www.citi.com Open in urlscan Pro
23.212.222.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Fn...
Effective URL:
https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y
Submission: On January 18 via manual (January 18th 2024, 6:02:52 pm UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 23.212.222.130, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.citi.com. The Cisco Umbrella rank of the primary domain is 26362.
TLS certificate: Issued by DigiCert EV RSA CA G2 on November 7th 2023. Valid for: a year.

This is the only time www.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	173.213.4.17 173.213.4.17	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	63.148.46.76 63.148.46.76	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1 1	104.102.43.113 104.102.43.113	16625 (AKAMAI-AS) (AKAMAI-AS)
17	23.212.222.130 23.212.222.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:480... 2a02:26f0:480:d::210:f160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
31	6

2 173.213.4.17 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)

fm.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.148.46.76 (Royalton, United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com

sts.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.43.113 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-43-113.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.212.222.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-222-130.deploy.static.akamaitechnologies.com

www.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:d::210:f160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p11.techlab-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	citi.com 1 redirects fm.info6.citi.com — Cisco Umbrella Rank: 290661 l.info6.citi.com — Cisco Umbrella Rank: 103654 online.citi.com — Cisco Umbrella Rank: 20873 www.citi.com — Cisco Umbrella Rank: 26362	2 MB
4	techlab-cdn.com p11.techlab-cdn.com — Cisco Umbrella Rank: 3589	59 KB
3	eccmp.com sts.eccmp.com — Cisco Umbrella Rank: 22875	17 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	30 KB
31	4

	Domain	Requested by
17	www.citi.com	fm.info6.citi.com www.citi.com
4	p11.techlab-cdn.com	www.citi.com
3	sts.eccmp.com	fm.info6.citi.com sts.eccmp.com
1	online.citi.com	1 redirects
1	l.info6.citi.com	fm.info6.citi.com
1	ajax.googleapis.com	fm.info6.citi.com
1	fm.info6.citi.com
31	7

This site contains no links.

Subject Issuer	Validity	Valid
info6.citi.com DigiCert EV RSA CA G2	`2023-11-29` - `2024-12-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-24` - `2024-06-09`	a year	crt.sh
www.citi.com DigiCert EV RSA CA G2	`2023-11-07` - `2024-12-05`	a year	crt.sh
p11.techlab-cdn.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y
Frame ID: 6D3B0A7C383C860B2D992B684C7FCEFB
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%... Page URL
https://online.citi.com/US/JRS/infrastructure/newretarget.do?next_page=jfp|dashboard&app_store=Y HTTP 301
https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

87 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1750 kB
Transfer

7579 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Fnewretarget.do%3Fnext_page%3Djfp%7Cdashboard%26app_store%3DY%26enid%3DT114174238414332T0114170243842414336&linkName=CT_Bal_Dashboard&transId=C2024011700687726 Page URL
https://online.citi.com/US/JRS/infrastructure/newretarget.do?next_page=jfp|dashboard&app_store=Y HTTP 301
https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK url.aspx Show response
fm.info6.citi.com/ats/ 16 KB
5 KB 996ms
443ms Document
text/html 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Fnewretarget.do%3Fnext_page%3Djfp%7Cdashboard%26app_store%3DY%26enid%3DT114174238414332T0114170243842414336&linkName=CT_Bal_Dashboard&transId=C2024011700687726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: bde440af352dd7a654d734bb030f32a058e1345b0a4620448f80f74a53f64d01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4910
Content-Type: text/html; charset=utf-8
Date: Thu, 18 Jan 2024 18:02:47 GMT
Expires: 0
Pragma: no-cache
SERVER
Vary: Accept-Encoding
X-Powered-By

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Fnewretarget.do%3Fnext_page%3Djfp%7Cdashboard%26app_store%3DY%26enid%3DT114174238414332T0114170243842414336&linkName=CT_Bal_Dashboard&transId=C2024011700687726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 17:43:35 GMT

GET
H/1.1 200
OK open.aspx
l.info6.citi.com/rts/ 43 B
432 B 650ms
114ms Image
image/gif 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.info6.citi.com/rts/open.aspx?tp=i-16IJ-9x-EU-9xVVpj-1x-1CS0H3-1c-U2-G-l9vssMYRYJ-1Y1ANi
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Fnewretarget.do%3Fnext_page%3Djfp%7Cdashboard%26app_store%3DY%26enid%3DT114174238414332T0114170243842414336&linkName=CT_Bal_Dashboard&transId=C2024011700687726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 18:02:47 GMT
Server
X-Powered-By
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, max-age=0
Expires: 0

GET
H/1.1 200
OK conversen-SDK.js Show response
sts.eccmp.com/sts/scripts/ 15 KB
15 KB 581ms
224ms Script
application/javascript 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Fnewretarget.do%3Fnext_page%3Djfp%7Cdashboard%26app_store%3DY%26enid%3DT114174238414332T0114170243842414336&linkName=CT_Bal_Dashboard&transId=C2024011700687726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:02:48 GMT
Last-Modified: Wed, 15 Nov 2023 17:16:38 GMT
Server
Age: 487
ETag: "01f57ee717da1:0"
X-Powered-By
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15567

GET
H/1.1 200
OK 617 Show response
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 35 B
426 B 451ms
114ms XHR
text/xml 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/617
Requested by: Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:02:48 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 35

GET
H/1.1 200
OK image.gif
sts.eccmp.com/wts/WebEvent/ 807 B
1 KB 127ms
127ms Image
image/gif 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sts.eccmp.com/wts/WebEvent/image.gif?isSplit=false&guid=5db04396-498f-c9d7-c5a8-3633ab342ff0&segmentNumber=1&pm[linkName]=CT_Bal_Dashboard&pm[transId]=C2024011700687726&rp[cr]=617&rp[wegc]=&rp[et]=100&rp[ap]=&rp[we]=7
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Fnewretarget.do%3Fnext_page%3Djfp%7Cdashboard%26app_store%3DY%26enid%3DT114174238414332T0114170243842414336&linkName=CT_Bal_Dashboard&transId=C2024011700687726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:02:48 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: private
Content-Length: 807

GET
H/1.1

200
OK

Primary Request login Show response
www.citi.com/
Redirect Chain

https://online.citi.com/US/JRS/infrastructure/newretarget.do?next_page=jfp|dashboard&app_store=Y
https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

222 KB
45 KB

521ms
327ms

Document
text/html

23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c50f72a1fce769b6614580c4b383d2e80da4854146a62c3ef9b6d63b5dd2fc66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://fm.info6.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Max-Age: 2147483647
Cache-Control: no-cache, no-store
Connection: keep-alive Transfer-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Content-Type: text/html; charset=utf-8
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: SW1DMS
ETag: W/"3748e-ULnJeJ3/44+OMHhlsn/zZqG2OPk"
Expires: Thu, 18 Jan 2024 18:02:50 GMT
Nonce: 7518349636111113
Pragma: no-cache
Referrer-Policy: no-referrer
Scope: VISITOR
Server: nginx
Sid: 40fa6f2a-8d04-4bdd-9350-61346399b2d5
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Uuid: 9751266a-2129-4213-bcd7-a8550d062e6c
Vary: Accept-Encoding
X-Akamai-CITISITE: SWDC
X-Akamai-Transformed: 9 44164 0 pmb=mTOE,1
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: d8aadd8b-dca6-4670-5e33-b01225e93772
X-Xss-Protection: 1 ; mode=block
x-robots-tag: noindex, nofollow

Redirect headers

content-length: 0
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
date: Thu, 18 Jan 2024 18:02:49 GMT
location: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y
server: AkamaiGHost
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-robots-tag: noindex, nofollow
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK e049bcce96a1555bf6f96086ea852669dd0011213c3f Show response
www.citi.com/public/ 157 KB
56 KB 172ms
94ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/public/e049bcce96a1555bf6f96086ea852669dd0011213c3f
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: de30ce055c48c5670e01861f4525298275f6abe9cefe4a05f169bcf8d33ddff0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:02:50 GMT
Content-Encoding: gzip
Content-MD5: GbwImYBOBMTnX/aJhgaO3w==
Connection: keep-alive
Content-Length: 56220
Last-Modified: Thu, 28 Sep 2023 19:53:45 GMT
ETag: 0x8DBC05C9FCF492B
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Thu, 18 Jan 2024 18:12:50 GMT

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 1 KB
1 KB 228ms
151ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a274f12ba729e52f354a90821a33a82ecdbcf1bf37b1fd46bda217afe6404fff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 18:02:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: Prod
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 739
Expires: 0

GET
H/1.1 200
OK tagging.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 44 KB
11 KB 126ms
49ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/tagging.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

85a286bded9867e26f27bd9d3ca7c48bd3a7f36f943b895f4b314eb578b0d55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 10600
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"b1a8-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 8b7b99b0-4f02-45ac-67e9-ef0ad7be2bae
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 19 Jan 2024 00:02:50 GMT

GET
H/1.1 200
OK banner.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 14 KB
5 KB 127ms
50ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7488dc7d3069df17fcfd2e2bca49acb9a71de8ded2c0a9bb35a9c4d3e42cb5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 4515
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"3889-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 4631b907-f7c1-4c3d-472a-5a50c6b07dc0
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 19 Jan 2024 00:02:50 GMT

GET
H/1.1 200
OK Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 74 KB
75 KB 128ms
50ms Font
font/woff 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Sid: b3cf3454-1e58-4893-99b6-25c662018501
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 1838222335155461
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Uuid: 563aa8d7-ed72-47cc-a67c-0c9e798dcf3c
Connection: keep-alive
Content-Length: 75538
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"12712-18b9dea2610"
Access-Control-Max-Age: 2147483647
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: be4233cc-b364-4892-7eec-27b5d5978460
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Expires: Fri, 19 Jan 2024 00:02:50 GMT

GET
H/1.1 200
OK Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 70 KB
71 KB 185ms
56ms Font
font/woff 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Sid: 239f6fb0-2552-4989-bb11-f0c59b988fac
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 2538879610966184
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Uuid: 21a12c00-99d6-4654-ade3-d5fcdb467216
Connection: keep-alive
Content-Length: 71874
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"118c2-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: fd5a2d63-b4bc-4fbb-58f5-7119cadc3b74
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Fri, 19 Jan 2024 00:02:50 GMT

GET
H/1.1 200
OK Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 77 KB
78 KB 197ms
68ms Font
font/woff 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Sid: 27d9d765-ba70-44f0-b909-a392ec444fac
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 2431638216875203
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Uuid: 29345a3a-a787-402e-8bd7-7e15b6c08757
Connection: keep-alive
Content-Length: 78762
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"133aa-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: bcdd9911-d09f-4efd-5d2e-f35e2b726683
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Fri, 19 Jan 2024 00:02:50 GMT

GET
H/1.1 200
OK styles.ca7d1c12fdaf8552.css
www.citi.com/cbol-pre-login-static-assets/ 2 MB
191 KB 107ms
63ms Stylesheet
text/css 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/styles.ca7d1c12fdaf8552.css

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

095535eb9b22a8e72b3b6c50a557ac3d6ed67c7ff0ff3e646b214b46b21a59d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 194607
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:19:06 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"2367de-18b9deb9d10"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 54d0a143-0878-4860-7bca-fef01b0a3323
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 16 Feb 2024 08:24:58 GMT

GET
H/1.1 200
OK tmxobfwc-clientlib-v4.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 2 KB
2 KB 237ms
49ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/tmxobfwc-clientlib-v4.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bf6b0ddbb32544fe9613e37923dbdffeb99c4349ce7f5d6c4799fde2f862bd37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 956
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"972-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 0a280f01-9e31-44e9-71fe-2efd28b4363d
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 19 Jan 2024 00:02:50 GMT

GET
H/1.1 200
OK fp.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 19 KB
6 KB 50ms
50ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 4844
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:29 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"4de4-18b9dea2228"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 82358782-ea78-495a-6766-10662c1d29b8
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 19 Jan 2024 00:02:50 GMT

GET
H/1.1 200
OK runtime.ac5dfd0d026c2737.js Show response
www.citi.com/cbol-pre-login-static-assets/ 3 KB
3 KB 221ms
50ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/runtime.ac5dfd0d026c2737.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

825546d1f93842a0a74ce5533d43a2d0f4826734833adcabef2acb099df02809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 1757
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"d22-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: 4bd6bd7f-f208-4aaa-7071-686b5b38e87c
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Fri, 16 Feb 2024 15:21:16 GMT

GET
H/1.1 200
OK polyfills.adb80ee790195eb1.js Show response
www.citi.com/cbol-pre-login-static-assets/ 48 KB
17 KB 239ms
52ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/polyfills.adb80ee790195eb1.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 16650
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"be3d-18b9dea2610"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: 75a2e51a-54a4-452b-6e7c-b73e869d7b8c
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Fri, 16 Feb 2024 14:23:34 GMT

GET
H/1.1 200
OK scripts.cc636ec5cfe3cbe4.js Show response
www.citi.com/cbol-pre-login-static-assets/ 51 KB
15 KB 66ms
66ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/scripts.cc636ec5cfe3cbe4.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f78ea2382be0bfe8c2909ded2f1c9ad7b60a2e797982ef57544431fd0fe0c383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 14683
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:17:30 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"cd7e-18b9dea2610"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 169889bd-f40f-46f8-6037-88bc845d7ef6
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 16 Feb 2024 14:23:35 GMT

GET
H/1.1 200
OK main.cb78aa264f241ccb.js Show response
www.citi.com/cbol-pre-login-static-assets/ 4 MB
803 KB 277ms
89ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/main.cb78aa264f241ccb.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-222-130.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

095e3f79d57e64a4c87659b5b7d864df05b07ccdba432a32081d8c20e5d87564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 18 Jan 2024 18:02:50 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 821165
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 05 Nov 2023 05:19:06 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"3a8875-18b9deb9d10"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: 05b05701-fecb-4eab-7d20-d7462f952eef
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Fri, 16 Feb 2024 08:25:00 GMT

GET
H/1.1 200
OK bJwEB Show response
www.citi.com/M-iO/4_Cc/7a9/4bO/W4Tg/cuuEmXbpJw/SjEQAg/QFI5Ewh/ 215 KB
81 KB 265ms
70ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/M-iO/4_Cc/7a9/4bO/W4Tg/cuuEmXbpJw/SjEQAg/QFI5Ewh/bJwEB
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|dashboard&app_store=Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f1c4322ca7cec46bb7729dccc9b2a7544be8cc6da77b59731807cdfb936770c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:02:50 GMT
Content-Encoding: br
Last-Modified: Wed, 02 Aug 2023 16:13:23 GMT
ETag: "847e9eb0c2aa602fdeb05a53243d9ead2556b01a549758f95361f3ed5ae3cfaa"
Stored-Attribute-Sha-Checksum: 8f1c4322ca7cec46bb7729dccc9b2a7544be8cc6da77b59731807cdfb936770c
Content-Type: application/javascript
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=21600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 81697

GET
H2 200 65319_1825202461.js Show response
p11.techlab-cdn.com/e/ 54 KB
18 KB 189ms
46ms Fetch
application/javascript 2a02:26f0:480:d::210:f160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65319_1825202461.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/e049bcce96a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:02:50 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 14:24:26 GMT
content-md5: TBz6CQ/Qf16sF8+q5U3Ixg==
etag: "0x8DA7C6E5C88AF92"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
content-length: 18223
expires: Thu, 18 Jan 2024 18:12:50 GMT

GET
H2 200 65257_1825232097.js Show response
p11.techlab-cdn.com/e/ 14 KB
6 KB 187ms
45ms Fetch
application/javascript 2a02:26f0:480:d::210:f160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/e049bcce96a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:02:50 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 12:38:55 GMT
content-md5: 7rdGFe+/Y2zHt4sXxqkzxw==
etag: 0x8DAD39902829531
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 6061
expires: Thu, 18 Jan 2024 18:12:50 GMT

GET
H2 200 64885_1825202523.js Show response
p11.techlab-cdn.com/e/ 3 KB
2 KB 262ms
120ms Fetch
application/javascript 2a02:26f0:480:d::210:f160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/e049bcce96a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:02:50 GMT
content-encoding: gzip
last-modified: Sun, 24 Apr 2022 12:00:07 GMT
content-md5: DnvBZTKTbXGPNtxH2P6zMg==
etag: "0x8DA25E9F9A41165"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1470
expires: Thu, 18 Jan 2024 18:12:50 GMT

GET
H2 200 65226_1825232128.js Show response
p11.techlab-cdn.com/e/ 70 KB
33 KB 228ms
86ms Fetch
application/javascript 2a02:26f0:480:d::210:f160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65226_1825232128.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/e049bcce96a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:02:50 GMT
content-encoding: gzip
last-modified: Thu, 06 Jul 2023 07:07:50 GMT
content-md5: sYBscgCVtSaJQGvZdsVDxw==
etag: 0x8DB7DEFB5BB50C7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 32997
expires: Thu, 18 Jan 2024 18:12:50 GMT

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 314 KB
179 KB 853ms
853ms Script
application/javascript 23.212.222.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AADVuh2NAQAAAN9yCLaIXih6orxOBSOYKgroJrERVXGt2g4oFqNKNpYGkXmr&X-soz9htCz--z=q
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/e049bcce96a1555bf6f96086ea852669dd0011213c3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.222.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-130.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34b42d41b37ad335e980b17f252b2163e2c0edd217d84fd1e59ce7ad6d53e84f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:02:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: Prod
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: public, max-age=3600, immutable
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding

GET e049bcce96a1555bf6f96086ea852669dd0011213c3f
www.citi.com/public/ 0
0

POST bJwEB
www.citi.com/M-iO/4_Cc/7a9/4bO/W4Tg/cuuEmXbpJw/SjEQAg/QFI5Ewh/ 0
0

GET citiredesign.svg
www.citi.com/CBOL/IA/Angular/assets/ 0
0

GET Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.citi.com
URL: https://www.citi.com/public/e049bcce96a1555bf6f96086ea852669dd0011213c3f

Domain: www.citi.com
URL: https://www.citi.com/M-iO/4_Cc/7a9/4bO/W4Tg/cuuEmXbpJw/SjEQAg/QFI5Ewh/bJwEB

Domain: www.citi.com
URL: https://www.citi.com/CBOL/IA/Angular/assets/citiredesign.svg

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fm.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1061623818.47873.0000
l.info6.citi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: y0wn0v5b40kyg3livgnv0xtt
l.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1061623818.47873.0000
.citi.com/	1970-01-20 17:56:45	Name: xyz_cr_617_et_100 Value: cr=617&wegc=&et=100&ap=&we=7
.citi.com/	1969-12-31 23:59:59	Name: AKMTLTSID Value: EB1D8C1668E72BE9376117B979A8A4E6
.citi.com/	1970-01-20 17:46:55	Name: bm_sz Value: 088936219A4F1292250B84E15028CD03~YAAQhPAQAvyDcxKNAQAAemy9HRaOC7cmlevkuy2xRqMos8qJYZFHIkg1QDfR6jf7Qr+7HBosDPk0HB8byCHZ7fvh1xAPrXltPhXf8yRtuQDTf3OGpykLHRO2QeoTxmA3nvg0mGYfJvhwzaN2vk3E64zybtQLWMA2n/FJ+bSQRmCDFgZvAgavvmEtqNrqcDsXpHDHLi92wtov1Isg9z0v41Llpi4ewGdCVAZsKA2MxyHagyiud7JF+iJnyaPd2hmNfGTUlaX2mgjRGixTKPIIBeZx2X9rzO4UiEzupSYVuJYTAXbaJqKWHsezbzKSlWPv3ImgAWmn67d+Kw==~4600889~3421495
.citi.com/	1970-01-20 17:46:48	Name: ak_bmsc Value: 4F5CBE6FACFDF52A8798E7CB1D29BB70~000000000000000000000000000000~YAAQvuIlF17R6e6MAQAAgW69HRawVtgeC0kiSpc+gcwNBGq3AaDwzCNaSztPmQweQ39+gHPy089W1QhNOojhYwmDLdzeMZvxpN+H5VqD51dtwe7fC+CLXJGQtgYpostwMiKWfm//V9qUsbYXVT4mRb5MzEKLP+KR52pOZFYXs/adHdZE/lC5O/1YXMAWfVQJd6uXNAbG1JrlQo5pBrRknpT9ydhpI8UKPH3Khdkz6bRhuUO8dasnAARASWGtswONqc+KclYJEv11+/Uk/BU0Q89rW5HJRKIb9XfbNw6ES+KL5gvmFaLMpCgxEsngKNQZgGrVuNQxlFe9UBNMCwTtpOz2ATi6mrxvXKx6Zo1EZCCRCQXxiage0FT9a1fK
.citi.com/	1970-01-21 03:22:40	Name: NMO5iv8Z Value: AzlvvR2NAQAAg1u0c9UH22Kjp0mvfkNVWq7zD-bKIOWsgebmM1JWq59NXS9NAVD_B2iucuKDwH8AAEB3AAAAAA\|1\|0\|1a1965b930cd003f6a6aa3c7fe0312fc1ac9b2d1
.citi.com/	1970-01-21 02:32:16	Name: _abck Value: 4E882059397335AA1AE83AB748473CD5~-1~YAAQvuIlF3rR6e6MAQAAvW+9HQuC937EYIz2vAxD3tZ9NI+EJDn0+xyGxq1oWUmnXxMEZtWPJThdlBvNCVg1OnQm9pXj60TRZWmRiiYtgDIEMDfN3eXzSOfcTrKPEx8qGMTc+pStQ88JCSlnc5Y9l3EgQWyCQ7rPUt+29k0wGHp998tbggxVL7UV11ihM9iGjH8i/9Yd4s7SyALuHeUBRNr7E5oqVFEriGJjjKQmxl8KtPWRyIPWBvIcRJ4Ng8WpCogXBv+A7kMCLkQis0uVqIlcHvNfg6i9bLJUvdMDxzVq3uflRwx43LdKNW/13obleBK0ZpYR9SmwgyapHfSswNBbjl/CiKJWwHaeQPGQXgrT1X1VhC1KOyv+J/vpQNWbwEYZL1BoWRc=~-1~-1~-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fm.info6.citi.com
l.info6.citi.com
online.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
www.citi.com
104.102.43.113
173.213.4.17
23.212.222.130
2a00:1450:4001:827::200a
2a02:26f0:480:d::210:f160
63.148.46.76
02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
095535eb9b22a8e72b3b6c50a557ac3d6ed67c7ff0ff3e646b214b46b21a59d4
095e3f79d57e64a4c87659b5b7d864df05b07ccdba432a32081d8c20e5d87564
34b42d41b37ad335e980b17f252b2163e2c0edd217d84fd1e59ce7ad6d53e84f
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3
7488dc7d3069df17fcfd2e2bca49acb9a71de8ded2c0a9bb35a9c4d3e42cb5d0
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
825546d1f93842a0a74ce5533d43a2d0f4826734833adcabef2acb099df02809
85a286bded9867e26f27bd9d3ca7c48bd3a7f36f943b895f4b314eb578b0d55a
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8f1c4322ca7cec46bb7729dccc9b2a7544be8cc6da77b59731807cdfb936770c
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
a274f12ba729e52f354a90821a33a82ecdbcf1bf37b1fd46bda217afe6404fff
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bde440af352dd7a654d734bb030f32a058e1345b0a4620448f80f74a53f64d01
bf6b0ddbb32544fe9613e37923dbdffeb99c4349ce7f5d6c4799fde2f862bd37
bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411
c50f72a1fce769b6614580c4b383d2e80da4854146a62c3ef9b6d63b5dd2fc66
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
de30ce055c48c5670e01861f4525298275f6abe9cefe4a05f169bcf8d33ddff0
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f78ea2382be0bfe8c2909ded2f1c9ad7b60a2e797982ef57544431fd0fe0c383

www.citi.com Open in urlscan Pro 23.212.222.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

87 %HTTPS

33 %IPv6

4 Domains

7 Subdomains

6 IPs

2 Countries

1750 kBTransfer

7579 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

www.citi.com Open in urlscan Pro
23.212.222.130 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

87 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1750 kB
Transfer

7579 kB
Size

9
Cookies

31 HTTP transactions
0 data transactions