urlscan.io logo urlscan.io
SecurityTrails logo

totalcomp.uat.citigroup.com Open in urlscan Pro
95.101.23.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://totalcomp.uat.citigroup.com/
Effective URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&G...
Submission: On February 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 95.101.23.89, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is totalcomp.uat.citigroup.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 21st 2022. Valid for: a year.
This is the only time totalcomp.uat.citigroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 95.101.23.89 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 4
Apex Domain
Subdomains		 Transfer
16 citigroup.com
totalcomp.uat.citigroup.com
57 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109
81 KB
19 3
Domain Requested by
16 totalcomp.uat.citigroup.com 1 redirects totalcomp.uat.citigroup.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com totalcomp.uat.citigroup.com
www.googletagmanager.com
19 3

This site contains links to these domains. Also see Links.

Domain
onereset.citigroup.net
www.citigroup.com
Subject Issuer Validity Valid
uat.citigroup.com
DigiCert SHA2 Extended Validation Server CA		 2022-07-21 -
2023-08-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Frame ID: B56C6AAB75374F3B564A1BD30D1EA85A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Total Compensation and Benefits Login

Page URL History Show full URLs

  1. https://totalcomp.uat.citigroup.com/ HTTP 302
    https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

156 kB
Transfer

401 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://totalcomp.uat.citigroup.com/ HTTP 302
    https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.fcc
totalcomp.uat.citigroup.com/siteminderagent/forms/
Redirect Chain
  • https://totalcomp.uat.citigroup.com/
  • https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2Wk...
67 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1664d8fe707e56a5344099753dd1c96527fa5180cffd170a19c4074320c9eef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
20749
content-type
text/html; charset=iso-8859-1
date
Mon, 13 Feb 2023 13:11:18 GMT
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mTOE,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store
content-length
502
content-type
text/html; charset=iso-8859-1
date
Mon, 13 Feb 2023 13:11:18 GMT
location
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93cea79a999be93fb44986e0c8f23577f1792eaf7537aa3d3ff2da2c748b5cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:11:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37955
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Feb 2023 13:11:18 GMT
cgp_cookie_funcs.js
totalcomp.uat.citigroup.com/siteminderagent/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/js/cgp_cookie_funcs.js
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
96cd943c39cd37b9d6518b6e347a2332763596db53f6ac864bb79d50074e7590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
date
Mon, 13 Feb 2023 13:11:19 GMT
etag
"3e0243-630-5ec742d8b0400"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
666
x-xss-protection
1; mode=block
fp_AA.js
totalcomp.uat.citigroup.com/siteminderagent/js/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/js/fp_AA.js
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cb5643ffff191bf755e4b0812525d2db86931ea3f666bc8f0bf244f2da2042b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
date
Mon, 13 Feb 2023 13:11:19 GMT
etag
"3e0245-7e4c-5ec742d8b0400"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
8350
x-xss-protection
1; mode=block
4306d020
totalcomp.uat.citigroup.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalcomp.uat.citigroup.com/akam/13/4306d020
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c7a3ac93a3a11f78fbe08cb78034a4d0d8908ad7104beebb90328b33f27420b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 13:11:19 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:11:00 GMT
etag
"26d464bae5bae3cdb561ac84cbb00f18864a9b6923eefbc3cfda1f8cfc0d1c5b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
8755
expires
Mon, 13 Feb 2023 13:11:19 GMT
global_header_logo.png
totalcomp.uat.citigroup.com/siteminderagent/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/global_header_logo.png
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1578fb88cfebb6b3530403992350a656314bf8a7ab02168468a644e7988ed9b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"3e025e-1049-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
4169
x-xss-protection
1; mode=block
cgp_spacer.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/cgp_spacer.gif
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"3e025f-2b-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block
icon_sso.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ 		524 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/icon_sso.gif
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea187c46f781d62e4b3eb75356f91784fd316d8789994ea5621d8cf731060374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"1800bd-20c-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
524
x-xss-protection
1; mode=block
spacer.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/spacer.gif
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"1800bf-2b-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block
change.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ 		62 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/change.gif
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94c098f9044a5f780211af70343e7fe8dc571c46248ef599a7a61ef7275fcd5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"1800b7-3e-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
62
x-xss-protection
1; mode=block
email.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ 		68 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/email.gif
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c973c7dba59f72cbe2bbc4fafb92140604de6ee7aa3d4b4c411c3b35e036838f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"3e0265-44-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
68
x-xss-protection
1; mode=block
help_icon.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ 		76 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/help_icon.gif
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a38317a8a5d6adee2548f296f5c699d99622a0c7d54a56d0e50e5a77981aadf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"1800af-4c-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
76
x-xss-protection
1; mode=block
citi_logo_s.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/citi_logo_s.gif
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bfad487e03a3e7ed7cbd6617707a801ee1ba21bf443b681995c32e6e6c3feeae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"3e0252-8fc-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
2300
x-xss-protection
1; mode=block
bodybg.png
totalcomp.uat.citigroup.com/siteminderagent/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/bodybg.png
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8250dc360198ace9db8293bfa1f4921c14bea06c0e1586aa676d640f3d41b7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"1800b2-911-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
2321
x-xss-protection
1; mode=block
global_bgd_header.png
totalcomp.uat.citigroup.com/siteminderagent/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalcomp.uat.citigroup.com/siteminderagent/images/global_bgd_header.png
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c060cdd967c830760a50ee01bce2ced0bda5c9395a70a2590dc779ca884dedca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Nov 2022 03:10:08 GMT
x-permitted-cross-domain-policies
master-only
etag
"1800b4-6dd-5ec742d8b0400"
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
1757
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131126179-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
553bfcbd8d643f8808a069e632dbb33ca3b2fd6df8f57a191355dd9b1d49c862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:11:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44137
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Feb 2023 13:11:19 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131126179-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://totalcomp.uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Feb 2023 11:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
7153
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 13 Feb 2023 13:12:06 GMT
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2098670957&t=pageview&_s=1&dl=https%3A%2F%2Ftotalcomp.uat.citigroup.com%2Fsiteminderagent%2Fforms%2Flogin.fcc%3FTYPE%3D33554433%26REALMOID%3D06-000f3295-6b9b-1a62-915b-df33b150f021%26GUID%3D%26SMAUTHREASON%3D0%26METHOD%3DGET%26SMAGENTNAME%3D-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%252bRs%252bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4%26TARGET%3D-SM-%252f&ul=en-us&de=windows-1252&dt=My%20Total%20Compensation%20and%20Benefits%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2062896870&gjid=1956437478&cid=821646866.1676293879&tid=UA-131126179-2&_gid=2059899376.1676293879&_r=1&gtm=457e3280&z=1097284576
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://totalcomp.uat.citigroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 13:11:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totalcomp.uat.citigroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
pixel_4306d020
totalcomp.uat.citigroup.com/akam/13/ 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalcomp.uat.citigroup.com/akam/13/pixel_4306d020
Requested by
Host: totalcomp.uat.citigroup.com
URL: https://totalcomp.uat.citigroup.com/akam/13/4306d020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.89 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 Feb 2023 13:11:20 GMT
content-length
0
content-type
text/html

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange string| GA_TRACKING_ID object| x function| gtag object| dataLayer function| CGP_setCookie function| CGP_readCookie function| CGP_killCookie function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint function| setDeviceCookie function| resetCredFields function| submitForm string| cgp_current_lang number| cgp_current_lang_code undefined| cgp_locale object| m001 object| m002 object| m003 object| m004 object| m005 object| m006 object| m007 object| m008 object| m009 object| m010 object| m011 object| m012 object| m013 object| m014 object| m015 object| m016 object| m017 object| m018 object| m019 object| m020 object| m021 object| m022 object| m023 object| m024 object| m025 function| CGP_updateLangCode function| CGP_translateText function| CGP_changeLang function| CGP_getCurrentLang string| bazadebezolkohpepadr function| openMFAPDF function| getLocale string| expatURL object| year object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| urhehlevkedkilrobacf string| language_parm object| plugin string| t

8 Cookies

Domain/Path Name / Value
.uat.citigroup.com/ Name: bm_mi
Value: F8D09078CA94A69135370EA6E84F3D03~YAAQVRdlX49VbTOGAQAA/bPmShJBhTuPxJH3ELG4tK6g92loCudNO4xu2n6ydt9o5Jr2XmAuZZjL8fl4aN3DafqBZe5yAAOqB7nxS69n0biIVy3tD8e8+TkB73GVcsnFOIEALKTfA0+X93106SVMH2MSpT1fQW+L++OA3lU4KXWuRbJVaXqPv4i/dDnKXe37iDnjSPqsQQCoR9WZQZXPyM6fH4B84rajpqYgUWOIYLvKG/9u4REEXWpQ4qeB0g9NnpBsDiIBodwQtY3BkEJKj5q29t20z3/gEvSwvsZWCkP2XVlwXi6PL1BM56fi1sEhtd8w0p4YTb7hTwM6P0r8DO+5Xga6PnBSozHBoI6axkrbJXMd~1
.uat.citigroup.com/ Name: bm_sv
Value: 2CF114D5DB8E2DDF2005D86424CD9CC0~YAAQVRdlX5BVbTOGAQAA/bPmShK7h4D6eHEd04hOL2stD0K6lngRiRJFUBd6yiRkNuznw/qT8Dj1dOKUDqsgjjmmnwPKKi40ivJVPoVSsI+EWxot6D2ebEss3o2BOMa0eslduaUPH+RQbxRnsAhSdy4kaHUNLcc6z1l+GOic28+PiCBtIes4UiUECKctEIU3ajZbHbaVsJB4uwvp4/PFVzcIelYwiUimWgZo/LlJ+w53jBzNfxcqB9Gi95IKrrtjgzSfZXnXzw==~1
.citigroup.com/ Name: _ga
Value: GA1.2.821646866.1676293879
.citigroup.com/ Name: _gid
Value: GA1.2.2059899376.1676293879
.citigroup.com/ Name: _gat_gtag_UA_131126179_2
Value: 1
totalcomp.uat.citigroup.com/ Name: CGPLNG
Value: ENG
totalcomp.uat.citigroup.com/ Name: DeviceCookie
Value: version%3D2%26pm%5Ffpua%3Dmozilla%2F5%2E0%20%28windows%20nt%2010%2E0%3B%20win64%3B%20x64%29%20applewebkit%2F537%2E36%20%28khtml%2C%20like%20gecko%29%20chrome%2F110%2E0%2E5481%2E77%20safari%2F537%2E36%7C5%2E0%20%28Windows%20NT%2010%2E0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537%2E36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F110%2E0%2E5481%2E77%20Safari%2F537%2E36%7CWin32%26pm%5Ffpsc%3D24%7C1600%7C1200%7C1200%26pm%5Ffpsw%3D%26pm%5Ffptz%3D0%26pm%5Ffpln%3Dlang%3Den%2DUS%7Csyslang%3D%7Cuserlang%3D%26pm%5Ffpjv%3D0%26pm%5Ffpco%3D1%26pm%5Ffpasw%3Dinternal%2Dpdf%2Dviewer%7Cmhjfbmdgcfjbbpaeojofohoefgiehjai%7Cinternal%2Dnacl%2Dplugin%26pm%5Ffpan%3DNetscape%26pm%5Ffpacn%3DMozilla%26pm%5Ffpol%3Dtrue%26pm%5Ffposp%3D%26pm%5Ffpup%3D%26pm%5Ffpsaw%3D1600%26pm%5Ffpspd%3D24%26pm%5Ffpsbd%3D%26pm%5Ffpsdx%3D%26pm%5Ffpsdy%3D%26pm%5Ffpslx%3D%26pm%5Ffpsly%3D%26pm%5Ffpsfse%3D%26pm%5Ffpsui%3Dexpires=Mon, 13 Feb 2023 17:30:31 GMT
.uat.citigroup.com/ Name: ak_bmsc
Value: AFBD2D60C3F1A0A9651CB8FFC00C051E~000000000000000000000000000000~YAAQVRdlX/VXbTOGAQAA4bnmShIMgJlXM1r3E0Te+X90TsZ3ICVnsS41GNExGyWDZn/F1/UqmFRpzAXYUQ5CoZuHGY8h238vlrHvMg712fY6tENOV07ItJ7mTSUMST1Y3jlzY+Uh2NnZpCjjk4Vp7nvcmsp983YVbflSdEAifugP1jcCh9qUjp+jGGox8nrQSo3nTm9gmBpKeGtfH0wP9lE/fDi7fMOvG1FdFxRWC0cEkQ23k022gATidwhUTGwXVbLMhFTc6vQeJfB4k/7m8pdNy0nxP59pHznanRV14loK5enxD00O9f0ajfhMS7Ta5aIDBHzBQdCSmbvu72o5nq6RDkjiQcp4IzohtVrUKfuWZ0YoGWla7CcV46+XL9O8mbIh2zenw+5lDX6RAvLk15m/m4lD5/1wV2mLTJa50w==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

totalcomp.uat.citigroup.com
www.google-analytics.com
www.googletagmanager.com
2a00:1450:400d:804::2008
2a00:1450:400d:806::200e
95.101.23.89
1578fb88cfebb6b3530403992350a656314bf8a7ab02168468a644e7988ed9b3
1664d8fe707e56a5344099753dd1c96527fa5180cffd170a19c4074320c9eef4
1c7a3ac93a3a11f78fbe08cb78034a4d0d8908ad7104beebb90328b33f27420b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553bfcbd8d643f8808a069e632dbb33ca3b2fd6df8f57a191355dd9b1d49c862
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
93cea79a999be93fb44986e0c8f23577f1792eaf7537aa3d3ff2da2c748b5cfd
94c098f9044a5f780211af70343e7fe8dc571c46248ef599a7a61ef7275fcd5c
96cd943c39cd37b9d6518b6e347a2332763596db53f6ac864bb79d50074e7590
a38317a8a5d6adee2548f296f5c699d99622a0c7d54a56d0e50e5a77981aadf8
bfad487e03a3e7ed7cbd6617707a801ee1ba21bf443b681995c32e6e6c3feeae
c060cdd967c830760a50ee01bce2ced0bda5c9395a70a2590dc779ca884dedca
c973c7dba59f72cbe2bbc4fafb92140604de6ee7aa3d4b4c411c3b35e036838f
cb5643ffff191bf755e4b0812525d2db86931ea3f666bc8f0bf244f2da2042b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea187c46f781d62e4b3eb75356f91784fd316d8789994ea5621d8cf731060374
f8250dc360198ace9db8293bfa1f4921c14bea06c0e1586aa676d640f3d41b7c