etr34s.org Open in urlscan Pro
192.162.68.32 Malicious Activity! Public Scan

URL:
https://etr34s.org/citi/
Submission: On January 22 via manual (January 22nd 2019, 7:46:21 pm UTC) from US

Summary HTTP 72 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 72 HTTP transactions. The main IP is 192.162.68.32, located in Ligné, France and belongs to RMI-FITECH, FR. The main domain is etr34s.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 18th 2019. Valid for: 3 months.

This is the only time etr34s.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
42	192.162.68.32 192.162.68.32	16347 (RMI-FITECH) (RMI-FITECH)
27	184.30.212.163 184.30.212.163	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.225.135.150 54.225.135.150	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
72	3

42 192.162.68.32 (Ligné, France)

ASN16347 (RMI-FITECH, FR)
PTR: vps58023.lws-hosting.com

etr34s.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 184.30.212.163 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-212-163.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.225.135.150 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-135-150.compute-1.amazonaws.com

paper.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	etr34s.org etr34s.org	230 KB
30	citi.com online.citi.com paper.citi.com	341 KB
72	2

	Domain	Requested by
42	etr34s.org	etr34s.org
27	online.citi.com	etr34s.org
3	paper.citi.com	etr34s.org
72	3

This site contains links to these domains. Also see Links.

Domain
www.citi.com
www.facebook.com
www.twitter.com
www.youtube.com
www.citigroup.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
etr34s.org cPanel, Inc. Certification Authority	`2019-01-18` - `2019-04-18`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2018-03-14` - `2020-05-14`	2 years	crt.sh
paper.citi.com DigiCert SHA2 Extended Validation Server CA	`2018-10-16` - `2020-10-15`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://etr34s.org/citi/
Frame ID: F4C42686E7B5A0F7F9A10A4C0525D270
Requests: 70 HTTP requests in this frame

Frame: https://paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=1&e=https%3A%2F%2Fetr34s.org&LSESSIONID=jLd1o6IZ64QgdyiGKx8g0D0DoPqSpHjZUkyzEXavFtPX08UvN8F3682k&t=xframe&eu=https%3A%2F%2Fetr34s.org%2Fciti%2F&icid=154818636620399065
Frame ID: 35FE9CC39A8E123997B503C0D8B25A4E
Requests: 1 HTTP requests in this frame

Frame: https://paper.citi.com/127893/CWrT.html?si=1&e=https%3A%2F%2Fetr34s.org&LSESSIONID=jLd1o6IZ64QgdyiGKx8g0D0DoPqSpHjZUkyzEXavFtPX08UvN8F3682k&t=xframe&eu=https%3A%2F%2Fetr34s.org%2Fciti%2F&icid=154818636620831286
Frame ID: 128B39E726D11341CBC33FFF22AFD4E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

72
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

570 kB
Transfer

1689 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citi.com/credit-cards/citi.action
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citi
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/citi
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi&rreg; Private Pass®

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
etr34s.org/citi/ 229 KB
230 KB 178ms
73ms Document
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash: ff9055592f7c4a2646cab47a75489572b95aba8cd972d98d7d84c32a056fa08e

Request headers

Host: etr34s.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found amw.js
etr34s.org/JFP/amw/ 0
0 88ms
29ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/amw/amw.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 331
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jquery-combined.min.js
etr34s.org/CBOL/portal/layout/js/ 0
0 51ms
33ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/CBOL/portal/layout/js/jquery-combined.min.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 361
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfp.branding.js
etr34s.org/JFP/js/widgets/ 0
0 81ms
29ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/widgets/jfp.branding.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 347
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found cssPref.js
etr34s.org/JPS/portal/js/ 0
0 99ms
21ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JPS/portal/js/cssPref.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 341
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfp.widgets.js
etr34s.org/JFP/js/widgets/ 0
0 112ms
31ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/widgets/jfp.widgets.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found SitecatCampaigns.js
etr34s.org/JPS/portal/js/ 0
0 105ms
22ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JPS/portal/js/SitecatCampaigns.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 350
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citi_Common.js
etr34s.org/GFC/common/js/ 0
0 125ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/GFC/common/js/citi_Common.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found JFPNav.js
etr34s.org/JPS/portal/js/ 0
0 129ms
34ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JPS/portal/js/JFPNav.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jquery.autocomplete.js
etr34s.org/JFP/js/jquery/plugins/ 0
0 40ms
33ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/jquery/plugins/jquery.autocomplete.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 361
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found verisign.js
etr34s.org/JRS/js/ 0
0 123ms
24ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/verisign.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 JPPTemp.css
online.citi.com/JFP/css/common/ 245 KB
35 KB 725ms
663ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/css/common/JPPTemp.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 35061
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H2 200 US-Regional.css
online.citi.com/JRS/css/ 48 KB
10 KB 664ms
603ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/US-Regional.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

888682b6f8961bc407df2027baf9ea22da7be5f298d037845c1724f7004c4338

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 9928
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H2 200 branding_main_citi.css
online.citi.com/GFC/branding/css/ 38 KB
7 KB 678ms
617ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main_citi.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

fea2ce318fe3e06af7549e140581f16de9801c39cdb33edbbd4293a505a3eb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Mon, 12 Nov 2018 04:06:58 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 6550
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H2 200 cbol-topNav.css
online.citi.com/CBOL/IAServicing/css/ 34 KB
6 KB 659ms
598ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/IAServicing/css/cbol-topNav.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

22389a966788470a9a70f59ab796c84ecd29daeace4140c54f012a6ee9488ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 02 Oct 2018 05:14:10 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 5426
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H/1.1 404
Not Found mbox.js
etr34s.org/JRS/js/ 0
0 130ms
27ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/mbox.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 331
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 Citi-Enterprise-White.png
online.citi.com/GFC/branding/img/ 1 KB
1 KB 758ms
699ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/Citi-Enterprise-White.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:05 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:04 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1040

GET
H2 200 cbol-smartSearch.css
online.citi.com/NCCS/smartSearch/css/ 8 KB
1 KB 118ms
58ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/NCCS/smartSearch/css/cbol-smartSearch.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:10:30 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:03 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 899
expires: Wed, 23 Jan 2019 01:46:03 GMT

GET
H2 200 search-white.png
online.citi.com/GFC/branding/img/ 429 B
639 B 541ms
541ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/search-white.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:07 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:04 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 429

GET
H2 200 BrowserUpgrade.css
online.citi.com/JPS/portal/css/ 2 KB
991 B 634ms
574ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/css/BrowserUpgrade.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 671
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H/1.1 404
Not Found signon.js
etr34s.org/JSO/js/ 0
0 32ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/signon.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfpm.autocomplete.off.js
etr34s.org/JFP/js/modules/ 0
0 31ms
30ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 356
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 signon_overlay.css
online.citi.com/JRS/css/common/ 3 KB
1 KB 735ms
676ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/common/signon_overlay.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

428bee7b9889e486f7a940078709a1283b91690d65af6afc1853a99649f588fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 874
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H/1.1 404
Not Found new_signon.js
etr34s.org/JRS/js/ 0
0 262ms
261ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/new_signon.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bauble.js
etr34s.org/JRS/cm/js2/ 0
0 33ms
33ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/cm/js2/bauble.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bt_addelivery.js
etr34s.org/JRS/js/ 0
0 36ms
36ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/bt_addelivery.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found adServe2.js
etr34s.org/JRS/js/ 0
0 33ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/adServe2.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 so_lock.gif
online.citi.com/JRS/images/signon/ 197 B
407 B 186ms
185ms Image
image/gif 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/signon/so_lock.gif

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a564f37be2712b675335f2472c980e29bfbff448b5f925a92cd230d285aeb8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:04 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 197

GET
H/1.1 404
Not Found fieldValidation.js
etr34s.org/JFP/js/jquery/plugins/ 0
0 35ms
34ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/jquery/plugins/fieldValidation.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 357
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found SCFormElementReporting.js
etr34s.org/JSO/js/ 0
0 31ms
30ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/SCFormElementReporting.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found signonUnamePwdMyCiti.js
etr34s.org/JSO/js/ 0
0 31ms
30ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/signonUnamePwdMyCiti.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 347
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fp.js
etr34s.org/JSO/js/ 0
0 30ms
30ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/fp.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 pixel.gif
online.citi.com/JRS/images/ 42 B
251 B 193ms
193ms Image
image/gif 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/pixel.gif

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 200 CBNA_441x222_contextual_generic.jpg
online.citi.com/JRS/images/ads/ 10 KB
11 KB 173ms
172ms Image
image/jpeg 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/ads/CBNA_441x222_contextual_generic.jpg

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

eee52f6396c21a450545c7a3956596da8faba552a595616553baa67635a7f57a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:24:53 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 10514

GET
H2 200 cobrowse_overlay.css
online.citi.com/GPS/portal/css/ 7 KB
2 KB 741ms
682ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GPS/portal/css/cobrowse_overlay.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

d636d0f6c2e9c491b04ed9a5f1fb2120da61b3cbbf4caef3f1ae265bd0bfae43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Jun 2018 05:31:28 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 1589
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H2 200 citi-logo-footer.png
online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/ 2 KB
2 KB 192ms
192ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/citi-logo-footer.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1705

GET
H2 200 memberfdic.png
online.citi.com/GFC/branding/responsivebranding/img/ 2 KB
2 KB 197ms
197ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/memberfdic.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:30:23 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 1784

GET
H2 200 EqualHousing.png
online.citi.com/JRS/images/ 416 B
627 B 191ms
190ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/EqualHousing.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:38:37 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 416

GET
H/1.1 200
OK style4.js Show response
paper.citi.com/127893/ 27 KB
13 KB 521ms
107ms XHR
application/x-javascript 54.225.135.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://paper.citi.com/127893/style4.js?r=0.49657350612092244
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.135.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-135-150.compute-1.amazonaws.com
Software: haile /
Resource Hash: 433f02f625f497c5e21f0ef713312c8fec7966df141d12212d58c53437831240

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://etr34s.org/citi/
Origin: https://etr34s.org

Response headers

Pragma: no-cache
Date: Tue, 22 Jan 2019 19:46:04 GMT
Content-Encoding: gzip
Server: haile
transfer-encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: https://etr34s.org
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 404
Not Found SitecatCampaigns.js
etr34s.org/JPS/portal/js/ 0
0 36ms
25ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JPS/portal/js/SitecatCampaigns.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 350
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citi_Common.js
etr34s.org/GFC/common/js/ 0
0 24ms
24ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/GFC/common/js/citi_Common.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found JFPNav.js
etr34s.org/JPS/portal/js/ 0
0 31ms
31ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JPS/portal/js/JFPNav.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jquery.autocomplete.js
etr34s.org/JFP/js/jquery/plugins/ 0
0 33ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/jquery/plugins/jquery.autocomplete.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=84
Content-Length: 361
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found verisign.js
etr34s.org/JRS/js/ 0
0 22ms
22ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/verisign.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 topNavBase.css
online.citi.com/CBOL/IAServicing/css/ 745 KB
71 KB 444ms
444ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/IAServicing/css/topNavBase.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

19ff35516626fde80a6ff464d1dc038f5839f08e18f9e82f4613bc002f605a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 08 May 2018 04:46:52 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:04 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
expires: Wed, 23 Jan 2019 01:46:04 GMT

GET
H2 200 branding.css
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/ 24 KB
5 KB 644ms
644ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

08efa970cb660c1b05eb90856a8295dcf0d42cbdabcef61e2ebb936b28e82d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 4487
expires: Wed, 23 Jan 2019 01:46:05 GMT

GET
H2 200 branding_main.css
online.citi.com/GFC/branding/css/ 110 KB
16 KB 782ms
782ms Stylesheet
text/css 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main.css

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

f01d6dfe7e76d3338980e1cca73c26d13829daecc59ca18344f52170893e878f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 14 Nov 2018 17:31:43 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
cache-control: max-age=21600
content-type: text/css
content-length: 16449
expires: Wed, 23 Jan 2019 01:46:05 GMT

GET
H/1.1 404
Not Found mbox.js
etr34s.org/JRS/js/ 0
0 26ms
25ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/mbox.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 331
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found signon.js
etr34s.org/JSO/js/ 0
0 26ms
26ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/signon.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jfpw.overlay.stripe.bg.png
online.citi.com/JFP/images/widgets/ 152 B
361 B 167ms
166ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JFP/images/widgets/jfpw.overlay.stripe.bg.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

07759a8c16aaf61f4428763c7ea3756d31164933e7c5a6081fe6ab9bc3e5fdba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/JPS/portal/css/BrowserUpgrade.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 152

GET
H2 200 Interstate-Bold.woff
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/ 70 KB
71 KB 543ms
483ms Font
application/octet-stream 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/Interstate-Bold.woff

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css
Origin: https://etr34s.org

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-type: text/plain
access-control-allow-origin: *

GET
H2 200 Interstate-Light.woff
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/ 74 KB
74 KB 556ms
496ms Font
application/octet-stream 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/Interstate-Light.woff

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css
Origin: https://etr34s.org

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-type: text/plain
access-control-allow-origin: *

GET
H/1.1 404
Not Found jfpm.autocomplete.off.js
etr34s.org/JFP/js/modules/ 0
0 31ms
31ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 356
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_signon.js
etr34s.org/JRS/js/ 0
0 32ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/new_signon.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=83
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_signon.js
etr34s.org/JRS/js/ 0
0 34ms
33ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/new_signon.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=82
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_signon.js
etr34s.org/JRS/js/ 0
0 35ms
34ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/new_signon.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=81
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_signon.js
etr34s.org/JRS/js/ 0
0 33ms
33ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/new_signon.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=80
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bauble.js
etr34s.org/JRS/cm/js2/ 0
0 33ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/cm/js2/bauble.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=79
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bt_addelivery.js
etr34s.org/JRS/js/ 0
0 35ms
34ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/bt_addelivery.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=78
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found adServe2.js
etr34s.org/JRS/js/ 0
0 38ms
38ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JRS/js/adServe2.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=77
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfpm.autocomplete.off.js
etr34s.org/JFP/js/modules/ 0
0 33ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=76
Content-Length: 356
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fieldValidation.js
etr34s.org/JFP/js/jquery/plugins/ 0
0 33ms
32ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JFP/js/jquery/plugins/fieldValidation.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=75
Content-Length: 357
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found SCFormElementReporting.js
etr34s.org/JSO/js/ 0
0 26ms
26ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/SCFormElementReporting.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found signonUnamePwdMyCiti.js
etr34s.org/JSO/js/ 0
0 31ms
31ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/signonUnamePwdMyCiti.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 347
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fp.js
etr34s.org/JSO/js/ 0
0 35ms
35ms Script
text/html 192.162.68.32
RMI-FITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://etr34s.org/JSO/js/fp.js
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.162.68.32 Ligné, France, ASN16347 (RMI-FITECH, FR),
Reverse DNS: vps58023.lws-hosting.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: etr34s.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://etr34s.org/citi/
Cookie: JSESSIONID=null
Connection: keep-alive
Cache-Control: no-cache
Referer: https://etr34s.org/citi/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 19:46:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 bg-blue-chat-button.gif
online.citi.com/JRS/images/common/ 119 B
328 B 199ms
197ms Image
image/gif 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/common/bg-blue-chat-button.gif

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

6091dc31b3c03e1a5b401ff2d35e21ae9f76a8630a85aaf4fe8d5cab1c5bb38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/JRS/css/common/signon_overlay.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 119

GET
H2 200 sprite_social_icons.png
online.citi.com/GFC/branding/img/ 358 B
568 B 190ms
188ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/sprite_social_icons.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:10 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 358

GET
H2 200 appStore_1px.png
online.citi.com/GFC/branding/responsivebranding/img/ 3 KB
4 KB 194ms
193ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/appStore_1px.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Thu, 27 Sep 2018 21:19:09 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 3513

GET
H2 200 googlePlay_1px.png
online.citi.com/GFC/branding/responsivebranding/img/ 4 KB
4 KB 176ms
175ms Image
image/png 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/googlePlay_1px.png

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Thu, 27 Sep 2018 21:21:52 GMT
x-akamai-citisite: GTDC
date: Tue, 22 Jan 2019 19:46:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 3900

GET
H2 200 oo_icon_retina.gif
online.citi.com/GFC/branding/olab/images/ 2 KB
2 KB 493ms
492ms Image
image/gif 184.30.212.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/olab/images/oo_icon_retina.gif

Requested by

Host: etr34s.org
URL: https://etr34s.org/citi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.212.163 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-212-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Tue, 22 Jan 2019 19:46:06 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 2204

GET
H/1.1 200
OK /
paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///http... Frame 35FE 0
0 108ms
108ms Document
text/html 54.225.135.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=1&e=https%3A%2F%2Fetr34s.org&LSESSIONID=jLd1o6IZ64QgdyiGKx8g0D0DoPqSpHjZUkyzEXavFtPX08UvN8F3682k&t=xframe&eu=https%3A%2F%2Fetr34s.org%2Fciti%2F&icid=154818636620399065
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.135.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-135-150.compute-1.amazonaws.com
Software: haile /
Resource Hash

Request headers

Host: paper.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://etr34s.org/citi/
Accept-Encoding: gzip, deflate, br
Cookie: AKMTLTSID=2BE6CF25E2EA2F04FDC04BC0211A35F3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://etr34s.org/citi/

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 22 Jan 2019 19:46:06 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Server: haile
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK CWrT.html
paper.citi.com/127893/ Frame 128B 0
0 216ms
108ms Document
text/html 54.225.135.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://paper.citi.com/127893/CWrT.html?si=1&e=https%3A%2F%2Fetr34s.org&LSESSIONID=jLd1o6IZ64QgdyiGKx8g0D0DoPqSpHjZUkyzEXavFtPX08UvN8F3682k&t=xframe&eu=https%3A%2F%2Fetr34s.org%2Fciti%2F&icid=154818636620831286
Requested by: Host: etr34s.org
URL: https://etr34s.org/citi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.135.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-135-150.compute-1.amazonaws.com
Software: haile /
Resource Hash

Request headers

Host: paper.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://etr34s.org/citi/
Accept-Encoding: gzip, deflate, br
Cookie: AKMTLTSID=2BE6CF25E2EA2F04FDC04BC0211A35F3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://etr34s.org/citi/

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 22 Jan 2019 19:46:06 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Server: haile
transfer-encoding: chunked
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			etr34s.org/	1969-12-31 23:59:59	Name: JSESSIONID Value: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

etr34s.org
online.citi.com
paper.citi.com
184.30.212.163
192.162.68.32
54.225.135.150
07759a8c16aaf61f4428763c7ea3756d31164933e7c5a6081fe6ab9bc3e5fdba
08efa970cb660c1b05eb90856a8295dcf0d42cbdabcef61e2ebb936b28e82d36
19ff35516626fde80a6ff464d1dc038f5839f08e18f9e82f4613bc002f605a86
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b
22389a966788470a9a70f59ab796c84ecd29daeace4140c54f012a6ee9488ee9
428bee7b9889e486f7a940078709a1283b91690d65af6afc1853a99649f588fb
433f02f625f497c5e21f0ef713312c8fec7966df141d12212d58c53437831240
522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
6091dc31b3c03e1a5b401ff2d35e21ae9f76a8630a85aaf4fe8d5cab1c5bb38a
6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484
705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
888682b6f8961bc407df2027baf9ea22da7be5f298d037845c1724f7004c4338
9a564f37be2712b675335f2472c980e29bfbff448b5f925a92cd230d285aeb8d
c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e
c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1
d636d0f6c2e9c491b04ed9a5f1fb2120da61b3cbbf4caef3f1ae265bd0bfae43
e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
eee52f6396c21a450545c7a3956596da8faba552a595616553baa67635a7f57a
f01d6dfe7e76d3338980e1cca73c26d13829daecc59ca18344f52170893e878f
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2
fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf
fea2ce318fe3e06af7549e140581f16de9801c39cdb33edbbd4293a505a3eb3b
ff9055592f7c4a2646cab47a75489572b95aba8cd972d98d7d84c32a056fa08e

etr34s.org Open in urlscan Pro 192.162.68.32 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

570 kBTransfer

1689 kBSize

1 Cookies

11 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

etr34s.org Open in urlscan Pro
192.162.68.32 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

570 kB
Transfer

1689 kB
Size

1
Cookies

72 HTTP transactions
0 data transactions