urlscan.io logo urlscan.io
SecurityTrails logo

www.citi.com Open in urlscan Pro
104.70.84.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%...
Effective URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Submission: On March 21 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 104.70.84.163, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.citi.com. The Cisco Umbrella rank of the primary domain is 29463.
TLS certificate: Issued by DigiCert EV RSA CA G2 on November 7th 2023. Valid for: a year.
This is the only time www.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 173.213.4.17 53316 (ASN-CHEET...)
1 2a00:1450:400... 15169 (GOOGLE)
3 63.148.46.76 53316 (ASN-CHEET...)
1 1 192.193.102.176 25883 (CITIGROUP)
18 104.70.84.163 16625 (AKAMAI-AS)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
31 6
2    173.213.4.17 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
fm.info6.citi.com
l.info6.citi.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    63.148.46.76 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com
sts.eccmp.com
1    192.193.102.176 (United States)

ASN25883 (CITIGROUP, US)
PTR: citi.com
citi.com
18    104.70.84.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-84-163.deploy.static.akamaitechnologies.com
www.citi.com
4    2a02:26f0:3500:18::1724:a28d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p11.techlab-cdn.com
Apex Domain
Subdomains		 Transfer
21 citi.com
fm.info6.citi.com — Cisco Umbrella Rank: 338213
l.info6.citi.com — Cisco Umbrella Rank: 104818
citi.com — Cisco Umbrella Rank: 12134
www.citi.com — Cisco Umbrella Rank: 29463
2 MB
4 techlab-cdn.com
p11.techlab-cdn.com — Cisco Umbrella Rank: 5067
59 KB
3 eccmp.com
sts.eccmp.com — Cisco Umbrella Rank: 31946
9 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 716
30 KB
31 4
Domain Requested by
18 www.citi.com fm.info6.citi.com
www.citi.com
4 p11.techlab-cdn.com www.citi.com
3 sts.eccmp.com fm.info6.citi.com
sts.eccmp.com
1 citi.com 1 redirects
1 l.info6.citi.com fm.info6.citi.com
1 ajax.googleapis.com fm.info6.citi.com
1 fm.info6.citi.com
31 7

This site contains no links.

Subject Issuer Validity Valid
info6.citi.com
DigiCert EV RSA CA G2		 2023-11-29 -
2024-12-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.eccmp.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-24 -
2024-06-09		 a year crt.sh
www.citi.com
DigiCert EV RSA CA G2		 2023-11-07 -
2024-12-05		 a year crt.sh
p11.techlab-cdn.com
R3		 2024-01-18 -
2024-04-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Frame ID: B6EED16406CBBDCF65B59EEF63141C45
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId... Page URL
  2. https://citi.com/login?featureId=conversionWizard&source=&sourceURL= HTTP 301
    https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

90 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1704 kB
Transfer

6799 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%26source%3D%26sourceURL%3D&linkName=CT_Citi_earlyaccess&transId=A20240320P0434408 Page URL
  2. https://citi.com/login?featureId=conversionWizard&source=&sourceURL= HTTP 301
    https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url.aspx
fm.info6.citi.com/ats/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%26source%3D%26sourceURL%3D&linkName=CT_Citi_earlyaccess&transId=A20240320P0434408
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
57b6166f4c33a1e241af7a5e143e1e20cb18b58d522ae94aa7092a5eacbf88e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4910
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Mar 2024 15:45:46 GMT
Expires
0
Pragma
no-cache
SERVER
Vary
Accept-Encoding
X-Powered-By
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%26source%3D%26sourceURL%3D&linkName=CT_Citi_earlyaccess&transId=A20240320P0434408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 04:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 04:17:44 GMT
open.aspx
l.info6.citi.com/rts/ 		43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.info6.citi.com/rts/open.aspx?tp=i-16IJ-9x-M-AQwUEV-1q-7WrquZ-1c-U4-G-lABJjbF1yL-1q7veA
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%26source%3D%26sourceURL%3D&linkName=CT_Citi_earlyaccess&transId=A20240320P0434408
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Mar 2024 15:45:47 GMT
Server
X-Powered-By
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, max-age=0
Expires
0
conversen-SDK.js
sts.eccmp.com/sts/scripts/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%26source%3D%26sourceURL%3D&linkName=CT_Citi_earlyaccess&transId=A20240320P0434408
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:45:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2024 19:05:24 GMT
Server
Age
4042
ETag
"032e9928b71da1:0"
X-Powered-By
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7009
617
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 		35 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/617
Requested by
Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:45:48 GMT
X-AspNetMvc-Version
3.0
Server
X-Powered-By
Vary
Accept-Encoding
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
35
image.gif
sts.eccmp.com/wts/WebEvent/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sts.eccmp.com/wts/WebEvent/image.gif?isSplit=false&guid=65355655-6f38-1616-39c9-f97170e1777d&segmentNumber=1&pm[linkName]=CT_Citi_earlyaccess&pm[transId]=A20240320P0434408&rp[cr]=617&rp[wegc]=&rp[et]=100&rp[ap]=&rp[we]=1
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%26source%3D%26sourceURL%3D&linkName=CT_Citi_earlyaccess&transId=A20240320P0434408
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:45:47 GMT
X-AspNetMvc-Version
3.0
Server
X-Powered-By
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
private
Content-Length
807
Primary Request login
www.citi.com/
Redirect Chain
  • https://citi.com/login?featureId=conversionWizard&source=&sourceURL=
  • https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
211 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fciti.com%2Flogin%3FfeatureId%3DconversionWizard%26source%3D%26sourceURL%3D&linkName=CT_Citi_earlyaccess&transId=A20240320P0434408
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
285c8cb00b20a97a156f2005d9ada215b37ce515be8e4bbaae394106d5360d78
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
https://fm.info6.citi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Access-Control-Max-Age
2147483647
Cache-Control
no-cache, no-store
Connection
keep-alive Transfer-Encoding
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Mar 2024 15:45:49 GMT
Dclocation
SW1DMS
ETag
W/"34abc-n8ZYJGb1l3Mh7LarnRH7ezXTzVk"
Expires
Thu, 21 Mar 2024 15:45:49 GMT
Nonce
9049489798449753
Pragma
no-cache
Referrer-Policy
no-referrer
Scope
VISITOR
Server
nginx
Sid
7e551d9c-859f-4b78-bb7c-d011053dcc25
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Uuid
19aa18e0-12ab-4a2d-a582-3de0e1fee884
Vary
Accept-Encoding
X-Akamai-CITISITE
SWDC
X-Akamai-Transformed
9 42210 0 pmb=mTOE,1
X-Content-Type-Options
nosniff
X-Vcap-Request-Id
6480ede9-a49c-4e46-7a5f-3b1fa58e28c2
X-Xss-Protection
1 ; mode=block
x-robots-tag
noindex, nofollow

Redirect headers

Connection
Keep-Alive
Content-Length
288
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 21 Mar 2024 15:45:49 GMT
Keep-Alive
timeout=5, max=500
Location
https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
2be5433306a1555bf6f96086ea852669dd0011213c3f
www.citi.com/public/ 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e864d99a8d998cba8772938c0fc9785007685f0d43fe7c532a8c8e4b8dae4c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:45:50 GMT
Content-Encoding
gzip
Content-MD5
jaY7dBzoVbYFoWF4z9HCDA==
Connection
keep-alive
Content-Length
56381
Last-Modified
Thu, 14 Mar 2024 21:38:45 GMT
ETag
0x8DC446F205AADA4
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Expires
Thu, 21 Mar 2024 15:55:50 GMT
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0e4ede6d1f916d19fd5376c69662aee63942241d3247187b8ecbbcc152ba491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Mar 2024 15:45:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Ion-Hop
Prod
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
735
Expires
0
tagging.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/tagging.min.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6fac9e333a345d008b027e55517ba0a7b37f4cf5e2218b01ba9855c7614ec47e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
9908
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"a700-18e4ad09358"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
741cd278-203b-4520-7824-875751c93aa3
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Thu, 21 Mar 2024 21:45:50 GMT
banner.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7ee631ff5513ea1a236f455459687f7ba034f2ca6bca26ca3bb439ced608a46f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
4355
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"363d-18e4ad09358"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
3cd92dce-00f6-4c65-56cb-6675276f87ad
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Thu, 21 Mar 2024 21:45:50 GMT
Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Sid
32d07e4b-f1f6-4fb2-95c5-3ce22cd151eb
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Nonce
7796768142997278
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Uuid
1f0e16b3-c55a-4fdd-9e49-86eefe82431a
Connection
keep-alive
Content-Length
75538
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"12712-18e4ad09358"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
font/woff
Scope
VISITOR
X-Vcap-Request-Id
6afb3682-f235-43dc-625b-2a33eff46506
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Thu, 21 Mar 2024 21:45:50 GMT
Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Sid
ef4692bf-63a3-48d2-9ad7-3621f865cafb
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Nonce
4271398723041992
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Uuid
f1fd2cc6-2b86-4a86-9b38-d5b5a0db39ef
Connection
keep-alive
Content-Length
71874
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"118c2-18e4ad09358"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
font/woff
Scope
VISITOR
X-Vcap-Request-Id
71a85623-d536-4e1b-4814-945c743fd16b
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Thu, 21 Mar 2024 21:45:50 GMT
Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Sid
4e5b20fd-f3d7-4d93-9e41-bf71c2c041e5
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Nonce
4067575914935782
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Uuid
df791903-28c6-47f1-a00d-e66a7b20706b
Connection
keep-alive
Content-Length
78762
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"133aa-18e4ad09358"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
font/woff
Scope
VISITOR
X-Vcap-Request-Id
6426034b-0a48-4ab0-5175-06ca1a28f335
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Thu, 21 Mar 2024 21:45:50 GMT
styles.958e0aa55e23c233.css
www.citi.com/cbol-pre-login-static-assets/ 		2 MB
163 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/styles.958e0aa55e23c233.css
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
800b1e1c1ae4398778aba23368c9d3ecb82cc011f70605127e0d657153b10ead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
165852
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:10:59 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"18467d-18e4ad1fab8"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
dced93e1-05b6-41ae-722f-3a31386b7750
Cache-Control
max-age=2592000, public, no-transform
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 19 Apr 2024 21:14:46 GMT
fp-clientlib-v5.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp-clientlib-v5.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3bcf19ce679acd27c2218eeb943c2d8611265d526df55518b416e43f151b4c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
1547
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"e6d-18e4ad09358"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
d9e7301b-edab-4a25-7c90-8629f5b3e910
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Thu, 21 Mar 2024 21:45:50 GMT
fp.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
4844
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"4de4-18e4ad09358"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
1b9baf04-0d4d-447c-607e-227a6611a86a
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Thu, 21 Mar 2024 21:45:50 GMT
runtime.04e838de78ece0ff.js
www.citi.com/cbol-pre-login-static-assets/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/runtime.04e838de78ece0ff.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1e6350d625fa8dfb8570f6e44683c22532cec183d8c2996db78b74d87d578396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
1757
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"d22-18e4ad09358"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
X-Vcap-Request-Id
5fa6a709-64bd-4db1-7322-b0fec1228e0c
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
max-age=2592000, public, no-transform
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Fri, 19 Apr 2024 19:23:08 GMT
polyfills.adb80ee790195eb1.js
www.citi.com/cbol-pre-login-static-assets/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/polyfills.adb80ee790195eb1.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
16650
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"be3d-18e4ad09358"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
X-Vcap-Request-Id
3ae1a6ce-2814-4f5a-79cb-69e4e87eaf7e
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
max-age=2592000, public, no-transform
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Wed, 17 Apr 2024 21:27:52 GMT
scripts.9655e22a1093af91.js
www.citi.com/cbol-pre-login-static-assets/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/scripts.9655e22a1093af91.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
01be85a6d596b0b84d59f2b4de7285d41272d6a0c2d97a897a428bbfb140370e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
15188
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:09:27 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"d1b6-18e4ad09358"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
625f800a-0ac8-4e77-56b6-83d437e38edf
Cache-Control
max-age=2592000, public, no-transform
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Tue, 16 Apr 2024 08:13:17 GMT
main.58dfbe0c43e97e35.js
www.citi.com/cbol-pre-login-static-assets/ 		4 MB
797 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/main.58dfbe0c43e97e35.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
93a18561bbbd3f18892d7ef114c4d17323ed059f17e544aa58ac089fb73c72fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 15:45:50 GMT
Dclocation
GT1DMS
Connection
keep-alive
Content-Length
814720
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Mar 2024 05:10:59 GMT
Server
nginx
X-Akamai-CITISITE
GTDC
ETag
W/"39aa2d-18e4ad1fab8"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
X-Vcap-Request-Id
826ab00b-8f43-428b-5e13-2c7c654208a8
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
max-age=2592000, public, no-transform
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Thu, 18 Apr 2024 18:43:09 GMT
cE2g
www.citi.com/JI-OmW-E/MQ-8Gcj/E7mPNcJ/my/3Jri6zpb4J/YyZNWVcPAQ/Khg_Dhc/ 		210 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/JI-OmW-E/MQ-8Gcj/E7mPNcJ/my/3Jri6zpb4J/YyZNWVcPAQ/Khg_Dhc/cE2g
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa2d9e17f98e261ee737a48868ad52fa1dbdf31f675c1fc3b837c2732c480a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:45:50 GMT
Content-Encoding
br
Last-Modified
Wed, 02 Aug 2023 16:13:42 GMT
ETag
"1e89c7fefdea99ed722045800db0a662b12e1d2a0b1059cb5d2ce99048a9ac08"
Stored-Attribute-Sha-Checksum
aa2d9e17f98e261ee737a48868ad52fa1dbdf31f675c1fc3b837c2732c480a8f
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Cache-Control
max-age=21600, max-age=21600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
78330
65319_1825202430.js
p11.techlab-cdn.com/e/ 		54 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65319_1825202430.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1762a6d546dfc49a32e2e4b2caefb01368b948b0d137b4e03447e18e3119c65a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:45:50 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 13:18:33 GMT
content-md5
rUBDMtkKPwbICzxwW6Zmug==
etag
0x8DBF4CB84416B0B
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
timing-allow-origin
*
content-length
18224
expires
Thu, 21 Mar 2024 15:55:50 GMT
65257_1825232097.js
p11.techlab-cdn.com/e/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:45:50 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 12:38:55 GMT
content-md5
7rdGFe+/Y2zHt4sXxqkzxw==
etag
0x8DAD39902829531
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
timing-allow-origin
*
content-length
6061
expires
Thu, 21 Mar 2024 15:55:50 GMT
64885_1825202523.js
p11.techlab-cdn.com/e/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:45:50 GMT
content-encoding
gzip
last-modified
Sun, 24 Apr 2022 12:00:07 GMT
content-md5
DnvBZTKTbXGPNtxH2P6zMg==
etag
"0x8DA25E9F9A41165"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
1470
expires
Thu, 21 Mar 2024 15:55:50 GMT
65226_747628217.js
p11.techlab-cdn.com/e/ 		70 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65226_747628217.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:45:50 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2023 21:28:41 GMT
content-md5
FfPxnOXyJHEeTjF3kZAIQQ==
etag
0x8DBF76B7C0E97C7
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
timing-allow-origin
*
content-length
33072
expires
Thu, 21 Mar 2024 15:55:50 GMT
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ 		308 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMAkomGOAQAALuwUGHYTFqxopynrtE3J7CZv7retWp67eQVbUlTxv_k4cn74&X-soz9htCz--z=q
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0dcea7188921a69ea37f0e57f759a0bc8d13c285c48883690446a80373426da7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:45:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Ion-Hop
Prod
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Cache-Control
public, max-age=3600, immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
cE2g
www.citi.com/JI-OmW-E/MQ-8Gcj/E7mPNcJ/my/3Jri6zpb4J/YyZNWVcPAQ/Khg_Dhc/ 		18 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/JI-OmW-E/MQ-8Gcj/E7mPNcJ/my/3Jri6zpb4J/YyZNWVcPAQ/Khg_Dhc/cE2g
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-84-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 21 Mar 2024 15:45:52 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.citi.com, https://citimobile.citibankonline.com
Access-Control-Allow-Credentials
true, true
x_req_id
8434a832-00f4-4606-81be-cc83b0457118
Connection
close
Access-Control-Allow-Headers
Content-Type
brandingMap.json
www.citi.com/CBOL/IA/Angular/Branding/ 		0
0
988.2fc71a976f9afa56.js
www.citi.com/cbol-pre-login-static-assets/ 		0
0
0f06941e-9e23-42b7-8335-2b75d9b701e5
https://www.citi.com/ 		9 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.citi.com/0f06941e-9e23-42b7-8335-2b75d9b701e5
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?featureId=conversionWizard&source=&sourceURL=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bdc1d1cf88e1b4149b2b14462f309cf6a1c2b70f2385cfc56b421625268cf11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
9044
Content-Type
application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.citi.com
URL
https://www.citi.com/CBOL/IA/Angular/Branding/brandingMap.json
Domain
www.citi.com
URL
https://www.citi.com/cbol-pre-login-static-assets/988.2fc71a976f9afa56.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object|  $$__b2/cilbup/ undefined| jQuery number| ___dm function| ___dto

9 Cookies

Domain/Path Name / Value
fm.info6.citi.com/ Name: BIGipServercnv_ats_ssl_pool
Value: 1128732682.47873.0000
l.info6.citi.com/ Name: ASP.NET_SessionId
Value: p2oagmiejluqk3l25c3lxp30
l.info6.citi.com/ Name: BIGipServercnv_ats_ssl_pool
Value: 1061623818.47873.0000
.citi.com/ Name: xyz_cr_617_et_100
Value: cr=617&wegc=&et=100&ap=&we=1
.citi.com/ Name: AKMTLTSID
Value: 0EDE1267EE022BB2877A5E4389752B5E
.citi.com/ Name: ak_bmsc
Value: 08EA84BDED028938F33857FEB20E0B1D~000000000000000000000000000000~YAAQi15swcscFFaOAQAAj6OwYRdr3KhK81QVvtAcKknDxZr1Mh7zUzvTUtWHvafefRgIGaYXs87JOyhBMusPAvtpDArhkyYU3KQ15/H3qVHic1SiK0YhUFHQvrFol91kSNSLiBoLQ3/cV4HgSEAnhWbpFEthPNwE+AgJAhAJoQ00sY9cMr2wKfMuklgwQdvgFy4cm7pIYXfzFuZk9NNK8URRc+9r10aijUijKjPlmH4iaM3rtWq7OMOGezCMfKEparosoX7+1JQyeOFoCG5kKWN2reTu7PceqXoamuZHUBaw2TfGo393cXcETUHWSpPMS3Mrm+mGAthbhRW7Iw6NNHvBgVFD9+lgZWGf59sbw1HxCF0RzVUcI1X6wZRX
.citi.com/ Name: bm_sz
Value: 2D1AAF9D4C7DA25F9352C6607DA1D507~YAAQi15swcwcFFaOAQAAj6OwYRfR3uMaBAYfib+tHSa+BpeE/lwVb/BVoBu0bYXhWvJDCQlfo1H6wqisMDqEfAh3dng/m35hGfOeXAtFVTxZA7kJJDcBNWpS5+PCJcb5S5D+VegVohHdfKbLiKO9DOyD7QDCqQGy/hr/+aDMmdNxu4wkjWVpmCbPOlzjx/d+DJKBznxTZSdubNMqcaq7U4TDcTLqux+EzkD4uuRqUEf9ffEVXl8sexf4U8hhAEiljMl3UMZzL4ELZ5cqdpWuahyPTOTd1wNC2Tka0npXYmT0R4lXT4L01PMePKaVWtT8DJ/w7XeZSCDiLeKvuS9LnL9sY1JYL0A9Eag=~3490871~3355459
.citi.com/ Name: _abck
Value: 41C9A256D0E1FC61965FD759114941BC~-1~YAAQi15swd0cFFaOAQAA5aSwYQv3+ma/q6GM1kTJi5gSqzZrFCWvPkgdGVxHn/D2SuVKYobJeNXLwcZkdgtXd3cP5pnOR5F2oMyj9jFwxTGVaO2LT/IlJxEGjz0dvFRjZAr1eWaOnXt3n575Cgkp+AIvNCbuWgGh11OHkKW2PFrNJ6s1lSgavAj03d7+5gylcV+BSND3jMT18VCR66Lm1J+9a+O8milnRqd6TDYRHiGVV/lBR56cwgqvOFjkJ8zF9bekKSKLIeBMEewRhpdVtDbUbPSobEV6K4fUSu0SPRIUplTU/wB/GMHL8PdK50k1ASPqQ4104G565wlZ2WCXurEhvmJhMELOFzW7xMYErMQpboZVq6MKLKleC4a+1OvLca+7tj8lTJQ=~-1~-1~-1
.citi.com/ Name: NMO5iv8Z
Value: A7unsGGOAQAA1b7lIC42PJdQoi6oyaz7w6Dh8AP3z06xy5fuFGjibizsh_lsAVD_B2iucrZKwH8AAEB3AAAAAA|1|0|dcc2bf7a6de54c3e4a5805b64c0bfff14af703ba

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMAkomGOAQAALuwUGHYTFqxopynrtE3J7CZv7retWp67eQVbUlTxv_k4cn74&X-soz9htCz--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citi.com
fm.info6.citi.com
l.info6.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
www.citi.com
104.70.84.163
173.213.4.17
192.193.102.176
2a00:1450:4001:82b::200a
2a02:26f0:3500:18::1724:a28d
63.148.46.76
01be85a6d596b0b84d59f2b4de7285d41272d6a0c2d97a897a428bbfb140370e
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
0dcea7188921a69ea37f0e57f759a0bc8d13c285c48883690446a80373426da7
1762a6d546dfc49a32e2e4b2caefb01368b948b0d137b4e03447e18e3119c65a
1e6350d625fa8dfb8570f6e44683c22532cec183d8c2996db78b74d87d578396
285c8cb00b20a97a156f2005d9ada215b37ce515be8e4bbaae394106d5360d78
3bcf19ce679acd27c2218eeb943c2d8611265d526df55518b416e43f151b4c6c
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca
57b6166f4c33a1e241af7a5e143e1e20cb18b58d522ae94aa7092a5eacbf88e1
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
6fac9e333a345d008b027e55517ba0a7b37f4cf5e2218b01ba9855c7614ec47e
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
7bdc1d1cf88e1b4149b2b14462f309cf6a1c2b70f2385cfc56b421625268cf11
7ee631ff5513ea1a236f455459687f7ba034f2ca6bca26ca3bb439ced608a46f
800b1e1c1ae4398778aba23368c9d3ecb82cc011f70605127e0d657153b10ead
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
93a18561bbbd3f18892d7ef114c4d17323ed059f17e544aa58ac089fb73c72fe
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
aa2d9e17f98e261ee737a48868ad52fa1dbdf31f675c1fc3b837c2732c480a8f
b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411
c0e4ede6d1f916d19fd5376c69662aee63942241d3247187b8ecbbcc152ba491
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
e864d99a8d998cba8772938c0fc9785007685f0d43fe7c532a8c8e4b8dae4c1a
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296