uat03.citi.com Open in urlscan Pro
184.24.27.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uat03.citi.com/
Submission Tags: @phishunt_io
Submission: On December 09 via api (December 9th 2020, 6:32:58 pm UTC) from ES

Summary HTTP 60 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 60 HTTP transactions. The main IP is 184.24.27.85, located in United States and belongs to AKAMAI-AS, US. The main domain is uat03.citi.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 9th 2020. Valid for: a year.

This is the only time uat03.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	184.24.27.85 184.24.27.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2	52.129.92.14 52.129.92.14	15301 (IOVATION) (IOVATION)
15	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1 4	34.242.67.216 34.242.67.216	16509 (AMAZON-02) (AMAZON-02)
1	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
1 1	34.255.166.243 34.255.166.243	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	104.111.251.111 104.111.251.111	16625 (AKAMAI-AS) (AKAMAI-AS)
60	9

19 184.24.27.85 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-27-85.deploy.static.akamaitechnologies.com

uat03.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.129.92.14 (United States)

ASN15301 (IOVATION, US)

ci-mpsnare.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.242.67.216 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-67-216.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
citi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

metrics1.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.166.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-243.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.251.111 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-251-111.deploy.static.akamaitechnologies.com

sit.api.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	citi.com uat03.citi.com metrics1.citi.com sit.api.citi.com	421 KB
15	ensighten.com nexus.ensighten.com	155 KB
4	demdex.net 1 redirects dpm.demdex.net citi.demdex.net	3 KB
3	googletagmanager.com www.googletagmanager.com	115 KB
2	iovation.com ci-mpsnare.iovation.com	14 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	rlcdn.com api.rlcdn.com Failed di.rlcdn.com	42 B
0	bluekai.com Failed stags.bluekai.com Failed
60	8

	Domain	Requested by
19	uat03.citi.com	uat03.citi.com
15	nexus.ensighten.com	uat03.citi.com nexus.ensighten.com
3	www.googletagmanager.com	nexus.ensighten.com www.googletagmanager.com
3	dpm.demdex.net	1 redirects uat03.citi.com
2	sit.api.citi.com	uat03.citi.com
2	ci-mpsnare.iovation.com	uat03.citi.com ci-mpsnare.iovation.com
1	cm.everesttech.net	1 redirects
1	metrics1.citi.com	uat03.citi.com
1	citi.demdex.net	nexus.ensighten.com
1	di.rlcdn.com	uat03.citi.com
0	stags.bluekai.com Failed	uat03.citi.com
0	api.rlcdn.com Failed	uat03.citi.com
60	12

This site contains links to these domains. Also see Links.

Domain
online.citi.com
www.citigroup.com
jobs.citi.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
www.citi.com
play.google.com
itunes.apple.com
www.jdpower.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
uat.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-09` - `2021-12-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
ci-mpsnare.iovation.com DigiCert SHA2 High Assurance Server CA	`2020-04-08` - `2021-05-11`	a year	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
metrics1.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-02` - `2022-08-30`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sandbox.api.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-10-08` - `2021-11-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://uat03.citi.com/
Frame ID: BE11997C9B2C251596C42C48C7A52FDA
Requests: 58 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: E1AE375ACD8052A76B00B867DFE1F6B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

60
Requests

77 %
HTTPS

11 %
IPv6

8
Domains

12
Subdomains

9
IPs

5
Countries

707 kB
Transfer

2997 kB
Size

0
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://online.citi.com/US/ag/mrc/dashboard

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/citibank-location-finder
Title: ATM / Branch

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://jobs.citi.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits and Services

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi® Private Pass®

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/citigold-private-client
Title: Citigold® Private Client

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://online.citi.com/small-business-banking
Title: Small Business Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Personal Banking

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=todays_mortgage_rates&type=buy
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=home_equity_rates
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/current-interest-rates/personal-loans-and-lines-of-credit
Title: Lending

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/search/fullSearch;search=
Title: Help & FAQs

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/pands/detail.do?ID=SecurityCenter
Title: Security Center

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title: Continue

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title: Continue

Search URL Search Domain Scan URL

URL: http://www.jdpower.com/awards
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citibank
Title: Continue

Search URL Search Domain Scan URL

URL: https://twitter.com/Citibank/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title: Continue

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/termsdisclaimer/termsdisclaimerhome
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://online.citi.com/JRS/portal/template.do?ID=Privacy#notice-at-collection
Title: Notice at Collection

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/ag/dataprivacyhub
Title: CA Privacy Hub

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607538758319 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607538758319

Request Chain 41

https://cm.everesttech.net/cm/dd?d_uuid=39140429554392928111390863344425224859 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9EYRgAAAIX6Mh9n

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uat03.citi.com/ 668 KB
98 KB 9132ms
8670ms Document
text/html 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

550eabc9350bb6b177d09cba56a6478eefcb681cab119e80cfa21ce6ceac36bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: uat03.citi.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
content-type: text/html;charset=utf-8
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
access-control-allow-origin
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
access-control-max-age: 2147483647
content-encoding: gzip
dclocation: GT1DMSUAT3
etag: W/"a6e2e-cGQ/BLOTJSeaOjasqH7hl6ee360"
nonce: 1599576730604289
pragma: no-cache
scope: VISITOR
sid: 8d4adf95-3491-442b-8017-5a21e55bb752
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
uuid: 395ee03e-48d0-46d6-a450-6ab0a7cf5531
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-vcap-request-id: 65ddcd64-f9b5-4558-6368-546603c57bf4
x-xss-protection: 1; mode=block
x-akamai-citisite: GTDC
x-akamai-transformed: 9 - 0 pmb=mTOE,1
expires: Wed, 09 Dec 2020 18:32:29 GMT
date: Wed, 09 Dec 2020 18:32:29 GMT

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
uat03.citi.com/assets/scripts/global/ 899 B
997 B 452ms
451ms Script
application/javascript 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uat03.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-27-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3eb8c85891e44777f848884abc98ace73d315653f6202b8a3735aabce3bccc7

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 09 Dec 2020 18:32:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 668
x-ion-hop: Test
expires: Wed, 09 Dec 2020 18:32:30 GMT

GET
H2 200 banner.min.js Show response
uat03.citi.com/cbol-pre-login-static-assets/assets/js/ 13 KB
5 KB 8273ms
8272ms Script
application/javascript 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

a6d2f7f5508a31434c260668eb05f62cdc3108a7dcc2e1cff58c5fc6ca437ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 4121
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:38 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: application/javascript;charset=UTF-8
access-control-allow-origin
x-vcap-request-id: 6b69aedc-cefd-4557-6d67-1e9e6eac214c
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"352e-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:38 GMT

GET
H2 200 tagging.js Show response
uat03.citi.com/cbol-pre-login-static-assets/assets/js/ 58 KB
12 KB 6296ms
6296ms Script
application/javascript 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/assets/js/tagging.js

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

0cb3d02173b459e773e255bb7e9f3121be93cdd97e6e9aada17077fd291588ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 11912
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:44 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: application/javascript;charset=UTF-8
access-control-allow-origin
x-vcap-request-id: 597012d3-f32f-471f-4530-ed2d563fa8c1
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"e94d-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:44 GMT

GET
H2 200 styles.7f5bd1ef9fab75b0523d.css
uat03.citi.com/cbol-pre-login-static-assets/ 360 KB
0 20911ms
20910ms Stylesheet
text/css 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/styles.7f5bd1ef9fab75b0523d.css

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:25:14 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:50 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: text/css;charset=UTF-8
access-control-allow-origin
x-vcap-request-id: a674a776-0d17-45f4-5697-b1ab504df257
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"1096db-17625c62f90"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:50 GMT

GET
H2 200 citilogoredesign.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 2 KB
2 KB 4115ms
4112ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/citilogoredesign.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 1799
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:42 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: c0195895-d959-4e77-7626-1cff4f5f64ea
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"707-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:42 GMT

GET
H2 200 050-location@2x.svg
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 2 KB
2 KB 7604ms
7602ms Image
image/svg+xml 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/050-location@2x.svg

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

sid: e7d0ea14-f010-4c94-9f01-ad313b849a6a
content-encoding: gzip
etag: W/"6d8-17625c24f60"
nonce: 3615958290502345
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
dclocation: GT1DMSUAT3
content-length: 758
x-xss-protection: 1 ; mode=block
uuid: 985abec1-5dd7-41af-99b4-6662775131f0
referrer-policy: no-referrer
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
content-type: image/svg+xml
access-control-allow-origin
x-vcap-request-id: 2b12bcf3-8b23-4ebe-7243-7c22ccd49f70
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
scope: VISITOR
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
x-content-type-options: nosniff
expires: Thu, 10 Dec 2020 00:32:45 GMT

GET
H2 200 icon_globe_med-grey@2x.svg
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 3 KB
2 KB 7607ms
7604ms Image
image/svg+xml 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/icon_globe_med-grey@2x.svg

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

sid: 8bf40bd0-1fe6-4cbf-b284-2291ed4032ba
content-encoding: gzip
etag: W/"dc3-17625c24f60"
nonce: 1361428726371947
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
dclocation: GT1DMSUAT3
content-length: 1419
x-xss-protection: 1 ; mode=block
uuid: 16ce5349-eb4a-4be5-abf0-7beabbaee1a8
referrer-policy: no-referrer
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
content-type: image/svg+xml
access-control-allow-origin
x-vcap-request-id: 7d3c5a7b-a42a-46d2-5d09-a4ba6dd4bd4f
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
scope: VISITOR
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
x-content-type-options: nosniff
expires: Thu, 10 Dec 2020 00:32:45 GMT

GET
H2 200 phone.png
uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/ 2 KB
2 KB 4117ms
4114ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/phone.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

d7a1b5a62da42e8ecacbd3138530354ed775018c7c10dc6bb8c7029b682f301d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 1640
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:42 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: 324928c8-79c4-455f-71a7-b5a61642fcf1
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"668-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:42 GMT

GET
H2 200 qrsignon.png
uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/ 741 B
1 KB 5216ms
5213ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/qrsignon.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 741
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:47 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: ff3fc6a0-0f75-44fa-4f11-520f57b42224
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"2e5-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:47 GMT

GET
H2 200 laptop-and-phone-pairing.png
uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/ 3 KB
4 KB 5213ms
5210ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/laptop-and-phone-pairing.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 3044
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:47 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: 42ac7be1-58e5-4aa7-4a8b-f83366012bfd
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"be4-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:47 GMT

GET
H2 200 laptop-and-phone-success.png
uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/ 2 KB
3 KB 4717ms
4717ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/assets/qrcode/images/laptop-and-phone-success.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 2544
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:49 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: 73621dca-28b2-46d1-53f6-a506d1fb56b0
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"9f0-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:49 GMT

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
uat03.citi.com/assets/scripts/global/ 192 KB
109 KB 230ms
230ms Script
application/javascript 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uat03.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMB5jUh2AQAA47ok4Y3my5s2uGtFr-S_0iAkD5-fktfmnekezm0llL4cbB3X&X-soz9htCz--z=q
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-27-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72c98f2308eefffa0db7999b4b948d8db8f3ea7b60d57de021c07645bb9bfc97

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
date: Wed, 09 Dec 2020 18:32:30 GMT
cache-control: public, max-age=9000
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-ion-hop: Test
expires: Wed, 09 Dec 2020 21:02:30 GMT

GET cedrictest.js
uat03.citi.com/cbol-pre-login-static-assets/assets/js/ 0
0

GET
H2 200 googlePlay@3x.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 24 KB
25 KB 3632ms
3631ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/googlePlay@3x.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 25077
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:49 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: 8195ccec-a78a-47df-7e7f-8c61d72d2374
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"61f5-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:49 GMT

GET
H2 200 appStore@3x.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 20 KB
20 KB 4940ms
4937ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/appStore@3x.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 20047
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:52 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: b01189f4-8657-4ad1-7f9d-b668fb11883b
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"4e4f-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:52 GMT

GET
H2 200 social-media_facebook@3x.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 445 B
1 KB 4707ms
4705ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_facebook@3x.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 445
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:52 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: 048cd1fe-b14a-44fe-476e-452d84061c7f
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"1bd-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:52 GMT

GET
H2 200 social-media_twitter@3x.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 1 KB
2 KB 3812ms
3812ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_twitter@3x.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 1277
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:53 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: 7f2993bc-4304-47c8-4e93-2197b98513d9
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"4fd-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:53 GMT

GET
H2 200 social-media_youtube@3x.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 1 KB
2 KB 4325ms
4325ms Image
image/png 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/social-media_youtube@3x.png

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-length: 1175
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:21:00 GMT
server
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:53 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: image/png
access-control-allow-origin
x-vcap-request-id: 3495feb3-0e53-41dc-459e-5cacca899140
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
etag: W/"497-17625c24f60"
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 10 Dec 2020 00:32:53 GMT

GET 320_Citi-PLT@3x.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 0
0

GET 1440_Citi-PLT@3x.png
uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 0
0

GET fp.js
uat03.citi.com/cbol-pre-login-static-assets/assets/js/ 0
0

GET runtime.db4427d527e736afb728.js
uat03.citi.com/cbol-pre-login-static-assets/ 0
0

GET polyfills.e47ffbe78dd158361b61.js
uat03.citi.com/cbol-pre-login-static-assets/ 0
0

GET scripts.87e7b9002e4f6d317d67.js
uat03.citi.com/cbol-pre-login-static-assets/ 0
0

GET main.dbcb7ab89516fd3dd9fd.js
uat03.citi.com/cbol-pre-login-static-assets/ 0
0

GET identity
api.rlcdn.com/api/ 0
0

GET 19469
stags.bluekai.com/site/ 0
0

GET
H2 451 463166.gif
di.rlcdn.com/ 0
42 B 60ms
59ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/463166.gif?partner_uid=efc029d4-8112-4202-be32-e42d32d12c63
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK snare.js Show response
ci-mpsnare.iovation.com/ 38 KB
13 KB 730ms
353ms Script
text/javascript 52.129.92.14
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL

https://ci-mpsnare.iovation.com/snare.js?_=2681837854563816

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.129.92.14 , United States, ASN15301 (IOVATION, US),

Reverse DNS

Software

nginx /

Resource Hash

dfe7c7ac96ec29bcce0164f6584a6841c2d1d7ab6f414a964888241dcf067cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 18:32:38 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/citi/na_stage/ 278 KB
91 KB 35ms
35ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 36a3fdd9a2f0f704187901959ebfeecbf7462948334084cf3f1a89bd820fb076

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 20:36:12 GMT
server: nginx
etag: W/"5fcfe3bc-45921"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607538758319
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607538758319

363 B
1 KB

54ms
54ms

XHR
application/json

34.242.67.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607538758319

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.67.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-67-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3030d76518b8a5549d1ec4a82c31c9baca81e8cb73efbced1259eff55cb42e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-03861e2e4.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: vRoYBxBPQdg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://uat03.citi.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 299
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://uat03.citi.com
X-TID: zvHBMRaOQZY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607538758319
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_stage/ 1 KB
777 B 56ms
55ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/serverComponent.php?r=2510471705.2954717&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_stage/code/&publishedOn=Tue%20Dec%2008%2020:36:07%20GMT%202020&ClientID=1129&PageID=https%3A%2F%2Fuat03.citi.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 983a12dbec0c1b088a8c440f41358da9536da80590f460fc698216ef8958e704

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Wed, 09 Dec 2020 18:32:37 GMT

GET
H2 200 e184a244b5b099c838aaaf0d34bd2bfd.js Show response
nexus.ensighten.com/citi/na_stage/code/ 13 KB
4 KB 35ms
34ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/e184a244b5b099c838aaaf0d34bd2bfd.js?conditionId0=467299
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fa6dbce6111b314c69e214bc7cb0ae22a27d56286a9227b9d94732209c7a242b

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 20:36:12 GMT
server: nginx
etag: W/"5fcfe3bc-346c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 f83a1b2f2387c6c20bedbfa2eb53f9e8.js Show response
nexus.ensighten.com/citi/na_stage/code/ 1 KB
728 B 35ms
34ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/f83a1b2f2387c6c20bedbfa2eb53f9e8.js?conditionId0=4827153
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c372a2f596024b3ab9c9e7ac632185260868693e30e0223eb983e5ae897ae48a

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 14:43:04 GMT
server: nginx
etag: W/"5fce3f78-412"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 c12dae03db21b42020eebc54e7710f6f.js Show response
nexus.ensighten.com/citi/na_stage/code/ 3 KB
1 KB 36ms
35ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/c12dae03db21b42020eebc54e7710f6f.js?conditionId0=4837456
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1eca9df8707c8459e9c4c9b9a6e5528318e890c842f7fc10305b738077da277b

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 16:28:54 GMT
server: nginx
etag: W/"5e666ec6-c65"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 70adc734c8b3da7da303531724169841.js Show response
nexus.ensighten.com/citi/na_stage/code/ 2 KB
853 B 36ms
35ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/70adc734c8b3da7da303531724169841.js?conditionId0=480881
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e65ab34ce9fc581b33eb9da02d0c3b0e5c24506a5431044ec02a48e102a0af02

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 20:27:17 GMT
server: nginx
etag: W/"5fcfe1a5-631"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 d4735fd843d57a69f9e83da44aed18d7.js Show response
nexus.ensighten.com/citi/na_stage/code/ 278 B
451 B 35ms
34ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/d4735fd843d57a69f9e83da44aed18d7.js?conditionId0=494377
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c4d822793b2eab5f9bf345ce530487844b1aeaca83f5fd906f2e9987f6842028

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
last-modified: Fri, 03 May 2019 18:11:56 GMT
server: nginx
etag: "5ccc846c-116"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 278

GET
H2 200 b32bdcf8300d0995bebd2eb79d76c447.js Show response
nexus.ensighten.com/citi/na_stage/code/ 108 KB
24 KB 35ms
34ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/b32bdcf8300d0995bebd2eb79d76c447.js?conditionId0=421908
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d76609e224a7b218bf9f0aefca3ed914d189566b58251c3165e1c498d3b49a5b

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 20:27:17 GMT
server: nginx
etag: W/"5fcfe1a5-1b117"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 ca145d4187a081eaffb7d75d438ec166.js Show response
nexus.ensighten.com/citi/na_stage/code/ 113 KB
32 KB 36ms
35ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/ca145d4187a081eaffb7d75d438ec166.js?conditionId0=4894570&conditionId1=486757
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3005a0e4b784812d0f1d592ff1c953a93507f4741430423a48d9293b6befaf45

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 20:27:17 GMT
server: nginx
etag: W/"5fcfe1a5-1c409"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK Cookie set dest5.html
citi.demdex.net/ Frame E1AE 0
0 53ms
53ms Document
text/html 34.242.67.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.67.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-67-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: citi.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://uat03.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=39140429554392928111390863344425224859
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://uat03.citi.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 26 Nov 2020 14:38:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=39140429554392928111390863344425224859;Path=/;Domain=.demdex.net;Expires=Mon, 07-Jun-2021 18:32:38 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 2f36SaCDT1k=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics1.citi.com/ 48 B
271 B 45ms
45ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&mid=46079954270016287121940713812353741624&ts=1607538758433

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMB5jUh2AQAA47ok4Y3my5s2uGtFr-S_0iAkD5-fktfmnekezm0llL4cbB3X&X-soz9htCz--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

191e7f199664e2436a43e0b196d4b15cf437670dc6fda214c6b46a5385d1e7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f7bfdfcfd-hptqb
vary: Origin
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://uat03.citi.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X9EYRgAAAIX6Mh9n
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=39140429554392928111390863344425224859
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9EYRgAAAIX6Mh9n

42 B
915 B

53ms
53ms

Image
image/gif

34.242.67.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9EYRgAAAIX6Mh9n

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.67.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-67-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-0d60c6a98.edge-irl1.demdex.com 5.80.1.20201111130852 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Pz42W1+RSAE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9EYRgAAAIX6Mh9n
Date: Wed, 09 Dec 2020 18:32:38 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40f2d3730f4b449e9b8ae1024ec389d1fafeb98c0cf7807a0ff295ff1d0a8a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38970
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 18:32:38 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 35ms
35ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=Dependency%20with%20id%20660441is%20missing&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=-1&did=-1&errorName=DependencyNotAvailableException
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Dec 2020 18:32:37 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 36ms
35ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%22ReferenceError%3A%20cookiepref%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20trigger%3A%20ccpa_cookiepref%2C%20ID%3A64079.%20Using%20bottom%20of%20body%20trigger.&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Dec 2020 18:32:37 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 58ms
57ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%22ReferenceError%3A%20cookiepref%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20ccpa_cookiepref%2C%20ID%3A64079.&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=2736057&did=562734&errorName=DataDefinitionException
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Dec 2020 18:32:37 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 48ms
47ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=2708219&did=571630&errorName=ReferenceError
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Dec 2020 18:32:37 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 48ms
47ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=2708229&did=572750&errorName=ReferenceError
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Dec 2020 18:32:37 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 37ms
36ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=2708208&did=572752&errorName=ReferenceError
Requested by: Host: uat03.citi.com
URL: https://uat03.citi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Dec 2020 18:32:37 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75716309eda6c8f4dd370de69d119cfefb5b14750937a5cc11e17d356b9d006f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38979
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 18:32:38 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c41553f453a21f0915295f78809ce69da17214300e920d54a64eacf9faef58ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:32:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38978
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 18:32:38 GMT

POST
H2 200 banner Show response
uat03.citi.com/gcgapi/uat3/api/v1/marketing/offers/ 11 KB
4 KB 1300ms
1300ms XHR
application/json 184.24.27.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://uat03.citi.com/gcgapi/uat3/api/v1/marketing/offers/banner

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMB5jUh2AQAA47ok4Y3my5s2uGtFr-S_0iAkD5-fktfmnekezm0llL4cbB3X&X-soz9htCz--z=q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.27.85 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

ade526f8b525c786b3e0ef96d55ee2d1d5c3639e7b3e1a77e053003df83e7758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

client_id: 91b3da7a-9318-422c-bac8-f7f82d529c4d
Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

sid: b9a33f2a-d397-45db-9c49-3d4a513e5da7:GT1DMSUAT3
content-encoding: gzip
x-content-type-options: nosniff
nonce: 2848297755825660
access-control-allow-origin: https://uat03.citi.com
x-global-transaction-id: 0864e7bb5fd11847d39b0c3f
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
dclocation: GT1DMSUAT3
vary: Accept-Encoding
content-length: 3227
x-xss-protection: 1 ; mode=block
uuid: aacb197e-9526-457a-9cbb-9daaeab4f7af
pragma: no-cache
referrer-policy: no-referrer
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Wed, 09 Dec 2020 18:32:40 GMT
x-route-target: DEFAULT:DEFAULT
access-control-max-age: 2147483647
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/json
x-backside-transport: OK OK,OK OK
x-vcap-request-id: 1cd95715-964f-416a-44d3-4ee472008842
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: no-cache, no-store
scope: VISITOR
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: -1

GET
H/1.1 200
OK logo.js Show response
ci-mpsnare.iovation.com/script/ 96 B
609 B 197ms
197ms Script
text/javascript 52.129.92.14
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL

https://ci-mpsnare.iovation.com/script/logo.js

Requested by

Host: ci-mpsnare.iovation.com
URL: https://ci-mpsnare.iovation.com/snare.js?_=2681837854563816

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.129.92.14 , United States, ASN15301 (IOVATION, US),

Reverse DNS

Software

nginx /

Resource Hash

b1ff6061be9d5d39ecd56e58f680550062b0d104c4f9cefb99d01a25850a384d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 18:32:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Server: nginx
Expires: Thu, 9 Dec 2021 18:32:39 GMT

GET
H/1.1 200
OK tagging_transformation.json Show response
sit.api.citi.com/gcgapi/uat2/public/v1/staticcms/USGCB/en_US/appid/ 785 KB
124 KB 2276ms
2275ms XHR
application/json 104.111.251.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sit.api.citi.com/gcgapi/uat2/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation.json

Requested by

Host: uat03.citi.com
URL: https://uat03.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMB5jUh2AQAA47ok4Y3my5s2uGtFr-S_0iAkD5-fktfmnekezm0llL4cbB3X&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.251.111 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-251-111.deploy.static.akamaitechnologies.com

Software

Resource Hash

4ea3658465ea61e76174ea9ca20f99c24f94e8a6c15abae61a6813571b908ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

appVersion: CBOLV1.0.0
Referer: https://uat03.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
client_id: 3ea31584-77fb-4b6d-bec2-65a45cae1664

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Route-Target: DEFAULT:DEFAULT
Citiuuid: 47f59607-abea-47d2-be98-bbe764087e9b7800100
Access-Control-Allow-Origin: https://uat03.citi.com
Transfer-Encoding: chunked
X-RateLimit-Remaining: name=rate-limit-1,2;
X-Global-Transaction-ID: 0864e7bb5fd1184dd39b2f3f
Connection: keep-alive, Transfer-Encoding
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
X-Akamai-CITISITE: gtdc
X-Frame-Options: DENY
Date: Wed, 09 Dec 2020 18:32:46 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD,GET,POST,PUT,DELETE
Content-Type: application/json
X-Backside-Transport: OK OK,OK OK,OK OK
X-Vcap-Request-Id: c853e1fb-8a96-4dba-5369-ebbcb87f43b2
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID,action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: name=rate-limit-1,3;
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable

OPTIONS
H/1.1 200
OK tagging_transformation.json
sit.api.citi.com/gcgapi/uat2/public/v1/staticcms/USGCB/en_US/appid/ Frame 0
0 200ms
200ms Other 104.111.251.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit.api.citi.com/gcgapi/uat2/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation.json
Protocol: HTTP/1.1
Server: 104.111.251.111 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-251-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: appversion,client_id
Origin: https://uat03.citi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Backside-Transport: FAIL FAIL
Access-Control-Allow-Methods: GET,POST,PUT,DELETE
Access-Control-Allow-Origin: https://uat03.citi.com
Access-Control-Allow-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Access-Control-Expose-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Access-Control-Allow-Credentials: true
Content-Length: 0
Date: Wed, 09 Dec 2020 18:32:44 GMT
Connection: keep-alive

GET jamp-spinner-2x.gif
uat03.citi.com/cbol-pre-login-static-assets/cbol-pre-login-static-assets/commonui-assets/images/ 0
0

GET Citi-Branding-Sprite.png
uat03.citi.com/assets/branding/ 0
0

GET Interstate-Bold.woff
uat03.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Light.woff
uat03.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/assets/js/cedrictest.js

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/320_Citi-PLT@3x.png

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/1440_Citi-PLT@3x.png

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/assets/js/fp.js

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/runtime.db4427d527e736afb728.js

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/polyfills.e47ffbe78dd158361b61.js

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/scripts.87e7b9002e4f6d317d67.js

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/main.dbcb7ab89516fd3dd9fd.js

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity?pid=1&rt=idl

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/19469?ret=json

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/cbol-pre-login-static-assets/commonui-assets/images/jamp-spinner-2x.gif

Domain: uat03.citi.com
URL: https://uat03.citi.com/assets/branding/Citi-Branding-Sprite.png

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Domain: uat03.citi.com
URL: https://uat03.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://uat03.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMB5jUh2AQAA47ok4Y3my5s2uGtFr-S_0iAkD5-fktfmnekezm0llL4cbB3X&X-soz9htCz--z=q(Line 1) Message:
console-api	log	(Line 11) Message: test 12
console-api	log	URL: https://uat03.citi.com/cbol-pre-login-static-assets/assets/js/tagging.js(Line 300) Message: Started tagging.js core
console-api	log	URL: https://uat03.citi.com/cbol-pre-login-static-assets/assets/js/tagging.js(Line 1445) Message: key external campaign tracking code is not available
console-api	log	URL: https://uat03.citi.com/cbol-pre-login-static-assets/assets/js/tagging.js(Line 1460) Message: key internal campaign tracking code is not available

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rlcdn.com
ci-mpsnare.iovation.com
citi.demdex.net
cm.everesttech.net
di.rlcdn.com
dpm.demdex.net
metrics1.citi.com
nexus.ensighten.com
sit.api.citi.com
stags.bluekai.com
uat03.citi.com
www.googletagmanager.com
api.rlcdn.com
stags.bluekai.com
uat03.citi.com
104.111.251.111
18.197.253.20
184.24.27.85
2a00:1450:4001:806::2008
34.120.207.148
34.242.67.216
34.255.166.243
35.181.18.61
52.129.92.14
0cb3d02173b459e773e255bb7e9f3121be93cdd97e6e9aada17077fd291588ad
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
191e7f199664e2436a43e0b196d4b15cf437670dc6fda214c6b46a5385d1e7f4
1eca9df8707c8459e9c4c9b9a6e5528318e890c842f7fc10305b738077da277b
3005a0e4b784812d0f1d592ff1c953a93507f4741430423a48d9293b6befaf45
3030d76518b8a5549d1ec4a82c31c9baca81e8cb73efbced1259eff55cb42e87
36a3fdd9a2f0f704187901959ebfeecbf7462948334084cf3f1a89bd820fb076
40f2d3730f4b449e9b8ae1024ec389d1fafeb98c0cf7807a0ff295ff1d0a8a96
4ea3658465ea61e76174ea9ca20f99c24f94e8a6c15abae61a6813571b908ec8
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
550eabc9350bb6b177d09cba56a6478eefcb681cab119e80cfa21ce6ceac36bf
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
72c98f2308eefffa0db7999b4b948d8db8f3ea7b60d57de021c07645bb9bfc97
75716309eda6c8f4dd370de69d119cfefb5b14750937a5cc11e17d356b9d006f
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
983a12dbec0c1b088a8c440f41358da9536da80590f460fc698216ef8958e704
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
a6d2f7f5508a31434c260668eb05f62cdc3108a7dcc2e1cff58c5fc6ca437ba0
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
ade526f8b525c786b3e0ef96d55ee2d1d5c3639e7b3e1a77e053003df83e7758
b1ff6061be9d5d39ecd56e58f680550062b0d104c4f9cefb99d01a25850a384d
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
c372a2f596024b3ab9c9e7ac632185260868693e30e0223eb983e5ae897ae48a
c3eb8c85891e44777f848884abc98ace73d315653f6202b8a3735aabce3bccc7
c41553f453a21f0915295f78809ce69da17214300e920d54a64eacf9faef58ac
c4d822793b2eab5f9bf345ce530487844b1aeaca83f5fd906f2e9987f6842028
d76609e224a7b218bf9f0aefca3ed914d189566b58251c3165e1c498d3b49a5b
d7a1b5a62da42e8ecacbd3138530354ed775018c7c10dc6bb8c7029b682f301d
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
dfe7c7ac96ec29bcce0164f6584a6841c2d1d7ab6f414a964888241dcf067cb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
e65ab34ce9fc581b33eb9da02d0c3b0e5c24506a5431044ec02a48e102a0af02
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa6dbce6111b314c69e214bc7cb0ae22a27d56286a9227b9d94732209c7a242b

uat03.citi.com Open in urlscan Pro 184.24.27.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

60 Requests

77 %HTTPS

11 %IPv6

8 Domains

12 Subdomains

9 IPs

5 Countries

707 kBTransfer

2997 kBSize

0 Cookies

34 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uat03.citi.com Open in urlscan Pro
184.24.27.85 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

77 %
HTTPS

11 %
IPv6

8
Domains

12
Subdomains

9
IPs

5
Countries

707 kB
Transfer

2997 kB
Size

0
Cookies

60 HTTP transactions
0 data transactions