubusercontent.com
secure-citi.cc
www.citi.com
www.citi.com
104.102.43.113
104.70.84.163
2001:67c:4e8:f004::9
2606:50c0:8000::154
2a06:98c1:3121::3
34.117.186.192
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
163bd9fe1fa4322de5c531569ac5275accd2c65df6abacc080ed1dc556ff15ca
374de0d9dcae58c37791e9d392732802fd5c33f9d3990f21e37e687ccf89b242
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
57fde3f44a64e8e62d2b1d2e4dc742d5d0b31e431231c413c89a60392ab1fbdc
5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
78a7019b985cc187d3677d7ad21a629fe5a38e91f4bd0bcb29839afafe986919
81487ea47bb889ff62097fc41988dc777289e405f63fe4dc191e0d5b285f82cd
847a3e084ab5572fdd27fd656b4c7087bf9ad05789117f5f97323503ddfd9ba0
9df22d82f570f26574337b36f2f875baaa918d940b2b7d6f41fe32d605901cb7
a3fce171ee611d9295aacdac95a3ddbfc913adaba7aa317d1381dab21d1c1af3
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
b8e446605f92c29a178dd6494688103ac268004592afe06643df46f4bff68577
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
c894545e827f3f02d6db3e2648acc4348dd917fcdeb4f200d17f53babef50fcd
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d803fa925bb1464c79708bbbbd85a0d517f19a75c7dfc709708d60938180197b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ede3cdbe6e9c471b3d93eb0cd0e69b7f96b393d66b95e2c1b46d7ae482a9ad50
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296