1p02.citibankcom.com Open in urlscan Pro
107.149.163.133 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://1p02.citibankcom.com/
Submission: On May 08 via api (May 8th 2024, 11:40:19 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 107.149.163.133, located in United States and belongs to PEG-SV, US. The main domain is 1p02.citibankcom.com.

This is the only time 1p02.citibankcom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	107.149.163.133 107.149.163.133	54600 (PEG-SV) (PEG-SV)
1	172.67.131.159 172.67.131.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
17	3

14 107.149.163.133 (United States)

ASN54600 (PEG-SV, US)

1p02.citibankcom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.131.159 (United States)

ASN13335 (CLOUDFLARENET, US)

www.zyzhang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	citibankcom.com 1p02.citibankcom.com	121 KB
2	gstatic.com fonts.gstatic.com	46 KB
1	zyzhang.com www.zyzhang.com	5 KB
17	3

	Domain	Requested by
14	1p02.citibankcom.com	1p02.citibankcom.com
2	fonts.gstatic.com	1p02.citibankcom.com
1	www.zyzhang.com	1p02.citibankcom.com
17	3

This site contains links to these domains. Also see Links.

Domain
bbs.shmdc.u1rqkpm.cqstmz.com
www.hed.camlikmezar.com
nzp.vkw9.plgaosu.com
427972.qyqzzo.4pde6n.com
www.4581.tonc0sd.wzshenrun.com
575.q6qo.jiewanchen.com
ij.zhenqitea.com
bbs.2859.qudh93.weiyui.com
wi.wi.sypowers.com
www.tgjvbv.atxob.xwsysc.net

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://1p02.citibankcom.com/
Frame ID: 5A2A12760F43354CAE93768ED5DD9837
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

怀着鬼胎网

Page URL History Show full URLs

http://1p02.citibankcom.com/ HTTP 307
https://1p02.citibankcom.com/ HTTP 307
http://1p02.citibankcom.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

172 kB
Transfer

477 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://bbs.shmdc.u1rqkpm.cqstmz.com/
Title: 金昌天气预报气预报（金昌天气情况）

Search URL Search Domain Scan URL

URL: http://www.hed.camlikmezar.com/
Title: 黄龙县天气预报15天（黄龙县天气预报一周7天）

Search URL Search Domain Scan URL

URL: http://nzp.vkw9.plgaosu.com/
Title: 滁州天气预报30天（滁州天气预报30天准确一个月）

Search URL Search Domain Scan URL

URL: http://427972.qyqzzo.4pde6n.com/
Title: 麻阳天气预报今天（麻阳天气预报一周7天）

Search URL Search Domain Scan URL

URL: http://www.4581.tonc0sd.wzshenrun.com/
Title: 佛山网站优化维护

Search URL Search Domain Scan URL

URL: http://575.q6qo.jiewanchen.com/
Title: 王者荣耀新装备怎么买不了王者荣耀新装备怎么买不了了

Search URL Search Domain Scan URL

URL: http://ij.zhenqitea.com/
Title: 淮南天气预报15天查询30（淮南天气预报15天查询毛集天气预报）

Search URL Search Domain Scan URL

URL: http://bbs.2859.qudh93.weiyui.com/
Title: 鼻翼缩小前后对比照

Search URL Search Domain Scan URL

URL: http://wi.wi.sypowers.com/
Title: 儿童舞蹈兔子舞小学生舞蹈

Search URL Search Domain Scan URL

URL: http://www.tgjvbv.atxob.xwsysc.net/
Title: 包含腰腹吸脂多少钱的词条

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1p02.citibankcom.com/ HTTP 307
https://1p02.citibankcom.com/ HTTP 307
http://1p02.citibankcom.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.zyzhang.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5 HTTP 307
https://www.zyzhang.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1p02.citibankcom.com/
Redirect Chain

http://1p02.citibankcom.com/
https://1p02.citibankcom.com/
http://1p02.citibankcom.com/

41 KB
13 KB

331ms
331ms

Document
text/html

107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: ab1e69447606ed270800b8e29163bcbf6a85187c8ecc0f2e49ee9191e346267a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 08 May 2024 23:40:14 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Location: http://1p02.citibankcom.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK style.min.css
1p02.citibankcom.com/template/news/boke054/style/css/ 53 KB
10 KB 329ms
171ms Stylesheet
text/css 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/css/style.min.css
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 08:53:26 GMT
Server: nginx
ETag: W/"61011b06-d296"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK style.css
1p02.citibankcom.com/template/news/boke054/style/css/ 48 KB
13 KB 331ms
172ms Stylesheet
text/css 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/css/style.css
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: b226327b660d185fb2ab151320add3d519588271df2eababba9de2e9184e0d2a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 08:53:26 GMT
Server: nginx
ETag: W/"61011b06-c167"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK e4c191cbd5764508a8fa2c9c9d40c4e4.css
1p02.citibankcom.com/template/news/boke054/style/css/ 355 B
655 B 328ms
168ms Stylesheet
text/css 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/css/e4c191cbd5764508a8fa2c9c9d40c4e4.css
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ab2b6c9780468bec48c8f2fc62598f2b23775d53e3a7b2cf0e7c25900fce8c3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Last-Modified: Wed, 28 Jul 2021 08:53:26 GMT
Server: nginx
ETag: "61011b06-163"
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 355
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK jetpack.css
1p02.citibankcom.com/template/news/boke054/style/css/ 75 KB
17 KB 335ms
163ms Stylesheet
text/css 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/css/jetpack.css
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dbd260a1abeae4303bc2cc01c60c7983fd39c95bb0116a205d59f6b5432a01a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 08:53:26 GMT
Server: nginx
ETag: W/"61011b06-12bf3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK jquery.js Show response
1p02.citibankcom.com/template/news/boke054/style/js/ 95 KB
37 KB 344ms
172ms Script
application/javascript 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/js/jquery.js
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 08:53:28 GMT
Server: nginx
ETag: W/"61011b08-17a69"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK customscripts.js Show response
1p02.citibankcom.com/template/news/boke054/style/js/ 4 KB
1 KB 337ms
165ms Script
application/javascript 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/js/customscripts.js
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: a700294ce30eb3113baac11f5548928a2d87e310f4dfe4fdc96c4664a43085f0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 08:53:28 GMT
Server: nginx
ETag: W/"61011b08-e98"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H3

200

wp-emoji-release.min.js Show response
www.zyzhang.com/wp-includes/js/
Redirect Chain

http://www.zyzhang.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
https://www.zyzhang.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5

18 KB
5 KB

54ms
28ms

Script
application/javascript

172.67.131.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zyzhang.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: H3
Server: 172.67.131.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 23:40:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 16:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34728
etag: W/"6627e626-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87TZEpGCF%2FBqNazt%2Bk2PFPXfaNLhB9Q8lsrniMrOW18N7DtP0U4hjE4iC9D0kHIjYDalUxWxQrIco7MKkcfd2QAjAq6EbSOBvwK8KQ9Zxlktctmic0MUguIEcxwrqKxrlc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 880d4b36ac741997-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 09 May 2024 02:01:27 GMT

Redirect headers

Location: https://www.zyzhang.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK photon.min.js Show response
1p02.citibankcom.com/template/news/boke054/style/js/ 758 B
1 KB 356ms
164ms Script
application/javascript 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/js/photon.min.js
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Last-Modified: Wed, 28 Jul 2021 08:53:28 GMT
Server: nginx
ETag: "61011b08-2f6"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
1p02.citibankcom.com/template/news/boke054/style/js/ 1 KB
1 KB 357ms
165ms Script
application/javascript 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/js/wp-embed.min.js
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 08:53:28 GMT
Server: nginx
ETag: W/"61011b08-592"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK e-202130.js Show response
1p02.citibankcom.com/template/news/boke054/style/js/ 9 KB
3 KB 172ms
171ms Script
application/javascript 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/js/e-202130.js
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 08:53:28 GMT
Server: nginx
ETag: W/"61011b08-230c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Thu, 09 May 2024 11:40:15 GMT

GET
H/1.1 200
OK TK3gWkYFABsmjsLaGw8Ene8.ttf
fonts.gstatic.com/s/monda/v11/ 41 KB
23 KB 63ms
12ms Font
font/ttf 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/monda/v11/TK3gWkYFABsmjsLaGw8Ene8.ttf

Requested by

Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/template/news/boke054/style/css/e4c191cbd5764508a8fa2c9c9d40c4e4.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f9da22c594a9f5a6d19f0cd07838919f848ae4d0e453b0aacb60f6573fc32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1p02.citibankcom.com/
Origin: http://1p02.citibankcom.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 10:13:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 48433
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23182
X-XSS-Protection: 0
Last-Modified: Thu, 08 Apr 2021 20:11:09 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Vary: Accept-Encoding
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 08 May 2025 10:13:02 GMT

GET
H/1.1 200
OK ribbon-lite.woff2
1p02.citibankcom.com/template/news/boke054/style/css/fonts/ 24 KB
9 KB 272ms
259ms Font
text/html 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/css/fonts/ribbon-lite.woff2
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/template/news/boke054/style/css/style.css
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 153b2cb8e99011fa78040128e51e473fcfd755dd733652ebb19981e94df3f012

Request headers

Referer: http://1p02.citibankcom.com/template/news/boke054/style/css/style.css
Origin: http://1p02.citibankcom.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK TK3tWkYFABsmjsphPh8.ttf
fonts.gstatic.com/s/monda/v11/ 38 KB
23 KB 77ms
26ms Font
font/ttf 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/monda/v11/TK3tWkYFABsmjsphPh8.ttf

Requested by

Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/template/news/boke054/style/css/e4c191cbd5764508a8fa2c9c9d40c4e4.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918589b482f046c9f1eb8a6bcf09a6589d18e8b6e481c6591fa6845f045cac95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1p02.citibankcom.com/
Origin: http://1p02.citibankcom.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 22591
X-XSS-Protection: 0
Last-Modified: Thu, 08 Apr 2021 20:11:39 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Vary: Accept-Encoding
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 08 May 2025 23:40:15 GMT

GET
H/1.1 200
OK ribbon-lite.woff
1p02.citibankcom.com/template/news/boke054/style/css/fonts/ 24 KB
10 KB 254ms
254ms Font
text/html 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/css/fonts/ribbon-lite.woff
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/template/news/boke054/style/css/style.css
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 106d1638f8f2a861a0aba0eecbe08f2bf1bb390e139d594cdcff6ed4574211a1

Request headers

Referer: http://1p02.citibankcom.com/template/news/boke054/style/css/style.css
Origin: http://1p02.citibankcom.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 404
Not Found ribbon-lite.ttf
1p02.citibankcom.com/template/news/boke054/style/css/fonts/ 0
0 241ms
239ms Font
text/html 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/template/news/boke054/style/css/fonts/ribbon-lite.ttf
Requested by: Host: 1p02.citibankcom.com
URL: http://1p02.citibankcom.com/template/news/boke054/style/css/style.css
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://1p02.citibankcom.com/template/news/boke054/style/css/style.css
Origin: http://1p02.citibankcom.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK favicon.ico
1p02.citibankcom.com/ 5 KB
5 KB 158ms
157ms Other
image/x-icon 107.149.163.133
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: http://1p02.citibankcom.com/favicon.ico
Protocol: HTTP/1.1
Server: 107.149.163.133 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de73d44a795601eaf9e0929408a25c3f72694699c4a845c45ee0d12030b9112

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://1p02.citibankcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 08 May 2024 23:40:16 GMT
Last-Modified: Fri, 16 Feb 2024 02:59:06 GMT
Server: nginx
ETag: "65cecf7a-13a1"
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5025

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://1p02.citibankcom.com/ Message: Failed to decode downloaded font: http://1p02.citibankcom.com/template/news/boke054/style/css/fonts/ribbon-lite.woff2
other	warning	URL: http://1p02.citibankcom.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://1p02.citibankcom.com/ Message: Failed to decode downloaded font: http://1p02.citibankcom.com/template/news/boke054/style/css/fonts/ribbon-lite.woff
other	warning	URL: http://1p02.citibankcom.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
network	error	URL: http://1p02.citibankcom.com/template/news/boke054/style/css/fonts/ribbon-lite.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1p02.citibankcom.com
fonts.gstatic.com
www.zyzhang.com
107.149.163.133
172.67.131.159
2a00:1450:4001:812::2003
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
106d1638f8f2a861a0aba0eecbe08f2bf1bb390e139d594cdcff6ed4574211a1
153b2cb8e99011fa78040128e51e473fcfd755dd733652ebb19981e94df3f012
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2de73d44a795601eaf9e0929408a25c3f72694699c4a845c45ee0d12030b9112
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5ab2b6c9780468bec48c8f2fc62598f2b23775d53e3a7b2cf0e7c25900fce8c3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8dbd260a1abeae4303bc2cc01c60c7983fd39c95bb0116a205d59f6b5432a01a
918589b482f046c9f1eb8a6bcf09a6589d18e8b6e481c6591fa6845f045cac95
92f9da22c594a9f5a6d19f0cd07838919f848ae4d0e453b0aacb60f6573fc32e
a700294ce30eb3113baac11f5548928a2d87e310f4dfe4fdc96c4664a43085f0
ab1e69447606ed270800b8e29163bcbf6a85187c8ecc0f2e49ee9191e346267a
b226327b660d185fb2ab151320add3d519588271df2eababba9de2e9184e0d2a
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

1p02.citibankcom.com Open in urlscan Pro 107.149.163.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

172 kBTransfer

477 kBSize

0 Cookies

10 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

1p02.citibankcom.com Open in urlscan Pro
107.149.163.133 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

172 kB
Transfer

477 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions