urlscan.io logo urlscan.io
SecurityTrails logo

uat.citigroup.com Open in urlscan Pro
2.16.186.242  Public Scan

Go To Rescan Add Verdict Report
URL: https://uat.citigroup.com/citi/
Submission Tags: @phishunt_io
Submission: On May 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 45 HTTP transactions. The main IP is 2.16.186.242, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is uat.citigroup.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 17th 2021. Valid for: a year.
This is the only time uat.citigroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2.16.186.242 20940 (AKAMAI-ASN1)
10 18.197.253.20 16509 (AMAZON-02)
1 4 52.49.145.37 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 96.16.135.39 16625 (AKAMAI-AS)
2 54.77.200.211 16509 (AMAZON-02)
1 13.36.218.177 16509 (AMAZON-02)
1 1 34.248.32.199 16509 (AMAZON-02)
1 193.0.160.128 54312 (ROCKETFUEL)
1 2a00:1450:400... ()
45 11
15    2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com
uat.citigroup.com
10    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
4    52.49.145.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-145-37.eu-west-1.compute.amazonaws.com
dpm.demdex.net
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:224a:7200:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
1    96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com
tags.bkrtx.com
2    54.77.200.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
citi.demdex.net
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
metrics1.citi.com
1    34.248.32.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
20766699p.rfihub.com
1    2a00:1450:4001:828::200e (None, )

ASN- ()
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
15 citigroup.com
uat.citigroup.com
111 KB
10 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2929
120 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
citi.demdex.net — Cisco Umbrella Rank: 42716
11 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
189 KB
1 google-analytics.com
www.google-analytics.com
17 KB
1 rfihub.com
20766699p.rfihub.com — Cisco Umbrella Rank: 41152
705 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1058
517 B
1 citi.com
metrics1.citi.com — Cisco Umbrella Rank: 25448
676 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3167
16 KB
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5230
6 KB
0 adobedtm.com Failed
assets.adobedtm.com Failed
45 11
Domain Requested by
15 uat.citigroup.com 1 redirects uat.citigroup.com
10 nexus.ensighten.com uat.citigroup.com
nexus.ensighten.com
5 www.googletagmanager.com nexus.ensighten.com
www.googletagmanager.com
uat.citigroup.com
4 dpm.demdex.net 1 redirects uat.citigroup.com
nexus.ensighten.com
2 citi.demdex.net nexus.ensighten.com
uat.citigroup.com
1 www.google-analytics.com uat.citigroup.com
1 20766699p.rfihub.com c1.rfihub.net
1 cm.everesttech.net 1 redirects
1 metrics1.citi.com nexus.ensighten.com
1 tags.bkrtx.com nexus.ensighten.com
1 c1.rfihub.net nexus.ensighten.com
0 assets.adobedtm.com Failed uat.citigroup.com
45 12

This site contains links to these domains. Also see Links.

Domain
www.citigroup.com
www.citi.com
blog.citigroup.com
www.citivelocity.com
Subject Issuer Validity Valid
uat.citi.com
DigiCert SHA2 Extended Validation Server CA		 2021-06-17 -
2022-06-20		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.rfihub.net
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
metrics1.citi.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-02 -
2022-08-30		 2 years crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://uat.citigroup.com/citi/
Frame ID: 009C13F96E39DFB13C238BEAC1A68F7C
Requests: 42 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: 687AC36FAE8F72B967EC68DB20CB10F8
Requests: 1 HTTP requests in this frame

Frame: https://20766699p.rfihub.com/ca.html?ver=9&ra=1791&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fuat.citigroup.com%2Fciti%2F&pf=&ra=769784026353098
Frame ID: E1BCC164D04178F7B1E56CE7ED7B2DD9
Requests: 1 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: A3A399140C9FF07DC4BE2B872A28DF99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Global Investment Bank and Financial Services | Citi

Page URL History Show full URLs

  1. https://uat.citigroup.com/citi HTTP 301
    https://uat.citigroup.com/citi/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

82 %
HTTPS

27 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

471 kB
Transfer

1428 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://uat.citigroup.com/citi HTTP 301
    https://uat.citigroup.com/citi/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1653317908053 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1653317908053
Request Chain 18
  • https://cm.everesttech.net/cm/dd?d_uuid=30908952175147947341491023586747246993 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YouhFAAAAJv1hQN-

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uat.citigroup.com/citi/
Redirect Chain
  • https://uat.citigroup.com/citi
  • https://uat.citigroup.com/citi/
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c1953c3e9ed987cb5714366a540983e67cdeb56393f7ffccbf63c970e3cf9ee3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4727
Content-Type
text/html
Date
Mon, 23 May 2022 14:58:27 GMT
ETag
"5e3ab1-4a16-5df39d4b03180"
Last-Modified
Tue, 17 May 2022 19:05:58 GMT
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
239
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 23 May 2022 14:58:27 GMT
Location
https://uat.citigroup.com/citi/
require.min.js
uat.citigroup.com/citi/assets/js/lib/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/js/lib/require.min.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b7faebc9c83d40bb8c017a5242ed65e110054245f928a36e410c1d716a4b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 05:57:48 GMT
ETag
"5eded8-45a0-54a1db105af00"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6670
Bootstrap.js
nexus.ensighten.com/citi/na_prod/ 		230 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bd3747493cd71f9f0d0dead229824a43b551ecbc3bbc064aa056062c80373d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:27 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 17:44:06 GMT
server
nginx
etag
W/"627aa466-39878"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1653317908053
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1653317908053
363 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1653317908053
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
HTTP/1.1
Server
52.49.145.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-145-37.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fe985e59d2fe69462b49fc0c534dd62a883f0fce61d77cc169a1ae49452e1ab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v031-02451c0f7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
v+pvhuT/Rn4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://uat.citigroup.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
307
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v031-0b31e9661.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://uat.citigroup.com
X-TID
yZWKFvwkRyY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1653317908053
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 23 May 2022 14:58:27 GMT
brand.js
uat.citigroup.com/citi/assets/js/ 		154 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/js/brand.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/lib/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13fad9d776bd0b2b87a2e4903c307841ebc5bb17d0549a4ee575f0a9f7b34d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 May 2022 22:42:42 GMT
ETag
"5e21b6-26922-5df3cdbc97c80"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39207
serverComponent.php
nexus.ensighten.com/citi/na_prod/ 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Tue%20May%2010%2017:44:03%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Fuat.citigroup.com%2Fciti%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
91ec92b51ba627dc3d8b6186374cb75f4d9404cfca147933154f7af9a51c308e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
cache-control
no-cache, no-store
content-type
text/javascript
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Mon, 23 May 2022 14:58:27 GMT
da6191c2b2959a15b37bb1f025a35ecd.js
nexus.ensighten.com/citi/na_prod/code/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 18:19:28 GMT
server
nginx
etag
W/"621e63b0-12ea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
557566dc60916e3de69e006bef252459.js
nexus.ensighten.com/citi/na_prod/code/ 		2 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
gzip
last-modified
Tue, 27 Aug 2019 16:59:12 GMT
server
nginx
etag
W/"5d656160-887"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
d74f82b561a6aa5d9247eaf72394131a.js
nexus.ensighten.com/citi/na_prod/code/ 		2 KB
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/d74f82b561a6aa5d9247eaf72394131a.js?conditionId0=480881
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:36:41 GMT
server
nginx
etag
W/"61a66129-631"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
d0faf66774f7cc6b3f2d6bc63f05ff75.js
nexus.ensighten.com/citi/na_prod/code/ 		278 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/d0faf66774f7cc6b3f2d6bc63f05ff75.js?conditionId0=494377
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
db24427615114354aa0f0841c4f53fba0f8f06e3970fdca9ff7fff39f3aa5125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
last-modified
Tue, 07 May 2019 17:03:33 GMT
server
nginx
etag
"5cd1ba65-116"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
278
8d20a90ccfa2a960fc13dd8b92ea9e4c.js
nexus.ensighten.com/citi/na_prod/code/ 		158 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/8d20a90ccfa2a960fc13dd8b92ea9e4c.js?conditionId0=421908
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dce306cc7125d829747f2e313bc52c840b5e1a0be61c315ad0a2e601b77afe9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 17:44:06 GMT
server
nginx
etag
W/"627aa466-27643"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
51aba9f62787efbaa13e53a8d1ae3892.js
nexus.ensighten.com/citi/na_prod/code/ 		1 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 17:19:01 GMT
server
nginx
etag
W/"612e6485-52a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
4f75d6203b7d28995190a615cfaf5313.js
nexus.ensighten.com/citi/na_prod/code/ 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/4f75d6203b7d28995190a615cfaf5313.js?conditionId0=467299
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6dee3bf62fee3ca172f7f756cf68f4a7ae83c0a6340c0bf4eb1462235b0d5ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 17:44:06 GMT
server
nginx
etag
W/"627aa466-bbb5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6260004
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
969bedee5da09d431e06827c15378bbb31800e9365b3378b69757ecb41a5479b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38623
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 May 2022 14:58:28 GMT
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/4f75d6203b7d28995190a615cfaf5313.js?conditionId0=467299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:08:02 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 14:07:52 GMT
server
Jetty(9.3.29.v20201019)
age
3026
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
DUS51-P1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
jVUNXhB6IILyFXo_NWclxPPUIUR-VogRp4LxkuCSDa1pgJZ1ThcB-w==
expires
Mon, 23 May 2022 15:08:02 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/8d20a90ccfa2a960fc13dd8b92ea9e4c.js?conditionId0=421908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-135-39.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Mon, 23 May 2022 14:58:28 GMT
Connection
keep-alive
Content-Length
16078
Expires
Mon, 30 May 2022 14:58:28 GMT
dest5.html
citi.demdex.net/ Frame 687A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citi.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://uat.citigroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v031-087ab06cc.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
aN+KiUm/R4A=
content-encoding
gzip
date
Mon, 23 May 2022 14:58:28 GMT
last-modified
Wed, 27 Apr 2022 09:30:12 GMT
vary
accept-encoding
id
metrics1.citi.com/ 		89 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&mid=25418717830697756932094934915405991986&ts=1653317908264
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
6532761f50432b7cc88311ba6f7e359a73b9241d62900e65f7e99235ca372e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat.citigroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-df488f754-94nwn
vary
Origin
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://uat.citigroup.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YouhFAAAAJv1hQN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=30908952175147947341491023586747246993
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YouhFAAAAJv1hQN-
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YouhFAAAAJv1hQN-
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
HTTP/1.1
Server
52.49.145.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-145-37.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v031-055e58f9d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Hny7KHhKTh8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YouhFAAAAJv1hQN-
Date
Mon, 23 May 2022 14:58:28 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ca.html
20766699p.rfihub.com/ Frame E1BC 		118 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://20766699p.rfihub.com/ca.html?ver=9&ra=1791&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fuat.citigroup.com%2Fciti%2F&pf=&ra=769784026353098
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76

Request headers

Referer
https://uat.citigroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
118
Content-Type
text/html;charset=utf-8
Date
Mon, 23 May 2022 14:58:28 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc8f38c79b1e8b37d34b0c5fe61971d558494c44cbfce85275542b81cb49ba52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38625
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 May 2022 14:58:28 GMT
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d1452b69c563ab7ce29b44183a4e9f5f18a76ebf80bd3516df9b4089b57c48e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38623
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 May 2022 14:58:28 GMT
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6415812&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1439bb507dcadc42e3b702e21b03d97c8849ddbd701ae66568ddd1bc85eb0fdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38624
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 May 2022 14:58:28 GMT
id
dpm.demdex.net/ 		363 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=25418717830697756932094934915405991986&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%013145D08A006819D4-4000149C4D24824A&ts=1653317908364
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.145.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-145-37.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
56f4a3f3e9d0f7257ecf6a421b9acf3011b14e3eeca0b9431f6c82ea21ff77fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://uat.citigroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v031-0353f7add.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
syhw28dEQiQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://uat.citigroup.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 UTC
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6165999
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/brand.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b15be53874135a4273e047037d1e2f164b9d976fa1e03fb9a26223fcb11ea0f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:58:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38624
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 May 2022 14:58:29 GMT
main.min.uat.css
uat.citigroup.com/citi/assets/dist/ 		0
0
css.min.css
uat.citigroup.com/citi/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/css/css.min.css
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/brand.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04da867cab3220f99bb1b60354bd347deb649ef5dde56e923552675bb927be57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Nov 2021 01:07:35 GMT
ETag
"5e4c5c-242e-5d105c8a743c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2085
fonts.css
uat.citigroup.com/citi/assets/css/ 		2 KB
727 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/css/fonts.css
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/brand.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1418bdd685f87d0259da25aa49c3b9d249a23251c49f0a03ca2dcfd6ba721976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 May 2020 02:10:31 GMT
ETag
"5eddf4-8c5-5a61f045db3c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
453
font-awesome.min.css
uat.citigroup.com/citi/assets/font-awesome/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/font-awesome/css/font-awesome.min.css
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/brand.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Mar 2018 04:40:19 GMT
ETag
"5ede92-55e0-566cb27ff72c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5041
jquery-3.5.1.min.js
uat.citigroup.com/citi/assets/js/lib/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/js/lib/jquery-3.5.1.min.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/lib/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Sep 2020 20:19:23 GMT
ETag
"5edea9-15d84-5b029084d88c0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30950
mainNavs.txt
uat.citigroup.com/citi/assets/data/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/data/mainNavs.txt
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/lib/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1ca76aea8362921c4ca970347fe0bd5f2d3cd61780c6a60131150034076861a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Mar 2022 18:04:48 GMT
ETag
"5e1e50-3913-5d9a4b334d000"
Vary
Accept-Encoding
Content-Type
text/plain
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2692
text.js
uat.citigroup.com/citi/assets/js/lib/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/js/lib/text.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/lib/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1afe22067b7bf3fa742e743c1830562a6c68a0da2c830cc0e7ef5b17e7d2863e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Mar 2019 19:36:30 GMT
ETag
"5edebb-1e71-583eace488b80"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2894
json.js
uat.citigroup.com/citi/assets/js/lib/ 		539 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/js/lib/json.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/lib/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
337e5cb7f78903f54616862074b97197b943dff46338d9ada0b22c545e0eb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:31 GMT
Last-Modified
Thu, 21 Jun 2018 01:29:38 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"5edea7-21b-56f1cd93d6480"
Content-Length
539
Content-Type
application/x-javascript
vendors.min.js
uat.citigroup.com/citi/assets/dist/ 		0
0
templates.js
uat.citigroup.com/citi/assets/js/lib/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.citigroup.com/citi/assets/js/lib/templates.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/lib/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3d1b005dccb3af31e0e8f39e6aef2828ee40e2ddfdcd2907899a4dcf02f7be3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:31 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 20:25:31 GMT
ETag
"5e08a7-91ef-5cd1403d6c4c0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7619
dest5.html
citi.demdex.net/ Frame A3A3 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citi.demdex.net/dest5.html?d_nsid=0
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/lib/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://uat.citigroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v031-0cf28f2d1.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
s1jyFi/ZR/w=
content-encoding
gzip
date
Mon, 23 May 2022 14:58:32 GMT
last-modified
Wed, 27 Apr 2022 09:30:07 GMT
vary
accept-encoding
launch-cd70cd44f975-staging.min.js
assets.adobedtm.com/62b169e963f5/daaba6c90a78/ 		0
0
ga.js
www.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/assets/js/brand.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2030
date
Mon, 23 May 2022 14:24:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 23 May 2022 16:24:42 GMT
citi-logo-no-r.png
uat.citigroup.com/citi/assets/img/brand/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat.citigroup.com/citi/assets/img/brand/citi-logo-no-r.png
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f24c38d60a4c4316eb031c28f116e338b148e1d1c8f65be0f1012f5b2b6d672e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:32 GMT
Last-Modified
Wed, 20 Jun 2018 23:39:47 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"5ed40b-77f-56f1b5062b6c0"
Content-Length
1919
Content-Type
image/png
citi-logo-no-r-blue.png
uat.citigroup.com/citi/assets/img/brand/ 		0
0
citi-logo.png
uat.citigroup.com/citi/assets/img/brand/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat.citigroup.com/citi/assets/img/brand/citi-logo.png
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad3c72072ae879fec6350b6b23df036b70edacc31138cb2dc34de02f0689d14e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:32 GMT
Last-Modified
Wed, 20 Jun 2018 23:39:47 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"5ed40e-7af-56f1b5062b6c0"
Content-Length
1967
Content-Type
image/png
doc-dwnld-investor.png
uat.citigroup.com/citi/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat.citigroup.com/citi/assets/img/doc-dwnld-investor.png
Requested by
Host: uat.citigroup.com
URL: https://uat.citigroup.com/citi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
762622e677c063032dfb0cecbec580afff74c0b02443f6b6fbef5aa4951faedd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat.citigroup.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 14:58:32 GMT
Last-Modified
Wed, 20 Jun 2018 23:38:25 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"5edd60-b0a-56f1b4b7f7e40"
Content-Length
2826
Content-Type
image/png
doc-dwnld-media.png
uat.citigroup.com/citi/assets/img/ 		0
0
doc-dwnld-annual.png
uat.citigroup.com/citi/assets/img/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uat.citigroup.com
URL
https://uat.citigroup.com/citi/assets/dist/main.min.uat.css
Domain
uat.citigroup.com
URL
https://uat.citigroup.com/citi/assets/dist/vendors.min.js
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/62b169e963f5/daaba6c90a78/launch-cd70cd44f975-staging.min.js
Domain
uat.citigroup.com
URL
https://uat.citigroup.com/citi/assets/img/brand/citi-logo-no-r-blue.png
Domain
uat.citigroup.com
URL
https://uat.citigroup.com/citi/assets/img/doc-dwnld-media.png
Domain
uat.citigroup.com
URL
https://uat.citigroup.com/citi/assets/img/doc-dwnld-annual.png

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| requirejs function| require function| define object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| adobe_visitor object| citiData object| dataLayer function| gtag function| _rfi function| AppMeasurement_Module_ActivityMap function| AppMeasurement number| s_objectID number| s_giq string| rsidAry object| s_tms function| bk_async object| val object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| google_tag_manager object| google_tag_data object| _gaq function| addAnnotation function| loadCSS function| toggleNavItem function| pageNavItem function| doneResizing function| footerNavToggle function| pageNavToggle function| viewport function| smoothScrolling function| mobileNavReset function| loadJS function| loadRequireJs function| getUrlParameter function| loadTracking function| firedTracking function| renderSocialMediaPageSocialNetworks function| renderVerticalSocialNetworks function| getCurrentNodes function| renderSubNav function| renderTertiaryNav function| initSubNav function| getIndicesOf function| UrlExists function| getExternal function| renderTray function| getMobileSections function| renderMobileSections function| getSection function| renderSections function| renderWheel function| parseEvents function| updateWheel function| scrollToSection string| base_dir string| noCache object| requireJSPath object| requireJSArgs object| requireShim boolean| blogUAT boolean| blogPod boolean| newsAlert boolean| newsAlertUAT string| ext_site string| usenav string| dtmenv object| navHdr string| curlang string| setlangdir string| setsubnavlang function| findVariable boolean| appView string| cssext function| isMobileDevice string| serverPath string| searchUrl object| mainNavs object| checkLocation string| usecache function| $ function| jQuery

13 Cookies

Domain/Path Name / Value
uat.citigroup.com/ Name: 7830
Value: error
uat.citigroup.com/ Name: 7018
Value:
uat.citigroup.com/ Name: 64072
Value:
.demdex.net/ Name: demdex
Value: 30908952175147947341491023586747246993
.citigroup.com/ Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg
Value: 1
.citigroup.com/ Name: _gcl_au
Value: 1.1.879284028.1653317908
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YouhFAAAAJv1hQN-
.citi.com/ Name: s_vi
Value: [CS]v1|3145D08A006819D4-4000149C4D24824A[CE]
.citi.com/ Name: s_ecid
Value: MCMID%7C25418717830697756932094934915405991986
.dpm.demdex.net/ Name: dpm
Value: 30908952175147947341491023586747246993
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0Mja0NDMxMjI0NzE0MbAwNRTiM9QtdC7y9c5Mc_H3KDOW4jU0MzU2NjS3NLAwMTADADfwZ800AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0Mja0NDMxMjI0NzE0MbAwNRTiM9QtdC7y9c5Mc_H3KDMGAD4hYTclAAAA
.citigroup.com/ Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg
Value: -330454231%7CMCIDTS%7C19136%7CMCMID%7C25418717830697756932094934915405991986%7CMCAAMLH-1653922708%7C6%7CMCAAMB-1653922708%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1653325108s%7CNONE%7CMCAID%7C3145D08A006819D4-4000149C4D24824A%7CMCSYNCSOP%7C411-19143%7CvVersion%7C3.1.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20766699p.rfihub.com
assets.adobedtm.com
c1.rfihub.net
citi.demdex.net
cm.everesttech.net
dpm.demdex.net
metrics1.citi.com
nexus.ensighten.com
tags.bkrtx.com
uat.citigroup.com
www.google-analytics.com
www.googletagmanager.com
assets.adobedtm.com
uat.citigroup.com
13.36.218.177
18.197.253.20
193.0.160.128
2.16.186.242
2600:9000:224a:7200:1:76cf:fe80:93a1
2a00:1450:4001:810::2008
2a00:1450:4001:828::200e
34.248.32.199
52.49.145.37
54.77.200.211
96.16.135.39
04da867cab3220f99bb1b60354bd347deb649ef5dde56e923552675bb927be57
0d1452b69c563ab7ce29b44183a4e9f5f18a76ebf80bd3516df9b4089b57c48e
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13fad9d776bd0b2b87a2e4903c307841ebc5bb17d0549a4ee575f0a9f7b34d68
1418bdd685f87d0259da25aa49c3b9d249a23251c49f0a03ca2dcfd6ba721976
1439bb507dcadc42e3b702e21b03d97c8849ddbd701ae66568ddd1bc85eb0fdd
1afe22067b7bf3fa742e743c1830562a6c68a0da2c830cc0e7ef5b17e7d2863e
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
337e5cb7f78903f54616862074b97197b943dff46338d9ada0b22c545e0eb646
56f4a3f3e9d0f7257ecf6a421b9acf3011b14e3eeca0b9431f6c82ea21ff77fb
5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db
6532761f50432b7cc88311ba6f7e359a73b9241d62900e65f7e99235ca372e39
6dee3bf62fee3ca172f7f756cf68f4a7ae83c0a6340c0bf4eb1462235b0d5ce4
762622e677c063032dfb0cecbec580afff74c0b02443f6b6fbef5aa4951faedd
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
91ec92b51ba627dc3d8b6186374cb75f4d9404cfca147933154f7af9a51c308e
969bedee5da09d431e06827c15378bbb31800e9365b3378b69757ecb41a5479b
ad3c72072ae879fec6350b6b23df036b70edacc31138cb2dc34de02f0689d14e
b15be53874135a4273e047037d1e2f164b9d976fa1e03fb9a26223fcb11ea0f4
bd3747493cd71f9f0d0dead229824a43b551ecbc3bbc064aa056062c80373d6b
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c1953c3e9ed987cb5714366a540983e67cdeb56393f7ffccbf63c970e3cf9ee3
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
db24427615114354aa0f0841c4f53fba0f8f06e3970fdca9ff7fff39f3aa5125
dce306cc7125d829747f2e313bc52c840b5e1a0be61c315ad0a2e601b77afe9e
e1ca76aea8362921c4ca970347fe0bd5f2d3cd61780c6a60131150034076861a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7faebc9c83d40bb8c017a5242ed65e110054245f928a36e410c1d716a4b54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24c38d60a4c4316eb031c28f116e338b148e1d1c8f65be0f1012f5b2b6d672e
f3d1b005dccb3af31e0e8f39e6aef2828ee40e2ddfdcd2907899a4dcf02f7be3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc8f38c79b1e8b37d34b0c5fe61971d558494c44cbfce85275542b81cb49ba52
fe985e59d2fe69462b49fc0c534dd62a883f0fce61d77cc169a1ae49452e1ab6