andrejhauptman.info Open in urlscan Pro
185.222.203.10 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://andrejhauptman.info/online.citi.com/
Submission: On April 16 via api (April 16th 2019, 5:38:08 am UTC) from CA

Summary HTTP 78 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 7 domains to perform 78 HTTP transactions. The main IP is 185.222.203.10, located in and belongs to UVL2-ASN, UA. The main domain is andrejhauptman.info.

This is the only time andrejhauptman.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	185.222.203.10 185.222.203.10	204725 (UVL2-ASN) (UVL2-ASN)
53	104.111.235.119 104.111.235.119	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	23.21.84.39 23.21.84.39	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	23.21.107.93 23.21.107.93	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.109.87.116 104.109.87.116	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	66.117.29.4 66.117.29.4	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
2	52.129.74.11 52.129.74.11	395492 (IOVATION3) (IOVATION3 - iovation)
1 4	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.82.228.19 172.82.228.19	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
2	216.250.63.5 216.250.63.5	22758 (SAPIENT-DCO) (SAPIENT-DCO - Sapient Corporation)
1	2a03:2880:f0f... 2a03:2880:f0ff:2:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
78	14

2 185.222.203.10 (None, )

ASN204725 (UVL2-ASN, UA)

andrejhauptman.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 104.111.235.119 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-235-119.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.21.84.39 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-21-84-39.compute-1.amazonaws.com

steps.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.21.107.93 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-21-107-93.compute-1.amazonaws.com

paper.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.87.116 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-87-116.deploy.static.akamaitechnologies.com

cdn.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.29.4 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

citicorpcreditservic.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.129.74.11 (Portland, United States)

ASN395492 (IOVATION3 - iovation, Inc., US)
PTR: mpsnare.iesnare.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.82.228.19 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net

metrics.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.250.63.5 (Miami, United States)

ASN22758 (SAPIENT-DCO - Sapient Corporation, US)
PTR: citi.bridgetrack.com

citi.bridgetrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f0ff:2:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

view.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	citi.com 1 redirects online.citi.com steps.citi.com paper.citi.com metrics.citi.com	837 KB
7	google.com 1 redirects www.google.com cse.google.com clients1.google.com	154 KB
3	omtrdc.net cdn.tt.omtrdc.net citicorpcreditservic.tt.omtrdc.net	16 KB
2	bridgetrack.com citi.bridgetrack.com	2 KB
2	iesnare.com mpsnare.iesnare.com	14 KB
2	andrejhauptman.info andrejhauptman.info	88 KB
1	atdmt.com view.atdmt.com	386 B
78	7

	Domain	Requested by
53	online.citi.com	andrejhauptman.info online.citi.com
4	www.google.com	1 redirects cse.google.com
4	steps.citi.com	online.citi.com andrejhauptman.info
3	paper.citi.com	andrejhauptman.info paper.citi.com
2	citi.bridgetrack.com	online.citi.com
2	metrics.citi.com	1 redirects andrejhauptman.info
2	cse.google.com	andrejhauptman.info www.google.com
2	mpsnare.iesnare.com	online.citi.com mpsnare.iesnare.com
2	citicorpcreditservic.tt.omtrdc.net	online.citi.com
2	andrejhauptman.info	online.citi.com
1	clients1.google.com
1	view.atdmt.com	online.citi.com
1	cdn.tt.omtrdc.net	online.citi.com
78	13

This site contains links to these domains. Also see Links.

Domain
online.citi.com
www.citi.com
creditcards.citicards.com
www.citiprivatepass.com
www.citigroup.com
citieasydeals.com
www.privatebank.citibank.com

Subject Issuer	Validity	Valid
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2018-03-14` - `2020-05-14`	2 years	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2018-01-08` - `2019-05-28`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2019-02-26` - `2019-05-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://andrejhauptman.info/online.citi.com/
Frame ID: 44BC8634D0E74A2A53DACBB87842B53E
Requests: 76 HTTP requests in this frame

Frame: http://paper.citi.com/127893/CWrT.html?si=1&e=http%3A%2F%2Fandrejhauptman.info&LSESSIONID=jLd1p6Ic5oUjdSyLLhgv0DgMovuSpHrZXEuxEXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&icid=155539307313813030
Frame ID: 7461448F9424C365AB5B7084A29FA5BA
Requests: 1 HTTP requests in this frame

Frame: http://paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=1&e=http%3A%2F%2Fandrejhauptman.info&LSESSIONID=jLd1p6Ic5oUjdSyLLhgv0DgMovuSpHrZXEuxEXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&icid=155539307314112941
Frame ID: 36E761792DBF18A892B0B51FA3EADC7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

RxJS (JavaScript Frameworks) Expand

Overall confidence: 20%
Detected patterns

env /^Rx$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^s_(?:account|objectID|code|INST)$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

78
Requests

77 %
HTTPS

31 %
IPv6

7
Domains

13
Subdomains

14
IPs

4
Countries

1109 kB
Transfer

3096 kB
Size

6
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=AOProductSelection
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JSO/signon/LocaleUsernameSignon.do?locale=es_US
Title: Español

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JPS/portal/BrowserWarning.do
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JSO/uidn/RequestUserIDReminder.do?JFP_TOKEN=W9RLT7A3
Title: Forgot User ID or Password?

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/CBOL/sec/secgat/flow.action?siteId=CB&locale=en_US&userType=BB&origin=CBOL
Title: Activate a Card

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/creditcards/citi.action?ID=citi-android-pay&tab=2&intc=1~1~523~051916~2~DigitalWallet_AndroidPay~NONCookied_Tab2
Title: Get Started

Search URL Search Domain Scan URL

URL: http://creditcards.citicards.com/usc/simplicity/2016/Jan/internal/default.htm?app=UNSOL&sc=4DPZWW56&m=2355L00101W&langId=EN&siteId=CB&B=M&screenID=3018&uc=EQY&t=t&intc=1~1~52~3~021215~SIMP~Uncookied
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citiprivatepass.com/landing/guns_n_roses_2016.html?intc=1~2~523~053116~5~PrivatePass_GunsNRoses~NONcookied_Tab4
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/Welcome.c
Title:

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits and Services

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi® Private Pass®

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://online.citi.com/JRS/portal.c?ID=Global
Title: Citi Global Banking

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiBizOverview
Title: Small Business Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiBusinessBanking
Title: Business Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CurrentRates
Title: Personal Banking

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_home_mortgage
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_home_equity_rates
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=PersonalLinesRates
Title: Lending

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/helpcenter/main.do
Title: Help & FAQs

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=TermsDisclaimer
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

http://www.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu HTTP 302
https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Request Chain 62

http://metrics.citi.com/b/ss/citinaprod/1/JS-2.0.0/s72438799510131?AQB=1&ndh=1&pf=1&t=16%2F3%2F2019%205%3A37%3A52%202%200&fid=52D1AE27763BAFF4-2C88FBBA4F65373E&ce=UTF-8&pageName=Non%20Cookied%20Username%20Password&g=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c.&visitStart=1&.c&cc=USD&ch=BANKRIAWebEnglish&c1=Public&h1=BANKRIAWebEnglish%2FPublic%2FSignOn%2FSignOn%2FSelect&c2=SignOn&c3=SignOn&c4=Select&v38=Non%20Cookied%20Username%20Password&v41=0&v42=en_US_USPTL&v43=NNN&v44=0&c50=0&v50=NNNNN&c51=NNNNN&c52=NNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNN0000&c53=NNNNNNNNNNNNNNNNNN&v53=Bank%7C&c55=Bank%7C&c56=NNN&c57=0&c59=JSOSIGNON_200&c63=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c64=1%3A37AM&v64=1%3A37AM&c65=Tuesday&v65=Tuesday&c66=Tuesday%7C1%3A37AM&v67=New&v68=1&v69=UnAuth&c73=null&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
http://metrics.citi.com/b/ss/citinaprod/1/JS-2.0.0/s72438799510131?AQB=1&pccr=true&vidn=2E5AB5180531054D-4000012DA0028AA4&&ndh=1&pf=1&t=16%2F3%2F2019%205%3A37%3A52%202%200&fid=52D1AE27763BAFF4-2C88FBBA4F65373E&ce=UTF-8&pageName=Non%20Cookied%20Username%20Password&g=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c.&visitStart=1&.c&cc=USD&ch=BANKRIAWebEnglish&c1=Public&h1=BANKRIAWebEnglish%2FPublic%2FSignOn%2FSignOn%2FSelect&c2=SignOn&c3=SignOn&c4=Select&v38=Non%20Cookied%20Username%20Password&v41=0&v42=en_US_USPTL&v43=NNN&v44=0&c50=0&v50=NNNNN&c51=NNNNN&c52=NNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNN0000&c53=NNNNNNNNNNNNNNNNNN&v53=Bank%7C&c55=Bank%7C&c56=NNN&c57=0&c59=JSOSIGNON_200&c63=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c64=1%3A37AM&v64=1%3A37AM&c65=Tuesday&v65=Tuesday&c66=Tuesday%7C1%3A37AM&v67=New&v68=1&v69=UnAuth&c73=null&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
andrejhauptman.info/online.citi.com/ 87 KB
87 KB 611ms
136ms Document
text/html 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://andrejhauptman.info/online.citi.com/
Protocol: HTTP/1.1
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 86106c19d08ee85f18662177ea573919358c1393795c2abd17e8874ba91d462d

Request headers

Host: andrejhauptman.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 16 Apr 2019 05:37:50 GMT
Server: Apache
Last-Modified: Wed, 18 Jan 2017 13:56:16 GMT
Accept-Ranges: bytes
Content-Length: 89225
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 amw.js Show response
online.citi.com/JFP/amw/ 1 KB
1 KB 238ms
144ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/amw/amw.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

823db1b6cf4fe34956773f03a9b3e1c36d3a1fe1b609b1c1bd8730475bc6b81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 816
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 jquery-combined.min.js Show response
online.citi.com/CBOL/portal/layout/js/ 318 KB
90 KB 210ms
116ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/portal/layout/js/jquery-combined.min.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

2e4c2f7305f3821aafe52390f18c573039ce62911aea27a1ba0f8342ce918b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 08 May 2018 04:46:52 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 91608
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 jfp.branding.js Show response
online.citi.com/JFP/js/widgets/ 87 KB
28 KB 180ms
87ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/js/widgets/jfp.branding.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef4a3c4de139f5acffbea6b0ea75fb5f167a892fe98b7c324c5bdefb82a16e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 02 Apr 2019 05:38:48 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 28766
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 cssPref.js Show response
online.citi.com/JPS/portal/js/ 1 KB
849 B 239ms
146ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/js/cssPref.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

8824e4738ff9ccec6f5a45884909cdb71e44ee55d1b1d7cf6344d63ebcb32e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 519
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 jfp.widgets.js Show response
online.citi.com/JFP/js/widgets/ 357 KB
86 KB 213ms
120ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/js/widgets/jfp.widgets.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

309dac7cbda06a462999840955afb0b6e08587e246455efc34fac90935daf5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 02 Apr 2019 05:38:48 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 87281
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 SitecatCampaigns.js Show response
online.citi.com/JPS/portal/js/ 5 KB
2 KB 27ms
27ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/js/SitecatCampaigns.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

3365c6707b11af11e075eb8fc391bc5112836047b278191d10ab568a9bf65172

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 1678
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 citi_Common.js Show response
online.citi.com/GFC/common/js/ 278 KB
52 KB 31ms
31ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/common/js/citi_Common.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

18e8793d86b704d55e31f29ebe6b27907ecf5c5b7495996049d45cfd664fe72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 02 Apr 2019 05:38:48 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 52571
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 JFPNav.js Show response
online.citi.com/JPS/portal/js/ 21 KB
6 KB 175ms
82ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/js/JFPNav.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

345059a341cdf6fb013751ba01a3810ce3f42697157616174fc75c02fcb49c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 5305
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 jquery.autocomplete.js Show response
online.citi.com/JFP/js/jquery/plugins/ 17 KB
5 KB 29ms
28ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/js/jquery/plugins/jquery.autocomplete.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

b63dce0094ea3c2b03d2dc0205507faaa364d2b686cf32d7090f80d87e9cccf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 12:14:02 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 5196
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 verisign.js Show response
online.citi.com/JRS/js/ 2 KB
1 KB 688ms
596ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/js/verisign.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

4f5dfedb6a8ef6b3124d5b7f37df4e2f1b83d3560f24ea81ade062331d624c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 965
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 JPPTemp.css
online.citi.com/JFP/css/common/ 245 KB
35 KB 170ms
78ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/css/common/JPPTemp.css

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 35061
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 US-Regional.css
online.citi.com/JRS/css/ 48 KB
10 KB 148ms
56ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/US-Regional.css

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

b256194e43343f5c19794cdc252cab31e88d6abada730497248e3f4dd3d6ebbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 06:19:08 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 9944
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 branding_main_citi.css
online.citi.com/GFC/branding/css/ 38 KB
7 KB 154ms
62ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main_citi.css

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

fea2ce318fe3e06af7549e140581f16de9801c39cdb33edbbd4293a505a3eb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Mon, 12 Nov 2018 04:06:58 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 6550
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 404 Bootstrap.js
online.citi.com//nexus.ensighten.com/citi/na_prod/ 0
0 1102ms
1010ms Script
text/html 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://online.citi.com//nexus.ensighten.com/citi/na_prod/Bootstrap.js
Requested by: Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-235-119.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 mbox.js Show response
online.citi.com/JRS/js/ 45 KB
13 KB 101ms
100ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/js/mbox.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

39c0e17dfddea21b1d2adacff83bb9498309fe3588cae2dd4a32ef491b713009

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 25 Apr 2018 19:08:48 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 13062
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 Citi-BB.png
online.citi.com/GFC/branding/img/cobrand/ 3 KB
4 KB 581ms
579ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/cobrand/Citi-BB.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

955e287d905855f65031a3f7f98912cdb98e04690df255daaad2270421f4d047

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 3388

GET
H2 200 search-white.png
online.citi.com/GFC/branding/img/ 429 B
639 B 30ms
30ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/search-white.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:07 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:51 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 429

GET
H2 200 BrowserUpgrade.css
online.citi.com/JPS/portal/css/ 2 KB
990 B 83ms
82ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/css/BrowserUpgrade.css

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 671
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 signon.js Show response
online.citi.com/JSO/js/ 14 KB
4 KB 566ms
565ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JSO/js/signon.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c5a71e3845d683151e55f217ba43a8da4c97718cc854ec08a67d119f3625d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 3397
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 jfpm.autocomplete.off.js Show response
online.citi.com/JFP/js/modules/ 1 KB
614 B 30ms
30ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/js/modules/jfpm.autocomplete.off.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 344
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 signon.css
online.citi.com/JRS/css/marketing/ 50 KB
8 KB 95ms
95ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/marketing/signon.css

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

9180b5e987462dac7966e5a962393ad08b5b89ad97989d7689f94667bdde4c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:50 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 8246
expires: Tue, 16 Apr 2019 11:37:50 GMT

GET
H2 200 welcome.js Show response
online.citi.com/JRS/js/ 17 KB
4 KB 586ms
586ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/js/welcome.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e21f11da6d00993b678d95e17d9357fef64d1523c19a67cb7146299becd3a7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:24:53 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 3865
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 fieldValidation.js Show response
online.citi.com/JFP/js/jquery/plugins/ 3 KB
894 B 49ms
49ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/js/jquery/plugins/fieldValidation.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

335b41b5ca8836510180fc9f369227e8cc6be4ec9f8b46061bb9018c28400dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 624
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 SCFormElementReporting.js Show response
online.citi.com/JSO/js/ 1 KB
821 B 82ms
82ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JSO/js/SCFormElementReporting.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

1a10a3758a8da80eaa7261fd312bb0ef5ac5c97f59d407b8a3acc60bf96aa6e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 551
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 signonUnamePwdMyCiti.js Show response
online.citi.com/JSO/js/ 6 KB
1 KB 201ms
198ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JSO/js/signonUnamePwdMyCiti.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

814f4156757aefae12ec4ec27ed1e9e5634d7431a9129cf68cd1a59f3b0d6970

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 803
expires: Tue, 16 Apr 2019 11:37:52 GMT

GET
H2 200 fp.js Show response
online.citi.com/JSO/js/ 30 KB
8 KB 597ms
594ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JSO/js/fp.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd1ef7bbb200c5931e5e7e342b68939c874b32d041e6fd7529c5af2261f93818

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 12:14:02 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 7952
expires: Tue, 16 Apr 2019 11:37:52 GMT

GET
H/1.1 200
OK navigation.js Show response
steps.citi.com/us/ 47 KB
20 KB 391ms
111ms XHR
application/x-javascript 23.21.84.39
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://steps.citi.com/us/navigation.js
Requested by: Host: online.citi.com
URL: https://online.citi.com/JFP/amw/amw.js
Protocol: HTTP/1.1
Server: 23.21.84.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-21-84-39.compute-1.amazonaws.com
Software: haile /
Resource Hash: c43da00acce584c0a3307b8ec4e08fd3ad41d527490ca93c2051e72dec5d29cd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://andrejhauptman.info/online.citi.com/
Origin: http://andrejhauptman.info

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:51 GMT
Content-Encoding: gzip
Server: haile
transfer-encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: http://andrejhauptman.info
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK style4.js Show response
paper.citi.com/127893/ 34 KB
15 KB 252ms
104ms Script
application/x-javascript 23.21.107.93
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://paper.citi.com/127893/style4.js
Requested by: Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/
Protocol: HTTP/1.1
Server: 23.21.107.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-21-107-93.compute-1.amazonaws.com
Software: haile /
Resource Hash: 5e6230d582495dacc0a333f67ca63d1f78e711bc6913922286618c53411c410e

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:52 GMT
Content-Encoding: gzip
Server: haile
transfer-encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Expires: 0

GET
H2 200 pixel.gif
online.citi.com/JRS/images/ 42 B
251 B 203ms
201ms Image
image/gif 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/pixel.gif

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 200 Android_Awareness_Citicards_SM_V3_logos.png
online.citi.com/JRS/images/ 3 KB
3 KB 207ms
205ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/Android_Awareness_Citicards_SM_V3_logos.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

d62034faef6190f309ea68be1bd8a115133b76d0cd0a16ed34fba1211ae29807

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:24:53 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 2612

GET
H2 200 MFAOverlay.js Show response
online.citi.com/JPS/portal/js/ 2 KB
1 KB 70ms
68ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/js/MFAOverlay.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

65980d692a75b30a18de261f85398dd5e3b9ecca2b8c3e6943c6c45b77a57567

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 770
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 citi-logo-footer.png
online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/ 2 KB
2 KB 79ms
77ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/citi-logo-footer.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1705

GET
H2 200 memberfdic.png
online.citi.com/GFC/branding/responsivebranding/img/ 2 KB
2 KB 79ms
77ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/memberfdic.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:30:23 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1784

GET
H2 200 EqualHousing.png
online.citi.com/JRS/images/ 416 B
627 B 83ms
81ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/EqualHousing.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:38:37 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 416

GET
H2 200 tealeaf.test.3.1.0.1520.W3C.Sizzle.js Show response
online.citi.com/TeaLeaf/js/ 134 KB
41 KB 28ms
28ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/TeaLeaf/js/tealeaf.test.3.1.0.1520.W3C.Sizzle.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

d7f753898b34f8c5b7838b693561be358fac28891b99a5fb260c844a9dd520d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 12:14:02 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 41668
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 oo_engine.min.js Show response
online.citi.com/GFC/branding/olab/js/ 42 KB
12 KB 28ms
28ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/olab/js/oo_engine.min.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 11704
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 linkCapture.js Show response
online.citi.com/GFC/branding/js/ 1 KB
896 B 28ms
27ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/js/linkCapture.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

d33c3580a6f74918cb48b98df98c9d7bb24dffe18938325ba9327459dd0ce424

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 626
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 branding_universal_megaMenu.js Show response
online.citi.com/GFC/branding/js/ 75 KB
17 KB 47ms
46ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/js/branding_universal_megaMenu.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

2f843b3db1023806d56cb580f86984e1c3785f06c8fe5234beec505f17ade6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 17222
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 citi_search.js Show response
online.citi.com/GFC/branding/js/ 6 KB
2 KB 27ms
27ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/js/citi_search.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

76de53a0f24a3a3b24aace9beae716118a121afb3a39bf920cd94133939037f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 23 Aug 2017 20:24:24 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 1431
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 btAdServe.js Show response
online.citi.com/JRS/js/ 1 KB
850 B 27ms
26ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/js/btAdServe.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

4d09cfb5ba7471be2d35405a0510a67a3a6825e1e0337aca7dd94256e6c107d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 580
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 BkDmp.js Show response
online.citi.com/DMP/ 5 KB
2 KB 97ms
95ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/DMP/BkDmp.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

66f4efff67c8da6b84e2259405f3ff4db59b8617b9622b6d0f9ccdf8ffbe557b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 1542
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 s_code.js Show response
online.citi.com/JRS/js/ 89 KB
25 KB 27ms
26ms Script
application/x-javascript 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/js/s_code.js

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

38fc9d43e39598220446850e09fffb5ed1959aa78de4bd95764a7c7282508dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 13:30:51 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 25647
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H2 200 branding_main.css
online.citi.com/GFC/branding/css/ 111 KB
17 KB 29ms
28ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main.css

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

98b51f738c188b1b429337470e64a958d0aa86d6cefd8a5a9dc1ed6c6cabeda8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Mon, 04 Mar 2019 22:29:58 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:51 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 16847
expires: Tue, 16 Apr 2019 11:37:51 GMT

GET
H/1.1 200
Ok LOInm Show response
steps.citi.com/us/ 109 B
771 B 114ms
113ms Script
text/javascript 23.21.84.39
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://steps.citi.com/us/LOInm?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjJDQk9MJTNBMTcwMTA2MTUxMDU1MzU4NTM2MTIzMDA2JTIyJTdEJTdEJTVE&cid=4&si=2&e=http%3A%2F%2Fandrejhauptman.info&LSESSIONID=jLd1p6Ic5oUjdSyLLhgv0DgMovuSpHrZXEuxEXavFtPX08UvN8F3682k&t=jsonp&c=setgxnahh_wsxifk&eu=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F
Requested by: Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/
Protocol: HTTP/1.1
Server: 23.21.84.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-21-84-39.compute-1.amazonaws.com
Software: haile /
Resource Hash: 588e7f8fc3122ea4f8fc8f0e89c1e7d9a73cb736b3f839d1315ba1c5335fbf82

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:51 GMT
Server: haile
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 109
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Expires: 0

GET
H/1.1 200
Ok hsb Show response
steps.citi.com/us/ 256 B
944 B 107ms
106ms XHR
application/json 23.21.84.39
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://steps.citi.com/us/hsb?si=2&e=http%3A%2F%2Fandrejhauptman.info&LSESSIONID=jLd1p6Ic5oUjdSyLLhgv0DgMovuSpHrZXEuxEXavFtPX08UvN8F3682k&t=jsonpi&eu=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F
Requested by: Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/
Protocol: HTTP/1.1
Server: 23.21.84.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-21-84-39.compute-1.amazonaws.com
Software: haile /
Resource Hash: 938103283235f354265b4a620cef1df3745d8161ed3d47f572366ad59e456a5f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://andrejhauptman.info/online.citi.com/
Origin: http://andrejhauptman.info

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:51 GMT
Server: haile
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: http://andrejhauptman.info
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 256
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK target.js Show response
cdn.tt.omtrdc.net/cdn/ 43 KB
14 KB 61ms
7ms Script
text/javascript 104.109.87.116
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tt.omtrdc.net/cdn/target.js
Requested by: Host: online.citi.com
URL: https://online.citi.com/JRS/js/mbox.js
Protocol: HTTP/1.1
Server: 104.109.87.116 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-87-116.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 41a3100782686fcd7e788615236a3d734ee87a7096b537210f7c7215f400e16c

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 16 Apr 2019 05:37:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Mar 2019 05:44:02 GMT
Server: Apache
ETag: "1fcda-aa23-5853528782178"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: must-revalidate, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14173

GET
H/1.1 200 ajax Show response
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ 142 B
828 B 47ms
18ms Script
text/javascript 66.117.29.4
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ajax?mboxHost=andrejhauptman.info&mboxPage=bf228ed50e46416f9107fd10d1b986bd&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&colorDepth=24&mboxSession=bf228ed50e46416f9107fd10d1b986bd&mboxXDomain=enabled&mboxCount=1&mboxTime=1555393071853&mbox=target-global-mbox&mboxId=0&mboxURL=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&mboxReferrer=&mboxVersion=63
Requested by: Host: online.citi.com
URL: https://online.citi.com/JRS/js/mbox.js
Protocol: HTTP/1.1
Server: 66.117.29.4 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: dd256ae72a5f42f07046db6419e33dca617fe970ccb3844663a4fef8c23875e2

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:51 GMT
Content-Type: text/javascript;charset=utf-8
P3P: CP="NOI DSP CURa OUR STP COM", CP="NOI DSP CURa OUR STP COM"
Cache-Control: no-cache
Timing-Allow-Origin: *
Content-Length: 142
X-Request-ID: 940d2e62-f6a4-438b-bdd5-6480277ec193

GET
H/1.1 200 standard Show response
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ 130 B
595 B 137ms
137ms Script
text/javascript 66.117.29.4
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/standard?mboxHost=andrejhauptman.info&mboxPage=bf228ed50e46416f9107fd10d1b986bd&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&colorDepth=24&mboxSession=bf228ed50e46416f9107fd10d1b986bd&mboxXDomain=enabled&mboxCount=2&mboxTime=1555393071921&mbox=OCB_HP&mboxId=0&mboxURL=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&mboxReferrer=&mboxVersion=63
Requested by: Host: online.citi.com
URL: https://online.citi.com/JRS/js/mbox.js
Protocol: HTTP/1.1
Server: 66.117.29.4 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: 5bfb985b0d0538e1861523083bbf70ee150a6f0b06fe0d720c605b0a34984b9b

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:51 GMT
Content-Type: text/javascript;charset=utf-8
P3P: CP="NOI DSP CURa OUR STP COM"
Cache-Control: no-cache
Timing-Allow-Origin: *
Content-Length: 130
X-Request-ID: 596da3a0-51bb-462b-a836-e9c9597e726e

GET
H/1.1 200
Ok hsb Show response
steps.citi.com/us/ 299 B
987 B 108ms
107ms XHR
application/json 23.21.84.39
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://steps.citi.com/us/hsb?si=2&e=http%3A%2F%2Fandrejhauptman.info&LSESSIONID=jLd1p6Ic5oUjdSyLLhgv0DgMovuSpHrZXEuxEXavFtPX08UvN8F3682k&t=jsonpi&eu=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F
Requested by: Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/
Protocol: HTTP/1.1
Server: 23.21.84.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-21-84-39.compute-1.amazonaws.com
Software: haile /
Resource Hash: c59ce3aa56805401720f31c98201c30629c21c1164762afd8bea32e00e568933

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://andrejhauptman.info/online.citi.com/
Origin: http://andrejhauptman.info

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:52 GMT
Server: haile
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: http://andrejhauptman.info
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 299
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H2 200 bg-branding-banner.jpg
online.citi.com/GFC/branding/img/ 5 KB
5 KB 565ms
564ms Image
image/jpeg 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/bg-branding-banner.jpg

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

b47060147f820f4721134724e1a38cab5fcc6960091389f6b4587769c4d2c313

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 4857

GET
H2 200 jfpw.overlay.stripe.bg.png
online.citi.com/JFP/images/widgets/ 152 B
361 B 193ms
192ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JFP/images/widgets/jfpw.overlay.stripe.bg.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

07759a8c16aaf61f4428763c7ea3756d31164933e7c5a6081fe6ab9bc3e5fdba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/JPS/portal/css/BrowserUpgrade.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 152

GET
H2 200 Interstate-Light.woff
online.citi.com/GFC/branding/fonts/ 74 KB
74 KB 122ms
45ms Font
application/octet-stream 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/fonts/Interstate-Light.woff

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
Origin: http://andrejhauptman.info

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-type: text/plain
access-control-allow-origin: *
content-length: 75483

GET
H/1.1 200
OK snare.js Show response
mpsnare.iesnare.com/ 38 KB
13 KB 75ms
30ms Script
text/javascript 52.129.74.11
iovation

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/snare.js?_=1555393072076

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/portal/layout/js/jquery-combined.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.129.74.11 Portland, United States, ASN395492 (IOVATION3 - iovation, Inc., US),

Reverse DNS

mpsnare.iesnare.com

Software

nginx /

Resource Hash

d248b57112c882895aa0837d6e55a38312b5e609c6a51d60fe4eb1611135bb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=30; includeSubDomains

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:52 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=30; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H2 200 bottom-shade.png
online.citi.com/JRS/images/ 1 KB
1 KB 185ms
184ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/bottom-shade.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e7e2072bba9c55af8da06e0205da3c83d79f14999215b35ecbe374661bbce0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/JRS/css/marketing/signon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1210

GET
H2 200 sign-on-bg.png
online.citi.com/JRS/images/ 118 B
327 B 188ms
187ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/sign-on-bg.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

44b3ecb9ceeb9a3a4b278f24dacee0a27028004cb22edd57a890ea671ba2d9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/JRS/css/marketing/signon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 118

GET
H2 200 interstate.woff
online.citi.com/JRS/fonts/ 17 KB
17 KB 463ms
402ms Font
application/octet-stream 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/fonts/interstate.woff?v=4.0.3

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

280252aa3047ce2d55dcb1ea863da875574502d37509365b2936b06ac12adfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://online.citi.com/JRS/css/marketing/signon.css
Origin: http://andrejhauptman.info

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:52 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-type: text/plain
access-control-allow-origin: *
content-length: 17571

GET
H2 200 global_sprite.png
online.citi.com/JFP/images/ 6 KB
6 KB 570ms
570ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JFP/images/global_sprite.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/portal/layout/js/jquery-combined.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

5afcdfea737deff383e30811d357bf0a93c818b0495cb0e3194b5b87bfda0cb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:32:08 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 5751

GET
H2 200 interstatebold.woff
online.citi.com/JRS/fonts/ 17 KB
17 KB 331ms
282ms Font
application/octet-stream 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/fonts/interstatebold.woff?v=4.0.3

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/portal/layout/js/jquery-combined.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

78973b3779090b1cfac3b1cd507d1fdf249852180c31bc929d0fe5f1d37af600

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://online.citi.com/JRS/css/marketing/signon.css
Origin: http://andrejhauptman.info

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:52 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-type: text/plain
access-control-allow-origin: *
content-length: 17485

GET
H2 200 sprite_social_icons.png
online.citi.com/GFC/branding/img/ 358 B
568 B 585ms
585ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/sprite_social_icons.png

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:10 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 358

GET
H2 200 oo_icon_retina.gif
online.citi.com/GFC/branding/olab/images/ 2 KB
2 KB 30ms
30ms Image
image/gif 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/olab/images/oo_icon_retina.gif

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 2204

GET
H2 200 Interstate-Bold.woff
online.citi.com/GFC/branding/fonts/ 70 KB
71 KB 142ms
107ms Font
application/octet-stream 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/fonts/Interstate-Bold.woff

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
Origin: http://andrejhauptman.info

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-type: text/plain
access-control-allow-origin: *
content-length: 71859

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

http://www.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

10 KB
4 KB

53ms
30ms

Script
text/javascript

2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Requested by

Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

a93468f04285a8c632d457a74a4a774f494836792dcfe7ede53999c12f1c06be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 16 Apr 2019 05:37:52 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3219
x-xss-protection: 0
expires: Tue, 16 Apr 2019 05:37:52 GMT

Redirect headers

Date: Tue, 16 Apr 2019 05:37:52 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Cache-Control: private
Content-Length: 267
X-XSS-Protection: 0

GET
H/1.1

200
OK

s72438799510131
metrics.citi.com/b/ss/citinaprod/1/JS-2.0.0/
Redirect Chain

http://metrics.citi.com/b/ss/citinaprod/1/JS-2.0.0/s72438799510131?AQB=1&ndh=1&pf=1&t=16%2F3%2F2019%205%3A37%3A52%202%200&fid=52D1AE27763BAFF4-2C88FBBA4F65373E&ce=UTF-8&pageName=Non%20Cookied%20Use...
http://metrics.citi.com/b/ss/citinaprod/1/JS-2.0.0/s72438799510131?AQB=1&pccr=true&vidn=2E5AB5180531054D-4000012DA0028AA4&&ndh=1&pf=1&t=16%2F3%2F2019%205%3A37%3A52%202%200&fid=52D1AE27763BAFF4-2C88...

43 B
647 B

35ms
34ms

Image
image/gif

172.82.228.19
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metrics.citi.com/b/ss/citinaprod/1/JS-2.0.0/s72438799510131?AQB=1&pccr=true&vidn=2E5AB5180531054D-4000012DA0028AA4&&ndh=1&pf=1&t=16%2F3%2F2019%205%3A37%3A52%202%200&fid=52D1AE27763BAFF4-2C88FBBA4F65373E&ce=UTF-8&pageName=Non%20Cookied%20Username%20Password&g=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c.&visitStart=1&.c&cc=USD&ch=BANKRIAWebEnglish&c1=Public&h1=BANKRIAWebEnglish%2FPublic%2FSignOn%2FSignOn%2FSelect&c2=SignOn&c3=SignOn&c4=Select&v38=Non%20Cookied%20Username%20Password&v41=0&v42=en_US_USPTL&v43=NNN&v44=0&c50=0&v50=NNNNN&c51=NNNNN&c52=NNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNN0000&c53=NNNNNNNNNNNNNNNNNN&v53=Bank%7C&c55=Bank%7C&c56=NNN&c57=0&c59=JSOSIGNON_200&c63=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c64=1%3A37AM&v64=1%3A37AM&c65=Tuesday&v65=Tuesday&c66=Tuesday%7C1%3A37AM&v67=New&v68=1&v69=UnAuth&c73=null&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by: Host: andrejhauptman.info
URL: http://andrejhauptman.info/online.citi.com/
Protocol: HTTP/1.1
Server: 172.82.228.19 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS: *.sc.omtrdc.net
Software: Omniture DC /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:52 GMT
Last-Modified: Wed, 17 Apr 2019 05:37:52 GMT
Server: Omniture DC
xserver: www309
ETag: "3340181188419584000-4707177699746155179"
Vary: *
X-C: ms-6.6.0
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Apr 2019 05:37:52 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Apr 2019 05:37:52 GMT
Last-Modified: Wed, 17 Apr 2019 05:37:52 GMT
Server: Omniture DC
xserver: www309
Location: http://metrics.citi.com/b/ss/citinaprod/1/JS-2.0.0/s72438799510131?AQB=1&pccr=true&vidn=2E5AB5180531054D-4000012DA0028AA4&&ndh=1&pf=1&t=16%2F3%2F2019%205%3A37%3A52%202%200&fid=52D1AE27763BAFF4-2C88FBBA4F65373E&ce=UTF-8&pageName=Non%20Cookied%20Username%20Password&g=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c.&visitStart=1&.c&cc=USD&ch=BANKRIAWebEnglish&c1=Public&h1=BANKRIAWebEnglish%2FPublic%2FSignOn%2FSignOn%2FSelect&c2=SignOn&c3=SignOn&c4=Select&v38=Non%20Cookied%20Username%20Password&v41=0&v42=en_US_USPTL&v43=NNN&v44=0&c50=0&v50=NNNNN&c51=NNNNN&c52=NNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNN0000&c53=NNNNNNNNNNNNNNNNNN&v53=Bank%7C&c55=Bank%7C&c56=NNN&c57=0&c59=JSOSIGNON_200&c63=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&c64=1%3A37AM&v64=1%3A37AM&c65=Tuesday&v65=Tuesday&c66=Tuesday%7C1%3A37AM&v67=New&v68=1&v69=UnAuth&c73=null&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
X-C: ms-6.6.0
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Connection: keep-alive
Content-Type: text/plain
Content-Length: 0
Expires: Mon, 15 Apr 2019 05:37:52 GMT

GET
H/1.1 200
OK / Show response
citi.bridgetrack.com/a/s/ 0
752 B 384ms
137ms Script
application/x-javascript 216.250.63.5
Sapient Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://citi.bridgetrack.com/a/s/?BT_CON=1&BT_PID=1696939&r=541692664&masterID=&_jfp=https://online.citi.com&BT_EXT=&rateSheetId=null&target=CBOLAdBanner
Requested by: Host: online.citi.com
URL: https://online.citi.com/JRS/js/btAdServe.js
Protocol: HTTP/1.1
Server: 216.250.63.5 Miami, United States, ASN22758 (SAPIENT-DCO - Sapient Corporation, US),
Reverse DNS: citi.bridgetrack.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 16 Apr 2019 05:37:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml"
Cache-Control: private
Content-Type: application/x-javascript
Content-Length: 119
Expires: Mon, 15 Apr 2019 05:37:52 GMT

GET
H/1.1 404
Not Found /
andrejhauptman.info/JRS/images/ 328 B
328 B 121ms
120ms Image
text/html 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://andrejhauptman.info/JRS/images/
Requested by: Host: online.citi.com
URL: https://online.citi.com/CBOL/portal/layout/js/jquery-combined.min.js
Protocol: HTTP/1.1
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: bb67948c6080636f700c0b3edc95ce22bef389b37ba75c817b0ae33bb96ca4ad

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: andrejhauptman.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://andrejhauptman.info/online.citi.com/
Cookie: mbox=check#true#1555393132|session#bf228ed50e46416f9107fd10d1b986bd#1555394932; s_fid=52D1AE27763BAFF4-2C88FBBA4F65373E; s_pers=%20gpv_p7%3DNon%2520Cookied%2520Username%2520Password%7C1555394872145%3B%20s_visit%3D1%7C1555394872146%3B%20s_vnum%3D1556668800147%2526vn%253D1%7C1556668800147%3B%20s_invisit%3Dtrue%7C1555394872147%3B%20s_nr%3D1555393072148-New%7C1713073072148%3B; s_sess=%20SC_LINKS%3D%3B%20s_vstart%3D1555393072150%3B; s_cc=true
Connection: keep-alive
Cache-Control: no-cache
Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 16 Apr 2019 05:37:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 328
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 mktbgEN9.jpg
online.citi.com/JRS/images/ 107 KB
107 KB 438ms
437ms Image
image/jpeg 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/mktbgEN9.jpg

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/portal/layout/js/jquery-combined.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e77d37ad2371f1b1c13192c69c795d3b8b2e0a9b463b6e465cfa39aed4933d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 16 Apr 2019 05:37:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 109332

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/script/ 96 B
508 B 16ms
15ms Script
text/javascript 52.129.74.11
iovation

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js?_=1555393072076

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.129.74.11 Portland, United States, ASN395492 (IOVATION3 - iovation, Inc., US),

Reverse DNS

mpsnare.iesnare.com

Software

nginx /

Resource Hash

792d7f43756c4080c3348d6a9a84730fc0316cc6e356fcc4d3f9a2421d1b770f

Security Headers

Name	Value
Strict-Transport-Security	max-age=30; includeSubDomains

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 16 Apr 2019 05:37:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=30; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Wed, 15 Apr 2020 05:37:52 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/d35a6008cf40f285/ 245 KB
78 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/d35a6008cf40f285/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2aa79882ad3c6a6a1af67ee6530287d15c7fc75feccdda3e94ca0552df576e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 12 Apr 2019 12:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 14:21:33 GMT
server: sffe
age: 321089
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 79683
x-xss-protection: 0
expires: Sat, 11 Apr 2020 12:26:23 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/d35a6008cf40f285/ 44 KB
10 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/d35a6008cf40f285/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a295bcfa91664e0dfac547516febc524302c24be2ddb9cf90ceda80b1e8f19aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 16:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 14:21:33 GMT
server: sffe
age: 651188
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9940
x-xss-protection: 0
expires: Tue, 07 Apr 2020 16:44:44 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v2/ 14 KB
3 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v2/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 16 Apr 2019 05:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Oct 2018 12:00:00 GMT
server: sffe
age: 2168
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3112
x-xss-protection: 0
expires: Tue, 16 Apr 2019 05:51:44 GMT

GET
H2 200 CITI_CBOL_HP_LOGIN_v3 Show response
view.atdmt.com/jaction/ 2 B
386 B 120ms
47ms Script
text/javascript 2a03:2880:f0ff:2:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://view.atdmt.com/jaction/CITI_CBOL_HP_LOGIN_v3?_=1555393073115
Requested by: Host: online.citi.com
URL: https://online.citi.com/CBOL/portal/layout/js/jquery-combined.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f0ff:2:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2019 05:37:53 GMT
x-atlas-debug: AYKHv-asOErNd_XJBn5nMKaGqNQb9bc9x6JTOAk32GppdlMrSywexzNkDLBvuG9ggKRo-tVwqmSdeqC8lEJDZiMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 2
expires: 0

GET
H/1.1 200
OK / Show response
citi.bridgetrack.com/track/s/ 0
793 B 144ms
144ms Script
application/x-javascript 216.250.63.5
Sapient Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://citi.bridgetrack.com/track/s/?id=44715&PageID=JSOSIGNON_200&masterID=undefined&ref=&p=http%3A//andrejhauptman.info/online.citi.com/&random=977090998
Requested by: Host: online.citi.com
URL: https://online.citi.com/GFC/branding/js/linkCapture.js
Protocol: HTTP/1.1
Server: 216.250.63.5 Miami, United States, ASN22758 (SAPIENT-DCO - Sapient Corporation, US),
Reverse DNS: citi.bridgetrack.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 16 Apr 2019 05:37:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml"
Cache-Control: private
Content-Type: application/x-javascript
Content-Length: 119
Expires: Mon, 15 Apr 2019 05:37:53 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 171 KB
59 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/d35a6008cf40f285/cse_element__de.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2af574b01a30db4d4fb301e0a9f325838c6828ad88fd848269e32423f20a410a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 16 Apr 2019 05:37:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "8672225924171704016"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Tue, 16 Apr 2019 05:37:53 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 28ms
5ms Image
text/plain 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://andrejhauptman.info/online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 16 Apr 2019 05:37:53 GMT
Content-Length: 0

GET
H/1.1 200
OK CWrT.html
paper.citi.com/127893/ Frame 7461 0
0 105ms
101ms Document
text/html 23.21.107.93
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://paper.citi.com/127893/CWrT.html?si=1&e=http%3A%2F%2Fandrejhauptman.info&LSESSIONID=jLd1p6Ic5oUjdSyLLhgv0DgMovuSpHrZXEuxEXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&icid=155539307313813030
Requested by: Host: paper.citi.com
URL: http://paper.citi.com/127893/style4.js
Protocol: HTTP/1.1
Server: 23.21.107.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-21-107-93.compute-1.amazonaws.com
Software: haile /
Resource Hash

Request headers

Host: paper.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://andrejhauptman.info/online.citi.com/
Accept-Encoding: gzip, deflate
Cookie: s_vi=[CS]v1|2E5AB5180531054D-4000012DA0028AA4[CE]
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://andrejhauptman.info/online.citi.com/

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 16 Apr 2019 05:37:53 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Server: haile
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///http... Frame 36E7 0
0 207ms
102ms Document
text/html 23.21.107.93
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=1&e=http%3A%2F%2Fandrejhauptman.info&LSESSIONID=jLd1p6Ic5oUjdSyLLhgv0DgMovuSpHrZXEuxEXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fandrejhauptman.info%2Fonline.citi.com%2F&icid=155539307314112941
Requested by: Host: paper.citi.com
URL: http://paper.citi.com/127893/style4.js
Protocol: HTTP/1.1
Server: 23.21.107.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-21-107-93.compute-1.amazonaws.com
Software: haile /
Resource Hash

Request headers

Host: paper.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://andrejhauptman.info/online.citi.com/
Accept-Encoding: gzip, deflate
Cookie: s_vi=[CS]v1|2E5AB5180531054D-4000012DA0028AA4[CE]
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://andrejhauptman.info/online.citi.com/

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 16 Apr 2019 05:37:53 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Server: haile
transfer-encoding: chunked
Connection: keep-alive

POST TeaLeaf.action
andrejhauptman.info/US/NCCS/tealeaf/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: andrejhauptman.info
URL: http://andrejhauptman.info/US/NCCS/tealeaf/TeaLeaf.action?JFP_TOKEN=W9RLT7A3

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

1041 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.andrejhauptman.info/	1969-12-31 23:59:59	Name: s_cc Value: true
.andrejhauptman.info/	1970-01-20 19:51:13	Name: s_pers Value: %20gpv_p7%3DNon%2520Cookied%2520Username%2520Password%7C1555394872145%3B%20s_visit%3D1%7C1555394872146%3B%20s_vnum%3D1556668800147%2526vn%253D1%7C1556668800147%3B%20s_invisit%3Dtrue%7C1555394872147%3B%20s_nr%3D1555393072148-New%7C1713073072148%3B
.citi.com/	1970-01-19 17:34:25	Name: s_vi Value: [CS]v1\|2E5AB5180531054D-4000012DA0028AA4[CE]
.andrejhauptman.info/	1969-12-31 23:59:59	Name: s_sess Value: %20SC_LINKS%3D%3B%20s_vstart%3D1555393072150%3B
.andrejhauptman.info/	1970-01-20 19:54:05	Name: s_fid Value: 52D1AE27763BAFF4-2C88FBBA4F65373E
.andrejhauptman.info/	1970-01-19 00:03:14	Name: mbox Value: check#true#1555393132\|session#bf228ed50e46416f9107fd10d1b986bd#1555394932

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andrejhauptman.info
cdn.tt.omtrdc.net
citi.bridgetrack.com
citicorpcreditservic.tt.omtrdc.net
clients1.google.com
cse.google.com
metrics.citi.com
mpsnare.iesnare.com
online.citi.com
paper.citi.com
steps.citi.com
view.atdmt.com
www.google.com
andrejhauptman.info
104.109.87.116
104.111.235.119
172.82.228.19
185.222.203.10
216.250.63.5
23.21.107.93
23.21.84.39
2a00:1450:4001:81c::200e
2a00:1450:4001:824::2004
2a00:1450:4001:824::200e
2a03:2880:f0ff:2:face:b00c:0:8c
52.129.74.11
66.117.29.4
07759a8c16aaf61f4428763c7ea3756d31164933e7c5a6081fe6ab9bc3e5fdba
18e8793d86b704d55e31f29ebe6b27907ecf5c5b7495996049d45cfd664fe72b
1a10a3758a8da80eaa7261fd312bb0ef5ac5c97f59d407b8a3acc60bf96aa6e3
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
280252aa3047ce2d55dcb1ea863da875574502d37509365b2936b06ac12adfa6
2af574b01a30db4d4fb301e0a9f325838c6828ad88fd848269e32423f20a410a
2e4c2f7305f3821aafe52390f18c573039ce62911aea27a1ba0f8342ce918b90
2f843b3db1023806d56cb580f86984e1c3785f06c8fe5234beec505f17ade6b2
309dac7cbda06a462999840955afb0b6e08587e246455efc34fac90935daf5f9
335b41b5ca8836510180fc9f369227e8cc6be4ec9f8b46061bb9018c28400dfc
3365c6707b11af11e075eb8fc391bc5112836047b278191d10ab568a9bf65172
345059a341cdf6fb013751ba01a3810ce3f42697157616174fc75c02fcb49c6b
38fc9d43e39598220446850e09fffb5ed1959aa78de4bd95764a7c7282508dec
39c0e17dfddea21b1d2adacff83bb9498309fe3588cae2dd4a32ef491b713009
3d2aa79882ad3c6a6a1af67ee6530287d15c7fc75feccdda3e94ca0552df576e
41a3100782686fcd7e788615236a3d734ee87a7096b537210f7c7215f400e16c
44b3ecb9ceeb9a3a4b278f24dacee0a27028004cb22edd57a890ea671ba2d9e7
4d09cfb5ba7471be2d35405a0510a67a3a6825e1e0337aca7dd94256e6c107d8
4f5dfedb6a8ef6b3124d5b7f37df4e2f1b83d3560f24ea81ade062331d624c2c
522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b
588e7f8fc3122ea4f8fc8f0e89c1e7d9a73cb736b3f839d1315ba1c5335fbf82
5afcdfea737deff383e30811d357bf0a93c818b0495cb0e3194b5b87bfda0cb4
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
5bfb985b0d0538e1861523083bbf70ee150a6f0b06fe0d720c605b0a34984b9b
5e6230d582495dacc0a333f67ca63d1f78e711bc6913922286618c53411c410e
65980d692a75b30a18de261f85398dd5e3b9ecca2b8c3e6943c6c45b77a57567
66f4efff67c8da6b84e2259405f3ff4db59b8617b9622b6d0f9ccdf8ffbe557b
6c5a71e3845d683151e55f217ba43a8da4c97718cc854ec08a67d119f3625d40
6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366
701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484
705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
76de53a0f24a3a3b24aace9beae716118a121afb3a39bf920cd94133939037f8
78973b3779090b1cfac3b1cd507d1fdf249852180c31bc929d0fe5f1d37af600
792d7f43756c4080c3348d6a9a84730fc0316cc6e356fcc4d3f9a2421d1b770f
814f4156757aefae12ec4ec27ed1e9e5634d7431a9129cf68cd1a59f3b0d6970
823db1b6cf4fe34956773f03a9b3e1c36d3a1fe1b609b1c1bd8730475bc6b81c
86106c19d08ee85f18662177ea573919358c1393795c2abd17e8874ba91d462d
8824e4738ff9ccec6f5a45884909cdb71e44ee55d1b1d7cf6344d63ebcb32e9c
8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa
9180b5e987462dac7966e5a962393ad08b5b89ad97989d7689f94667bdde4c93
938103283235f354265b4a620cef1df3745d8161ed3d47f572366ad59e456a5f
955e287d905855f65031a3f7f98912cdb98e04690df255daaad2270421f4d047
98b51f738c188b1b429337470e64a958d0aa86d6cefd8a5a9dc1ed6c6cabeda8
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a295bcfa91664e0dfac547516febc524302c24be2ddb9cf90ceda80b1e8f19aa
a93468f04285a8c632d457a74a4a774f494836792dcfe7ede53999c12f1c06be
b256194e43343f5c19794cdc252cab31e88d6abada730497248e3f4dd3d6ebbc
b47060147f820f4721134724e1a38cab5fcc6960091389f6b4587769c4d2c313
b63dce0094ea3c2b03d2dc0205507faaa364d2b686cf32d7090f80d87e9cccf9
bb67948c6080636f700c0b3edc95ce22bef389b37ba75c817b0ae33bb96ca4ad
c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e
c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1
c43da00acce584c0a3307b8ec4e08fd3ad41d527490ca93c2051e72dec5d29cd
c59ce3aa56805401720f31c98201c30629c21c1164762afd8bea32e00e568933
d248b57112c882895aa0837d6e55a38312b5e609c6a51d60fe4eb1611135bb92
d33c3580a6f74918cb48b98df98c9d7bb24dffe18938325ba9327459dd0ce424
d62034faef6190f309ea68be1bd8a115133b76d0cd0a16ed34fba1211ae29807
d7f753898b34f8c5b7838b693561be358fac28891b99a5fb260c844a9dd520d7
dd256ae72a5f42f07046db6419e33dca617fe970ccb3844663a4fef8c23875e2
e21f11da6d00993b678d95e17d9357fef64d1523c19a67cb7146299becd3a7be
e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77d37ad2371f1b1c13192c69c795d3b8b2e0a9b463b6e465cfa39aed4933d56
e7e2072bba9c55af8da06e0205da3c83d79f14999215b35ecbe374661bbce0a9
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ef4a3c4de139f5acffbea6b0ea75fb5f167a892fe98b7c324c5bdefb82a16e98
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
fd1ef7bbb200c5931e5e7e342b68939c874b32d041e6fd7529c5af2261f93818
fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf
fea2ce318fe3e06af7549e140581f16de9801c39cdb33edbbd4293a505a3eb3b

andrejhauptman.info Open in urlscan Pro 185.222.203.10 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

78 Requests

77 %HTTPS

31 %IPv6

7 Domains

13 Subdomains

14 IPs

4 Countries

1109 kBTransfer

3096 kBSize

6 Cookies

29 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

andrejhauptman.info Open in urlscan Pro
185.222.203.10 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

77 %
HTTPS

31 %
IPv6

7
Domains

13
Subdomains

14
IPs

4
Countries

1109 kB
Transfer

3096 kB
Size

6
Cookies

78 HTTP transactions
0 data transactions