urlscan.io logo urlscan.io
SecurityTrails logo

www.citi.com Open in urlscan Pro
104.96.154.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUs...
Effective URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAcc...
Submission: On February 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main IP is 104.96.154.38, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is www.citi.com. The Cisco Umbrella rank of the primary domain is 32496.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 10th 2022. Valid for: a year.
This is the only time www.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 173.213.4.17 53316 (ASN-CHEET...)
1 2a00:1450:400... 15169 (GOOGLE)
3 63.148.46.76 53316 (ASN-CHEET...)
1 1 104.87.132.58 16625 (AKAMAI-AS)
16 104.96.154.38 16625 (AKAMAI-AS)
4 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
28 6
2    173.213.4.17 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
fm.info6.citi.com
l.info6.citi.com
1    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    63.148.46.76 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com
sts.eccmp.com
1    104.87.132.58 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-132-58.deploy.static.akamaitechnologies.com
online.citi.com
16    104.96.154.38 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-154-38.deploy.static.akamaitechnologies.com
www.citi.com
4    2a02:26f0:11a::5f65:1759 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p11.techlab-cdn.com
Apex Domain
Subdomains		 Transfer
19 citi.com
fm.info6.citi.com — Cisco Umbrella Rank: 227563
l.info6.citi.com — Cisco Umbrella Rank: 101402
online.citi.com — Cisco Umbrella Rank: 23966
www.citi.com — Cisco Umbrella Rank: 32496
2 MB
4 techlab-cdn.com
p11.techlab-cdn.com — Cisco Umbrella Rank: 2995
59 KB
3 eccmp.com
sts.eccmp.com — Cisco Umbrella Rank: 21313
9 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 345
30 KB
0 iesnare.com Failed
mpsnare.iesnare.com Failed
28 5
Domain Requested by
16 www.citi.com fm.info6.citi.com
www.citi.com
4 p11.techlab-cdn.com www.citi.com
3 sts.eccmp.com fm.info6.citi.com
sts.eccmp.com
1 online.citi.com 1 redirects
1 l.info6.citi.com fm.info6.citi.com
1 ajax.googleapis.com fm.info6.citi.com
1 fm.info6.citi.com
0 mpsnare.iesnare.com Failed www.citi.com
28 8

This site contains no links.

Subject Issuer Validity Valid
info6.citi.com
DigiCert EV RSA CA G2		 2022-12-01 -
2024-01-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.eccmp.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-06-20		 a year crt.sh
www.citi.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-10 -
2023-12-04		 a year crt.sh
p11.techlab-cdn.com
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Frame ID: 0CC5818B4D96AC4EE4C2CC3DBA947A6E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%... Page URL
  2. https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA... HTTP 301
    https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

93 %
HTTPS

33 %
IPv6

5
Domains

8
Subdomains

6
IPs

3
Countries

1644 kB
Transfer

7038 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137 Page URL
  2. https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount HTTP 301
    https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url.aspx
fm.info6.citi.com/ats/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
f8709c02d335331e2befafef5fa16fb5b5a4272e1787c825619d7d37aca7fec5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3814
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Feb 2023 01:58:09 GMT
Expires
0
Pragma
no-cache
SERVER
Vary
Accept-Encoding
X-Powered-By
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 01:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 01:35:42 GMT
open.aspx
l.info6.citi.com/rts/ 		43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.info6.citi.com/rts/open.aspx?tp=i-16IJ-9x-EU-7cjBQt-1x-b3ET3-1c-Pe-G-l8b2VhHBuL-1frZKD
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 01:58:10 GMT
Server
X-Powered-By
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, max-age=0
Expires
0
conversen-SDK.js
sts.eccmp.com/sts/scripts/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Wed, 15 Feb 2023 01:58:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Feb 2023 18:18:10 GMT
Server
Age
5820
ETag
"01dc977c3dd91:0"
X-Powered-By
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7528
617
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 		35 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/617
Requested by
Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Wed, 15 Feb 2023 01:58:11 GMT
X-AspNetMvc-Version
3.0
Server
X-Powered-By
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
35
image.gif
sts.eccmp.com/wts/WebEvent/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sts.eccmp.com/wts/WebEvent/image.gif?isSplit=false&guid=83fd8a05-7fe1-a6da-885b-fc4d907b0e34&segmentNumber=1&pm[linkName]=CN_USCBOL_AccountHome&pm[transId]=C2023021410160137&rp[cr]=617&rp[wegc]=&rp[et]=100&rp[ap]=&rp[we]=7
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Wed, 15 Feb 2023 01:58:10 GMT
X-AspNetMvc-Version
3.0
Server
X-Powered-By
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
807
Primary Request login
www.citi.com/
Redirect Chain
  • https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
  • https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
212 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d9bdc054301831bd590c618569f5e137668e89cf7c07985420600d5bd296c4f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
https://fm.info6.citi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Access-Control-Max-Age
2147483647
Cache-Control
no-cache, no-store
Connection
keep-alive Transfer-Encoding
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Feb 2023 01:58:12 GMT
Dclocation
SW1DMS
ETag
W/"34db5-cgx4rhqM5A0/7sqzdwBQTM9MRL8"
Expires
Wed, 15 Feb 2023 01:58:12 GMT
Nonce
2429211275722935
Pragma
no-cache
Referrer-Policy
no-referrer
Scope
VISITOR
Server
nginx
Sid
dd6b66ac-2aa9-4c38-af52-e212a0f70ec6
Strict-Transport-Security
max-age=31536000 ; includeSubDomains max-age=31536000
Transfer-Encoding
chunked
Uuid
b0e06d4c-fade-4d84-9f19-572f0f2d2ff1
Vary
Accept-Encoding
X-Akamai-CITISITE
SWDC
X-Akamai-Transformed
9 43384 0 pmb=mTOE,1
X-Content-Type-Options
nosniff
X-Vcap-Request-Id
0fdac350-fd8b-4b14-6a73-59ef92368266
X-Xss-Protection
1 ; mode=block
x-robots-tag
noindex, nofollow

Redirect headers

content-length
0
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
date
Wed, 15 Feb 2023 01:58:12 GMT
location
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
server
AkamaiGHost
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-robots-tag
noindex, nofollow
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
00815f5bb6a1555bf6f96086ea852669dd0011213c3f
www.citi.com/public/ 		150 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/public/00815f5bb6a1555bf6f96086ea852669dd0011213c3f
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b5e667a2af15341b22e7b8864ed537085f68b2573c43c86d3a259f646da2460b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Wed, 15 Feb 2023 01:58:12 GMT
Content-Encoding
gzip
Content-MD5
pD8EC0NkEHL1TuhpHYI/Bg==
Connection
keep-alive
Content-Length
53348
Last-Modified
Sat, 30 Oct 2021 08:06:52 GMT
ETag
"0x8D99B7C3B76A439"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 15 Feb 2023 02:08:12 GMT
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
682375341274ba1532a6b3a51902b2df4d0a7e2ee132961b6bf8d716a7aef0a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 01:58:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Ion-Hop
Prod
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
737
Expires
0
tagging.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/tagging.min.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c0ddb126f5e56526aeb58a7588b93a3d7424b1a31dad0e579c18fb0cd8ef7a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:12 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
10405
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:26 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"ae6f-185d712b6b0"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
6f54469d-7c3e-4bc1-4fb5-0d183dbb9d94
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Wed, 15 Feb 2023 07:58:12 GMT
banner.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c590162d2ddae2a4028b391081a26e707670ff3c959e9d212135952d6177df64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:12 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
4782
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:26 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"3c7e-185d712b6b0"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
a16c8327-7ffb-47cf-5bbb-f942f7b87a38
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Wed, 15 Feb 2023 07:58:12 GMT
Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Sid
49566504-6dfe-4275-9f13-3151cb0dca31
Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Nonce
2344882109808324
Date
Wed, 15 Feb 2023 01:58:12 GMT
Dclocation
SW1DMS
Uuid
e3e23aa7-8bc8-4f9a-90e0-46e036d212dc
Connection
keep-alive
Content-Length
75538
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:27 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"12712-185d712ba98"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
font/woff
Scope
VISITOR
X-Vcap-Request-Id
932b1db0-ade4-4a0d-5b8b-5f319c3a1649
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Wed, 15 Feb 2023 07:58:12 GMT
Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Sid
22c54454-e000-4dfa-bf3e-a14dff15cd7d
Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Nonce
3125680833487264
Date
Wed, 15 Feb 2023 01:58:12 GMT
Dclocation
SW1DMS
Uuid
6ae34e27-1ea4-430b-9c3e-beb42ca7d0bc
Connection
keep-alive
Content-Length
71874
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:27 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"118c2-185d712ba98"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
font/woff
Scope
VISITOR
X-Vcap-Request-Id
597a8f56-8222-4ee8-5360-13b3f9d979fd
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Wed, 15 Feb 2023 07:58:12 GMT
Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Sid
b95074eb-9bd9-40b0-9a5e-4db6dabad22e
Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Nonce
6357792928978814
Date
Wed, 15 Feb 2023 01:58:12 GMT
Dclocation
SW1DMS
Uuid
0693ddda-2005-4ed3-b943-7de492e871ea
Connection
keep-alive
Content-Length
78762
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:27 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"133aa-185d712ba98"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
font/woff
Scope
VISITOR
X-Vcap-Request-Id
5b3b5dcf-4e96-446f-497b-4f29915052cb
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Wed, 15 Feb 2023 07:58:12 GMT
styles.f842a1a62f4695fa.css
www.citi.com/cbol-pre-login-static-assets/ 		2 MB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/styles.f842a1a62f4695fa.css
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
272b99f5c68909c8ed846ce0373af2029550b4ad705a600b9e1ef2ddc579bb12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:12 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
187811
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:24:54 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"21f3ba-185d7140e70"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
de8a1265-6650-44b0-5b42-6dfd12517614
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Wed, 15 Feb 2023 07:58:12 GMT
tmxobfwc-clientlib-v4.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/tmxobfwc-clientlib-v4.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bf6b0ddbb32544fe9613e37923dbdffeb99c4349ce7f5d6c4799fde2f862bd37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:13 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
956
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:26 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"972-185d712b6b0"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
513a999a-3c54-4e18-7f97-0916fe188958
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Wed, 15 Feb 2023 07:58:13 GMT
fp.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:13 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
4844
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:26 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"4de4-185d712b6b0"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
d288736b-931b-4acf-4a1a-4179231a4766
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Wed, 15 Feb 2023 07:58:13 GMT
runtime.5091531665a93ccb.js
www.citi.com/cbol-pre-login-static-assets/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/runtime.5091531665a93ccb.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4523ce4e000b35633c5977862de5fc4073046cdbdbbebb4d891884e4c1cfe017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:13 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
1762
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:27 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"d35-185d712ba98"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
X-Vcap-Request-Id
f5db24db-d266-4756-5e0c-21d958c8ab91
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Wed, 15 Feb 2023 07:58:13 GMT
polyfills.7cdb3502ca04e857.js
www.citi.com/cbol-pre-login-static-assets/ 		185 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/polyfills.7cdb3502ca04e857.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ec24afeaff06079a1e94b0108fac6ac290f36268b6681044ae9740f3f5a76784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:13 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
64989
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:25:09 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"2e53c-185d7144908"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
X-Vcap-Request-Id
f72215d5-843d-489b-5515-8fa9b552562d
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Wed, 15 Feb 2023 07:58:13 GMT
scripts.9ed76da88c8105f5.js
www.citi.com/cbol-pre-login-static-assets/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/scripts.9ed76da88c8105f5.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f4b65bbef8844864d57c3e0ab33e9c488b072aefe2815b238398e762bb8715dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:13 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
14677
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:23:27 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"ce33-185d712ba98"
Access-Control-Max-Age
2147483647
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
X-Vcap-Request-Id
8eea3ba6-1c49-45c1-6ca6-944a0e155f6e
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Wed, 15 Feb 2023 07:58:13 GMT
main.1ff63c9075a94108.js
www.citi.com/cbol-pre-login-static-assets/ 		3 MB
737 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/cbol-pre-login-static-assets/main.1ff63c9075a94108.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e604966e2f075297dcabc3a3449f565245104a315fc8c2227c9a17e518e6abd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://www.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 01:58:13 GMT
Dclocation
SW1DMS
Connection
keep-alive
Content-Length
753789
X-Xss-Protection
1 ; mode=block
Referrer-Policy
no-referrer
Last-Modified
Sun, 22 Jan 2023 01:24:53 GMT
Server
nginx
X-Akamai-CITISITE
SWDC
ETag
W/"34e9a2-185d7140a88"
Access-Control-Max-Age
2147483647
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,HEAD
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
X-Vcap-Request-Id
46cecbd1-4928-43ab-7956-581c9685f119
Access-Control-Expose-Headers
action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control
public, no-transform, max-age=21600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Accept-Ranges
bytes
Access-Control-Allow-Headers
action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires
Wed, 15 Feb 2023 07:58:13 GMT
65319_1825232221.js
p11.techlab-cdn.com/e/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65319_1825232221.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/00815f5bb6a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::5f65:1759 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e0916afbe5f8291168214915bcea9bc411678257222ea7c7ea0d075fc9eb8c4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 01:58:13 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 14:50:47 GMT
content-md5
8uL8P6st2u5Ul6/yMgHEBA==
etag
"0x8D8F2C209B74786"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
18645
expires
Wed, 15 Feb 2023 02:08:13 GMT
65257_1825232190.js
p11.techlab-cdn.com/e/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65257_1825232190.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/00815f5bb6a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::5f65:1759 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
72667f8da6f63197e092832b2028a562ecfd78a599848ed873d3bd24dd3a7725

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 01:58:13 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 11:07:05 GMT
content-md5
Dz6kDlqcMQZmScOUVuRDHA==
etag
"0x8D8F4351E4CC3B3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
5946
expires
Wed, 15 Feb 2023 02:08:13 GMT
64885_1825232283.js
p11.techlab-cdn.com/e/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/64885_1825232283.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/00815f5bb6a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::5f65:1759 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2281bceeaf3c81dc26731248960c8d210a0d461a02759c39b7a7b6c5ee1e06a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 01:58:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 20:14:20 GMT
content-md5
kYjINenfgD1AmqSEyGQZvA==
etag
"0x8D8C7B7200E6A28"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
1872
expires
Wed, 15 Feb 2023 02:08:13 GMT
65226_1825232221.js
p11.techlab-cdn.com/e/ 		69 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65226_1825232221.js
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/00815f5bb6a1555bf6f96086ea852669dd0011213c3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::5f65:1759 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f15d0efbde8255667f5a72b6d15514a07af8ed26fc0123dbecd7a57b8571f5f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 01:58:13 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 09:56:19 GMT
content-md5
SXxgqgysjhD+doh01gfTBg==
etag
"0x8D93563FBF1CA03"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
32564
expires
Wed, 15 Feb 2023 02:08:13 GMT
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ 		326 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMBZsVKGAQAAmPakyfiUa11u-aLo1_TU70A3AR418KAKHl78CWV7E0zbXjwD&X-soz9htCz--z=q
Requested by
Host: www.citi.com
URL: https://www.citi.com/public/00815f5bb6a1555bf6f96086ea852669dd0011213c3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.154.38 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c624507ba823ece819b8c62d229fa4fe62b1b0abadb8ecfb4534e5e7e17fe20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Wed, 15 Feb 2023 01:58:13 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Ion-Hop
Prod
Access-Control-Allow-Origin
https://citimobile.citibankonline.com
Cache-Control
public, max-age=3600, immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
snare.js
mpsnare.iesnare.com/ 		0
0
citilogo-skelheader.png
www.citi.com/CBOL/IA/Angular/assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mpsnare.iesnare.com
URL
https://mpsnare.iesnare.com/snare.js?_=1094677304049231
Domain
www.citi.com
URL
https://www.citi.com/CBOL/IA/Angular/assets/citilogo-skelheader.png

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange undefined| jQuery number| ___dm function| ___dto

7 Cookies

Domain/Path Name / Value
fm.info6.citi.com/ Name: BIGipServercnv_ats_ssl_pool
Value: 1061623818.47873.0000
l.info6.citi.com/ Name: ASP.NET_SessionId
Value: ad5cr2cmxyilprolusjx3h0y
l.info6.citi.com/ Name: BIGipServercnv_ats_ssl_pool
Value: 1095178250.47873.0000
.citi.com/ Name: xyz_cr_617_et_100
Value: cr=617&wegc=&et=100&ap=&we=7
.citi.com/ Name: AKMTLTSID
Value: BBC44A757B0839CA951AE64822389103
.citi.com/ Name: ak_bmsc
Value: C5CC0307D655C08033D3A93D3D63EBF5~000000000000000000000000000000~YAAQVVtgaKiG2VGGAQAARy7LUhJwyfKZ7yJPpFEuZ/7R1yV17VnmRQMWpPMGj9uDYO1ocZxJTQc0/FC+jvKoFPQ6VydX7CmZv/CKK9S7tSIeCdXld4SEvAmPjtnfWR26PTW2w7T9kJZ8LSs955N9fKSF9v/jYVskymK8fUmrxnN1yhjsxvghulAgAhtghW04oEAywm1J/kKidIPCgpGt360Om4vLtu+2BqL6xRitjIW4B83/vHDGiGjTWEC4vadb/V4CThc3bVpVMupnGZlOulEHisEpuLlFxsMMwvLgQBCyUt8fMIFNHMKvEeh5QTALQoORAAL5iP6ayqxTiTrtNuIOK2WTtl9N6vIoPd93p6FwFfSLxsoKxJF56bQLdg==
.citi.com/ Name: NMO5iv8Z
Value: A7cxy1KGAQAARqLJZxYLkuy3mMjvyOWaK_mvV6CRS5dBvEIA2TKRpmH_ZOWOAVQTr7iucuFZwH8AAEB3AAAAAA|1|0|c27c70ed053cca4434f806f52f01c89b4cb98100

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fm.info6.citi.com
l.info6.citi.com
mpsnare.iesnare.com
online.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
mpsnare.iesnare.com
www.citi.com
104.87.132.58
104.96.154.38
173.213.4.17
2a00:1450:400d:808::200a
2a02:26f0:11a::5f65:1759
63.148.46.76
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
2281bceeaf3c81dc26731248960c8d210a0d461a02759c39b7a7b6c5ee1e06a0
272b99f5c68909c8ed846ce0373af2029550b4ad705a600b9e1ef2ddc579bb12
4523ce4e000b35633c5977862de5fc4073046cdbdbbebb4d891884e4c1cfe017
4c624507ba823ece819b8c62d229fa4fe62b1b0abadb8ecfb4534e5e7e17fe20
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
682375341274ba1532a6b3a51902b2df4d0a7e2ee132961b6bf8d716a7aef0a7
72667f8da6f63197e092832b2028a562ecfd78a599848ed873d3bd24dd3a7725
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e667a2af15341b22e7b8864ed537085f68b2573c43c86d3a259f646da2460b
bf6b0ddbb32544fe9613e37923dbdffeb99c4349ce7f5d6c4799fde2f862bd37
c0ddb126f5e56526aeb58a7588b93a3d7424b1a31dad0e579c18fb0cd8ef7a3b
c590162d2ddae2a4028b391081a26e707670ff3c959e9d212135952d6177df64
d9bdc054301831bd590c618569f5e137668e89cf7c07985420600d5bd296c4f8
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
e0916afbe5f8291168214915bcea9bc411678257222ea7c7ea0d075fc9eb8c4b
e604966e2f075297dcabc3a3449f565245104a315fc8c2227c9a17e518e6abd5
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ec24afeaff06079a1e94b0108fac6ac290f36268b6681044ae9740f3f5a76784
f15d0efbde8255667f5a72b6d15514a07af8ed26fc0123dbecd7a57b8571f5f6
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f4b65bbef8844864d57c3e0ab33e9c488b072aefe2815b238398e762bb8715dc
f8709c02d335331e2befafef5fa16fb5b5a4272e1787c825619d7d37aca7fec5