notify-qa.citibot.net Open in urlscan Pro
13.32.99.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://notify-qa.citibot.net/
Submission: On June 13 via automatic, source certstream-suspicious (June 13th 2024, 1:09:19 am UTC) — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 13.32.99.99, located in United States and belongs to AMAZON-02, US. The main domain is notify-qa.citibot.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 12th 2024. Valid for: a year.

This is the only time notify-qa.citibot.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	13.32.99.99 13.32.99.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:feb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

12 13.32.99.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-99.fra60.r.cloudfront.net

notify-qa.citibot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:feb6 (United States)

ASN13335 (CLOUDFLARENET, US)

citibot.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	citibot.net notify-qa.citibot.net	928 KB
3	auth0.com citibot.auth0.com
2	gstatic.com fonts.gstatic.com	32 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
18	4

	Domain	Requested by
12	notify-qa.citibot.net	notify-qa.citibot.net
3	citibot.auth0.com	notify-qa.citibot.net
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	notify-qa.citibot.net
18	4

This site contains no links.

Subject Issuer	Validity	Valid
notify-qa.citibot.net Amazon RSA 2048 M03	`2024-06-12` - `2025-07-11`	a year	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
auth0.com E1	`2024-05-28` - `2024-08-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://notify-qa.citibot.net/
Frame ID: D58843930E19D5BE89E66675A6356ED8
Requests: 16 HTTP requests in this frame

Frame: https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=zHa0UzwVpq9cp2c_dJZLzZ4q0Jr~14hK&nonce=XRBIhxkKCToPhNktBxLKM8hekvtOqBG.&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: CD46887A32C72E4C8F1EEB30D1799AD0
Requests: 1 HTTP requests in this frame

Frame: https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=tMujAXJ0FKOHsx~9Aac~Q2Xi7QLHpPxI&nonce=05pOFbIgCAeOmkSD6j9FVAO7884h_LD9&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: 71FC2B9C1026E6C25E13B8FBB2314C12
Requests: 1 HTTP requests in this frame

Frame: https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=7eH~LmtL6vKDumqNUovw3TZyQkp-6_e6&nonce=GwUcvFDRDNOusvyllQXhj~NgyY7m_G~7&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: 9CC8107FAC9DEAE7865A6BCCE09443BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citibot Notify

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

961 kB
Transfer

963 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
notify-qa.citibot.net/ 877 B
1 KB 88ms
13ms Document
text/html 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f69c55f4050c0a1819ff2f959c5576f2c552a949c483baa679e5b459414490ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 7784
content-length: 877
content-type: text/html
date: Wed, 12 Jun 2024 22:59:31 GMT
etag: "88d0f7447403c8be6393e665b6bf39d3"
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-id: Tw5ObIkLqqdVwZA5NF_UO6FX0bcu48Y2BKJX03zCTnvZZB3z11WznA==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: VEFq3jwvL.wTskAFh_vHpClUUfL_wTe_
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700&display=swap

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 01:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 01:00:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 01:09:14 GMT

GET
H2 200 main.f8bcba37.js Show response
notify-qa.citibot.net/static/js/ 620 KB
621 KB 12ms
12ms Script
text/javascript 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e6a01038d4a05f4d66e2f51644b0093102ea41a4b3ff599dffd4d256c6ddb1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:08:44 GMT
x-amz-version-id: .WASbp2AonRhAiLSag27HQo.sNCFR3ao
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
age: 30
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 634913
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "769d29f42c9e3f2e93f2973460c524d4"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: P_UqT0InFmM5RKxd0W2c9lo2rHPACrEDeITX3r8FMshAj6sUJ3y3Ww==

GET
H2 200 main.15f566fd.css
notify-qa.citibot.net/static/css/ 3 KB
3 KB 455ms
455ms Stylesheet
text/css 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/static/css/main.15f566fd.css

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

088be8be21a72139e92cb28a475dac2a77fc97002048b7b65d7c5f537a0f5c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: Un1uPOxbQNcwtTbIk8fd3_xfklV55CR7
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2837
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "9665a24024eb37abf309a381a2b6b63d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: y34YgJUc8X-7rsnCDquO3Q12SuSxvrCQFvBuC7-8noqnt3kFML5EIw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 199ms
7ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://notify-qa.citibot.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:13:57 GMT
x-content-type-options: nosniff
age: 136517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:13:57 GMT

GET
H2 200 config.json Show response
notify-qa.citibot.net/ 522 B
1 KB 10ms
10ms Fetch
application/json 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/config.json

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e1dde0f0fe55fc5fab3ff5bc002d217932d4515f7924b413c85a58dd94f80426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:59:31 GMT
x-amz-version-id: VoMO9_22kUqmc2R06uSD_xSH7P1344qB
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
age: 7784
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 522
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "e6052694ba951a0c53cf294839ade21f"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: dqtlAnO6hIsGRjqalRgUpYyCZ5VJWoAPJAqB50HLxKc4UuRhuX6SXw==

GET
H2 200 623.57f16b99.chunk.js Show response
notify-qa.citibot.net/static/js/ 25 KB
25 KB 442ms
441ms Script
text/javascript 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/static/js/623.57f16b99.chunk.js

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

93aac5dc26e7432e221038edb18599928d3055c03785d2ebb4b8950c51258cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: EAUTjbMXUMArW6wawF0owYqQOU4S60gy
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 25114
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "e726cb847b14fe8a334277109844061a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: twP7K4-j6ofOLER-HiwC1HQRRRJ-IHzE7JkZ4U-3Yjxh-eyRsB2N9g==

GET
H2 200 703.8c7c3958.chunk.js Show response
notify-qa.citibot.net/static/js/ 104 KB
105 KB 480ms
480ms Script
text/javascript 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/static/js/703.8c7c3958.chunk.js

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1ce3730e18e569feccc29547a100eddb169aa67a70d4e945760fbf9381adde7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: Zt3xSmU7.kBtrPBwwsPmDvbJYVQNDQ9z
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 106343
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "ec81c4ddae0443530dbf7148188db7e4"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: AELTGR-RuALzipTV12D68deB2l6iXgp2COIS8KjAFnGIOccSeE6Y6w==

GET
H2 200 438.12e6e1a4.chunk.js Show response
notify-qa.citibot.net/static/js/ 68 KB
69 KB 447ms
446ms Script
text/javascript 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/static/js/438.12e6e1a4.chunk.js

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ab92dcc3798dc8bf0d4642436c37bffb32872f6b1b304953f211d2d3b0718d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: 6AIp76vKQShhVd8LAgiMMKqME9e3Gc7Q
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 70046
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "d73f2bf05d575a66e683575386db0db2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 9BSHGjCe-OQZ6hdGcKBRvZZHYzFcBwgZLIH2I_S8QyvWh-bjS6LLiw==

GET
H2 200 161.24b03377.chunk.js Show response
notify-qa.citibot.net/static/js/ 50 KB
51 KB 439ms
438ms Script
text/javascript 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/static/js/161.24b03377.chunk.js

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8aa570ba19cdba359137f3877f8c5559fdcd5c9ce842fe9c31b54c8d5c0bb1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: ZTszQ4pyp.MB.CsHk8gm3Q89QGbRPNoE
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 51125
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "45d0403b360ff271b60654f6cfbbbc50"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: ZWC-h24tpMIQjNWEI9MTBZ6em7pD4uQvG86bTtLcJsONUSXLCCdFag==

GET
H2 200 702.0c0a01cc.chunk.js Show response
notify-qa.citibot.net/static/js/ 4 KB
5 KB 441ms
441ms Script
text/javascript 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/static/js/702.0c0a01cc.chunk.js

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

75863f2d41bef18a607c693498c4a5ad9ce7bcbe74f94f6553c3490d401963f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: mFuooH2J3c_fuo3AtwQIihm0Qsz7FGPq
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4524
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "2876b8c024431f57bf92db2295928792"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: KBFlUUb155xIC8fM6kUXmBCp21XpLkZogf_PyxBH9c-uoXgE5jQb_w==

GET
H2 200 citibot-icon.png
notify-qa.citibot.net/ 679 B
1 KB 435ms
435ms Other
image/png 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/citibot-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

100d947743fa80ea383afafcd13a735d10ed3afd0ae6c7accddfcb35a934a9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: FJnuLlJth.wkaNyRvwmt6RJqvryOfej1
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 679
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "ecde5d6f396721423a03f9875b96b919"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: _Hm9EZhMatu3kBYlZo0L2bVPdnXckd8Vj0N_wSB7R3qVbj6AW0tWrg==

GET
H2 200 citibot-icon.png
notify-qa.citibot.net/ 679 B
0 249ms
249ms Other
image/png 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notify-qa.citibot.net/citibot-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

100d947743fa80ea383afafcd13a735d10ed3afd0ae6c7accddfcb35a934a9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:15 GMT
x-amz-version-id: FJnuLlJth.wkaNyRvwmt6RJqvryOfej1
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 679
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "ecde5d6f396721423a03f9875b96b919"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: _Hm9EZhMatu3kBYlZo0L2bVPdnXckd8Vj0N_wSB7R3qVbj6AW0tWrg==

GET
H2 200 authorize
citibot.auth0.com/ Frame CD46 0
0 279ms
252ms Document
text/html 2606:4700::6811:feb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=zHa0UzwVpq9cp2c_dJZLzZ4q0Jr~14hK&nonce=XRBIhxkKCToPhNktBxLKM8hekvtOqBG.&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:feb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://notify-qa.citibot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 892e31b27d2f040c-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 13 Jun 2024 01:09:15 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: b62120bf67da1b78670f
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 97
x-ratelimit-reset: 1718240956

GET
H2 200 authorize
citibot.auth0.com/ Frame 71FC 0
0 272ms
246ms Document
text/html 2606:4700::6811:feb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=tMujAXJ0FKOHsx~9Aac~Q2Xi7QLHpPxI&nonce=05pOFbIgCAeOmkSD6j9FVAO7884h_LD9&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:feb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://notify-qa.citibot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 892e31b27d31040c-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 13 Jun 2024 01:09:15 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: 6c5506ee229ee84897df
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 98
x-ratelimit-reset: 1718240956

GET
H2 200 authorize
citibot.auth0.com/ Frame 9CC8 0
0 271ms
249ms Document
text/html 2606:4700::6811:feb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=7eH~LmtL6vKDumqNUovw3TZyQkp-6_e6&nonce=GwUcvFDRDNOusvyllQXhj~NgyY7m_G~7&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D

Requested by

Host: notify-qa.citibot.net
URL: https://notify-qa.citibot.net/static/js/main.f8bcba37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:feb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://notify-qa.citibot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 892e31b27d33040c-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 13 Jun 2024 01:09:15 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: 75f881c844a62e4f3837
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1718240956

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc8f5f6c0bc1dc61e1a2221abb8b788b50ce54921dfb50aa3dadf9774a76dd92

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hero.9265588ba28accfab908.png
notify-qa.citibot.net/static/media/ 45 KB
46 KB 474ms
474ms Image
image/png 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://notify-qa.citibot.net/static/media/hero.9265588ba28accfab908.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-99.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e36a79007a9d7be92d2f393827efdcafbc323f2be6f337e5dc98494a86d8cbef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://notify-qa.citibot.net/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:09:16 GMT
x-amz-version-id: Zo2Ii27x3snjAxu8EY_9ARlWmdzeC2X6
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 46112
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Jun 2024 17:42:42 GMT
server: AmazonS3
etag: "e5e83bd3d3d0c3c5846d159c4369fc60"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 3WaANqg-rbhOxevZWtJg4HCsUcYwgIkRxKRHnxSkSY4TSzYJzlgQDw==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://notify-qa.citibot.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:54:18 GMT
x-content-type-options: nosniff
age: 8097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 22:54:18 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackChunk_citibot_notify

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			citibot.auth0.com/	1970-01-21 06:03:18	Name: did Value: s%3Av0%3A52bd732f-d79e-4dcf-9935-ad7c5aa0b8fb.WY51GpnlBoL7eg%2FbJYHYlX2UwbZkwdfMf02u1OBuWDw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citibot.auth0.com
fonts.googleapis.com
fonts.gstatic.com
notify-qa.citibot.net
13.32.99.99
2606:4700::6811:feb6
2a00:1450:4001:81d::2003
2a00:1450:4001:827::200a
088be8be21a72139e92cb28a475dac2a77fc97002048b7b65d7c5f537a0f5c93
100d947743fa80ea383afafcd13a735d10ed3afd0ae6c7accddfcb35a934a9e7
1ce3730e18e569feccc29547a100eddb169aa67a70d4e945760fbf9381adde7c
75863f2d41bef18a607c693498c4a5ad9ce7bcbe74f94f6553c3490d401963f0
8aa570ba19cdba359137f3877f8c5559fdcd5c9ce842fe9c31b54c8d5c0bb1e3
93aac5dc26e7432e221038edb18599928d3055c03785d2ebb4b8950c51258cf9
ab92dcc3798dc8bf0d4642436c37bffb32872f6b1b304953f211d2d3b0718d22
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
dc8f5f6c0bc1dc61e1a2221abb8b788b50ce54921dfb50aa3dadf9774a76dd92
e1dde0f0fe55fc5fab3ff5bc002d217932d4515f7924b413c85a58dd94f80426
e36a79007a9d7be92d2f393827efdcafbc323f2be6f337e5dc98494a86d8cbef
e6a01038d4a05f4d66e2f51644b0093102ea41a4b3ff599dffd4d256c6ddb1c7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69c55f4050c0a1819ff2f959c5576f2c552a949c483baa679e5b459414490ac

notify-qa.citibot.net Open in urlscan Pro 13.32.99.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

961 kBTransfer

963 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

notify-qa.citibot.net Open in urlscan Pro
13.32.99.99 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

961 kB
Transfer

963 kB
Size

1
Cookies

18 HTTP transactions
1 data transactions