www.citi.com Open in urlscan Pro
23.212.222.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayU...
Effective URL:
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAcc...
Submission: On November 14 via api (November 14th 2023, 4:17:16 pm UTC) from ES — Scanned from ES

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 23.212.222.130, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.citi.com. The Cisco Umbrella rank of the primary domain is 28035.
TLS certificate: Issued by DigiCert EV RSA CA G2 on November 7th 2023. Valid for: a year.

This is the only time www.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	173.213.4.17 173.213.4.17	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	63.148.46.76 63.148.46.76	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1 1	184.31.87.130 184.31.87.130	16625 (AKAMAI-AS) (AKAMAI-AS)
19	23.212.222.130 23.212.222.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:ab0... 2a02:26f0:ab00::214:8f4b	() ()
31	6

2 173.213.4.17 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)

fm.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.148.46.76 (Spicer, United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com

sts.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.87.130 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-87-130.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.212.222.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-222-130.deploy.static.akamaitechnologies.com

www.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:ab00::214:8f4b (None, )

ASN- ()

p11.techlab-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	citi.com 1 redirects fm.info6.citi.com — Cisco Umbrella Rank: 379104 l.info6.citi.com — Cisco Umbrella Rank: 115576 online.citi.com — Cisco Umbrella Rank: 22777 www.citi.com — Cisco Umbrella Rank: 28035	2 MB
4	techlab-cdn.com p11.techlab-cdn.com	59 KB
3	eccmp.com sts.eccmp.com — Cisco Umbrella Rank: 22593	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364	83 KB
31	4

	Domain	Requested by
19	www.citi.com	fm.info6.citi.com www.citi.com
4	p11.techlab-cdn.com	www.citi.com
3	sts.eccmp.com	fm.info6.citi.com sts.eccmp.com
1	online.citi.com	1 redirects
1	l.info6.citi.com	fm.info6.citi.com
1	ajax.googleapis.com	fm.info6.citi.com
1	fm.info6.citi.com
31	7

This site contains no links.

Subject Issuer	Validity	Valid
info6.citi.com DigiCert EV RSA CA G2	`2022-12-01` - `2024-01-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-24` - `2024-06-09`	a year	crt.sh
www.citi.com DigiCert EV RSA CA G2	`2023-11-07` - `2024-12-05`	a year	crt.sh
p11.techlab-cdn.com R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Frame ID: D84A35E9E95901DB17156B9F56B0F820
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO... Page URL
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA... HTTP 301
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING... Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

94 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1796 kB
Transfer

7571 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_ACCOUNT&transId=20231113010023695 Page URL
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount HTTP 301
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK url.aspx Show response
fm.info6.citi.com/ats/ 16 KB
5 KB 1088ms
413ms Document
text/html 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_ACCOUNT&transId=20231113010023695
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: 2a38d802083e1a9b4cba5cb118ec6afe847564116d48862bec63454e96d51ff5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4910
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Nov 2023 16:17:09 GMT
Expires: 0
Pragma: no-cache
SERVER
Vary: Accept-Encoding
X-Powered-By

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
83 KB 193ms
60ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_ACCOUNT&transId=20231113010023695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 14:19:05 GMT
x-content-type-options: nosniff
age: 7084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84320
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 14:19:05 GMT

GET
H/1.1 200
OK open.aspx
l.info6.citi.com/rts/ 43 B
432 B 660ms
133ms Image
image/gif 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.info6.citi.com/rts/open.aspx?tp=i-16IJ-9x-Ev-9VOfm3-1z-26xvd-1c-U5-G-l9fv21hL0H-SAY75
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_ACCOUNT&transId=20231113010023695
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 16:17:09 GMT
Server
X-Powered-By
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, max-age=0
Expires: 0

GET
H/1.1 200
OK conversen-SDK.js Show response
sts.eccmp.com/sts/scripts/ 15 KB
7 KB 527ms
132ms Script
application/javascript 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_ACCOUNT&transId=20231113010023695
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Spicer, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:17:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Oct 2023 19:33:02 GMT
Server
Age: 838
ETag: "02b90bce75da1:0"
X-Powered-By
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7051

GET
H/1.1 200
OK 617 Show response
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 35 B
426 B 522ms
133ms XHR
text/xml 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/617
Requested by: Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Spicer, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:17:10 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 35

GET
H/1.1 200
OK image.gif
sts.eccmp.com/wts/WebEvent/ 807 B
1 KB 141ms
141ms Image
image/gif 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sts.eccmp.com/wts/WebEvent/image.gif?isSplit=false&guid=456cba7a-7ae1-e81d-7f51-29fe2054986d&segmentNumber=1&pm[linkName]=CN_ACCOUNT&pm[transId]=20231113010023695&rp[cr]=617&rp[wegc]=&rp[et]=100&rp[ap]=&rp[we]=10
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=25&we=10&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_ACCOUNT&transId=20231113010023695
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Spicer, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:17:10 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: private
Content-Length: 807

GET
H/1.1

200
OK

Primary Request login Show response
www.citi.com/
Redirect Chain

https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

213 KB
43 KB

297ms
112ms

Document
text/html

23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b8c80a670b912a8deefad1cc960bf86cc8cd0d2b21f2410e71199432045e8c26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://fm.info6.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Max-Age: 2147483647
Cache-Control: no-cache, no-store
Connection: keep-alive Transfer-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
ETag: W/"35126-DGPKMax+wU2OPOrNU7T53tXEhtM"
Expires: Tue, 14 Nov 2023 16:17:12 GMT
Nonce: 3111567965103034
Pragma: no-cache
Referrer-Policy: no-referrer
Scope: VISITOR
Server: nginx
Sid: 1d06f863-5439-4ad8-a77c-4160fab6ab10
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Uuid: 6da2482b-bca8-4119-ba8b-8aec5029f9d2
Vary: Accept-Encoding
X-Akamai-CITISITE: GTDC
X-Akamai-Transformed: 9 42469 0 pmb=mTOE,1
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: 3655cc00-c83c-4818-6dbb-7e4c8c2e2e06
X-Xss-Protection: 1 ; mode=block
x-robots-tag: noindex, nofollow

Redirect headers

content-length: 0
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
date: Tue, 14 Nov 2023 16:17:11 GMT
location: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
server: AkamaiGHost
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-robots-tag: noindex, nofollow
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK d086807606a1555bf6f96086ea852669dd0011213c3f Show response
www.citi.com/public/ 157 KB
56 KB 628ms
510ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/public/d086807606a1555bf6f96086ea852669dd0011213c3f
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: de30ce055c48c5670e01861f4525298275f6abe9cefe4a05f169bcf8d33ddff0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:17:12 GMT
Content-Encoding: gzip
Content-MD5: GbwImYBOBMTnX/aJhgaO3w==
Connection: keep-alive
Content-Length: 56220
Last-Modified: Thu, 28 Sep 2023 19:53:45 GMT
ETag: 0x8DBC05C9FCF492B
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Tue, 14 Nov 2023 16:27:12 GMT

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 1 KB
1 KB 1391ms
1272ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d01707f80b5e41392139606b15177fc70407c9e2bc5e2799b99cd2bd8de08812

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 16:17:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: Prod
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 737
Expires: 0

GET
H/1.1 200
OK tagging.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 44 KB
11 KB 295ms
174ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/tagging.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

85a286bded9867e26f27bd9d3ca7c48bd3a7f36f943b895f4b314eb578b0d55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 10600
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"b1a8-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 38e26112-327f-41c5-610f-af84a7fa1e97
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Tue, 14 Nov 2023 22:17:12 GMT

GET
H/1.1 200
OK banner.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 14 KB
5 KB 205ms
83ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7488dc7d3069df17fcfd2e2bca49acb9a71de8ded2c0a9bb35a9c4d3e42cb5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 4515
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"3889-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 0092e03b-5618-409d-784f-024e9d0855d7
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Tue, 14 Nov 2023 22:17:12 GMT

GET
H/1.1 200
OK Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 74 KB
75 KB 221ms
98ms Font
font/woff 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Sid: 2aa4a2da-eb55-4979-b35b-87bc5489d253
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 3092935140957361
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Uuid: 5da2a06c-a6dd-41fd-a5ea-702da8409baa
Connection: keep-alive
Content-Length: 75538
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"12712-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: dd04c278-ed3e-431c-4017-1f099c2eb54c
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Tue, 14 Nov 2023 22:17:12 GMT

GET
H/1.1 200
OK Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 70 KB
71 KB 355ms
146ms Font
font/woff 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Sid: 739007f5-7ceb-45a1-a195-5d2116949d23
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 1793949589225713
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Uuid: 7527e94a-3585-40f9-86b1-dd8626c73d34
Connection: keep-alive
Content-Length: 71874
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"118c2-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: 1337d48e-781c-4a6b-59d1-a87461cdd3b3
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Tue, 14 Nov 2023 22:17:12 GMT

GET
H/1.1 200
OK Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 77 KB
78 KB 514ms
175ms Font
font/woff 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Sid: 542a965d-5442-422e-bfdb-f933ef304cbe
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 2988880191427968
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Uuid: 2661954f-816b-4acd-a27b-cd156bc6cca7
Connection: keep-alive
Content-Length: 78762
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"133aa-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: 1c3bec42-c107-493c-656e-2afd904c6d02
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Tue, 14 Nov 2023 22:17:12 GMT

GET
H/1.1 200
OK styles.ca7d1c12fdaf8552.css
www.citi.com/cbol-pre-login-static-assets/ 2 MB
191 KB 170ms
106ms Stylesheet
text/css 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/styles.ca7d1c12fdaf8552.css

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

095535eb9b22a8e72b3b6c50a557ac3d6ed67c7ff0ff3e646b214b46b21a59d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 194607
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:19:06 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"2367de-18b9deb9d10"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 3db031c7-7b84-40d1-6bf8-5443a746a3bd
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 08 Dec 2023 15:08:18 GMT

GET
H/1.1 200
OK tmxobfwc-clientlib-v4.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 2 KB
2 KB 501ms
126ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/tmxobfwc-clientlib-v4.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bf6b0ddbb32544fe9613e37923dbdffeb99c4349ce7f5d6c4799fde2f862bd37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 956
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"972-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 54bbf058-f368-48e9-481a-8b62eca9d980
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Tue, 14 Nov 2023 22:17:12 GMT

GET
H/1.1 200
OK fp.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 19 KB
6 KB 83ms
78ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:13 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 4844
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"4de4-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: e7d5a919-14e5-4731-65a9-1fea09156861
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Tue, 14 Nov 2023 22:17:13 GMT

GET
H/1.1 200
OK runtime.ac5dfd0d026c2737.js Show response
www.citi.com/cbol-pre-login-static-assets/ 3 KB
3 KB 426ms
78ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/runtime.ac5dfd0d026c2737.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

825546d1f93842a0a74ce5533d43a2d0f4826734833adcabef2acb099df02809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 1757
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"d22-18b9dea2610"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 1c113632-fb4c-459a-4404-ff82cb5c4c80
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 18:08:48 GMT

GET
H/1.1 200
OK polyfills.adb80ee790195eb1.js Show response
www.citi.com/cbol-pre-login-static-assets/ 48 KB
17 KB 654ms
266ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/polyfills.adb80ee790195eb1.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 16650
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"be3d-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: 8af344ef-bc8a-4374-44f9-130bdac0ecce
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Sun, 10 Dec 2023 17:29:14 GMT

GET
H/1.1 200
OK scripts.cc636ec5cfe3cbe4.js Show response
www.citi.com/cbol-pre-login-static-assets/ 51 KB
15 KB 120ms
119ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/scripts.cc636ec5cfe3cbe4.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f78ea2382be0bfe8c2909ded2f1c9ad7b60a2e797982ef57544431fd0fe0c383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:13 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 14683
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"cd7e-18b9dea2610"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: e99c9da1-8447-44dc-4ec8-a9905b53cb7e
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Wed, 06 Dec 2023 18:33:43 GMT

GET
H/1.1 200
OK main.cb78aa264f241ccb.js Show response
www.citi.com/cbol-pre-login-static-assets/ 4 MB
803 KB 542ms
113ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/main.cb78aa264f241ccb.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

095e3f79d57e64a4c87659b5b7d864df05b07ccdba432a32081d8c20e5d87564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 14 Nov 2023 16:17:12 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 821165
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:19:06 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"3a8875-18b9deb9d10"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: d4e61a4d-6f2e-45a1-6b1e-e49529cbed06
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Sun, 10 Dec 2023 17:52:03 GMT

GET
H/1.1 200
OK LXU-NDIB Show response
www.citi.com/jh4XfMoKz/Idpv6/clPA/OJai6bkpmL/J00FPXoLAw/THZf/ 214 KB
81 KB 658ms
221ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/jh4XfMoKz/Idpv6/clPA/OJai6bkpmL/J00FPXoLAw/THZf/LXU-NDIB
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5516c738033ef1e7d0e3062c67d58fad3f44fc33083f9a5189c4c7832535fce7

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:17:13 GMT
Content-Encoding: br
Last-Modified: Wed, 02 Aug 2023 16:14:35 GMT
ETag: "3dd9706bc878d2fa9f052a144bb312c0c70d7e9f11e8c527926ae3f932d6c897"
Stored-Attribute-Sha-Checksum: 5516c738033ef1e7d0e3062c67d58fad3f44fc33083f9a5189c4c7832535fce7
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=21600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 81452

GET
H2 200 65319_1825202461.js Show response
p11.techlab-cdn.com/e/ 54 KB
18 KB 418ms
150ms Fetch
application/javascript 2a02:26f0:ab00::214:8f4b

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65319_1825202461.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/d086807606a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8f4b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:17:13 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 14:24:26 GMT
content-md5: TBz6CQ/Qf16sF8+q5U3Ixg==
etag: "0x8DA7C6E5C88AF92"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
content-length: 18223
expires: Tue, 14 Nov 2023 16:27:13 GMT

GET
H2 200 65257_1825232097.js Show response
p11.techlab-cdn.com/e/ 14 KB
6 KB 387ms
120ms Fetch
application/javascript 2a02:26f0:ab00::214:8f4b

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/d086807606a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8f4b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:17:13 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 12:38:55 GMT
content-md5: 7rdGFe+/Y2zHt4sXxqkzxw==
etag: 0x8DAD39902829531
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 6061
expires: Tue, 14 Nov 2023 16:27:13 GMT

GET
H2 200 64885_1825202523.js Show response
p11.techlab-cdn.com/e/ 3 KB
2 KB 385ms
117ms Fetch
application/javascript 2a02:26f0:ab00::214:8f4b

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/d086807606a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8f4b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:17:13 GMT
content-encoding: gzip
last-modified: Sun, 24 Apr 2022 12:00:07 GMT
content-md5: DnvBZTKTbXGPNtxH2P6zMg==
etag: "0x8DA25E9F9A41165"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1470
expires: Tue, 14 Nov 2023 16:27:13 GMT

GET
H2 200 65226_1825232128.js Show response
p11.techlab-cdn.com/e/ 70 KB
33 KB 318ms
51ms Fetch
application/javascript 2a02:26f0:ab00::214:8f4b

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65226_1825232128.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/d086807606a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8f4b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:17:13 GMT
content-encoding: gzip
last-modified: Thu, 06 Jul 2023 07:07:50 GMT
content-md5: sYBscgCVtSaJQGvZdsVDxw==
etag: 0x8DB7DEFB5BB50C7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 32997
expires: Tue, 14 Nov 2023 16:27:13 GMT

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 315 KB
180 KB 320ms
319ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AACcj86LAQAAPD_dGEiJ1r4yD1UVZzDOHUfK5LivJdn4PzKwvFVx6qmp7JhQ&X-soz9htCz--z=q
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/d086807606a1555bf6f96086ea852669dd0011213c3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c5bb335ecad08bcb09883f70c35858e303c10df9913b45574a499a1d187f68c

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 16:17:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: Prod
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: public, max-age=3600, immutable
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding

POST
H/1.1 201
Created LXU-NDIB
www.citi.com/jh4XfMoKz/Idpv6/clPA/OJai6bkpmL/J00FPXoLAw/THZf/ 18 B
1006 B 277ms
275ms XHR
application/json 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/jh4XfMoKz/Idpv6/clPA/OJai6bkpmL/J00FPXoLAw/THZf/LXU-NDIB
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/d086807606a1555bf6f96086ea852669dd0011213c3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 14 Nov 2023 16:17:15 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.citi.com, https://citimobile.citibankonline.com
Access-Control-Allow-Credentials: true, true
x_req_id: 332733d4-3c0c-4d4b-9984-382126eafc1a
Connection: close
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK citiredesign.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
2 KB 78ms
78ms Image
image/svg+xml 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/citiredesign.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Date: Tue, 14 Nov 2023 16:17:14 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 859
Last-Modified: Wed, 26 Jul 2023 19:23:26 GMT
X-Akamai-CITISITE: GTDC
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET brandingMap.json
www.citi.com/CBOL/IA/Angular/Branding/preLoginBranding/ 0
0

GET 988.78c77c2ef4e0c3b9.js
www.citi.com/cbol-pre-login-static-assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.citi.com
URL: https://www.citi.com/CBOL/IA/Angular/Branding/preLoginBranding/brandingMap.json

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/988.78c77c2ef4e0c3b9.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fm.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1162287114.47873.0000
l.info6.citi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4g2gvubvs2wtbh3ohxxklrkt
l.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1128732682.47873.0000
.citi.com/	1970-01-20 16:23:03	Name: xyz_cr_617_et_100 Value: cr=617&wegc=&et=100&ap=&we=10
.citi.com/	1969-12-31 23:59:59	Name: AKMTLTSID Value: A0552330B7DA89BB39194E82653F2354
.citi.com/	1970-01-20 16:13:13	Name: bm_sz Value: B321910489C546D1C6E100F4495B5677~YAAQr+IlF5VoWLuLAQAA81qfzhVHVt0BcUBXF2+YDySMog7/szJXi5Bt79DNpVn+W9ZZqYSSABJ0Vy+eS5Css2eHAhEWEtxp8wI7r3TtmiQ40dIzwyhANR3QWQfYj0nw+UQXaZADcgpye7UfMvInJUqIWb4phjhkemVedqICWBRBqQcw1+DLtZP6WRFyxu3tGawzyn0CH86XyZfQPrYCfY9c+KJdUSqzca5gT4CVACJ4nZBaGmVOoHZRqpwZl3F+83MVisNrQn/5Km3dpnJTh4d2D+SHFgYZ8hgj3IG7I55f~3552066~3683380
.citi.com/	1970-01-21 00:58:34	Name: _abck Value: 1708C00FC26A89692AFAE2E7FA4BA417~-1~YAAQvuIlFxnJcsuLAQAAMl+fzgphZxP0XL7XVMr6+J5CosMdBpM9CEF4DhAUJ1prh7dw8Enw0o3VOk9W8zlOdetZVh5foQv+Gbi05nvE/fsjQY5jfiSB6duYvAEpP1o1+sDhOOqGz3AJ14bqJ/hCpnV4kIAPiESdpN7DLGqApPlBlwnkyAfyg+0ilFWj6BZv5a4Xytk5/Fn6gCD6CxYl+qr4ChLo9nj14cOU8su8/wILSLdETD8SmQZcQzVzdkMz3lQ5XvMPUUtG8cGsFH0J2KsWa3CRJF2IntqD3AALUHA4IIDf3qK1VKi6Bxhq9JsM+/s+funaoOSUU3d0X5QJaR4PfUE29EL7qWldVSKMX7OW+qEcvkNo+4cvouuXR9+NAKYVWNEVnoA=~-1~-1~-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fm.info6.citi.com
l.info6.citi.com
online.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
www.citi.com
173.213.4.17
184.31.87.130
23.212.222.130
2a00:1450:4001:803::200a
2a02:26f0:ab00::214:8f4b
63.148.46.76
02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
095535eb9b22a8e72b3b6c50a557ac3d6ed67c7ff0ff3e646b214b46b21a59d4
095e3f79d57e64a4c87659b5b7d864df05b07ccdba432a32081d8c20e5d87564
2a38d802083e1a9b4cba5cb118ec6afe847564116d48862bec63454e96d51ff5
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
4c5bb335ecad08bcb09883f70c35858e303c10df9913b45574a499a1d187f68c
5516c738033ef1e7d0e3062c67d58fad3f44fc33083f9a5189c4c7832535fce7
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3
7488dc7d3069df17fcfd2e2bca49acb9a71de8ded2c0a9bb35a9c4d3e42cb5d0
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
825546d1f93842a0a74ce5533d43a2d0f4826734833adcabef2acb099df02809
85a286bded9867e26f27bd9d3ca7c48bd3a7f36f943b895f4b314eb578b0d55a
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8c80a670b912a8deefad1cc960bf86cc8cd0d2b21f2410e71199432045e8c26
bf6b0ddbb32544fe9613e37923dbdffeb99c4349ce7f5d6c4799fde2f862bd37
bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411
d01707f80b5e41392139606b15177fc70407c9e2bc5e2799b99cd2bd8de08812
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
de30ce055c48c5670e01861f4525298275f6abe9cefe4a05f169bcf8d33ddff0
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f78ea2382be0bfe8c2909ded2f1c9ad7b60a2e797982ef57544431fd0fe0c383

www.citi.com Open in urlscan Pro 23.212.222.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

94 %HTTPS

33 %IPv6

4 Domains

7 Subdomains

6 IPs

2 Countries

1796 kBTransfer

7571 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.citi.com Open in urlscan Pro
23.212.222.130 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

94 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1796 kB
Transfer

7571 kB
Size

7
Cookies

31 HTTP transactions
0 data transactions