urlscan.io logo urlscan.io
SecurityTrails logo

www.cemefes.com Open in urlscan Pro
72.52.225.22  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Effective URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Submission: On March 12 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 48 HTTP transactions. The main IP is 72.52.225.22, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is www.cemefes.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 11th 2018. Valid for: 3 months.
This is the only time www.cemefes.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 72.52.225.22 32244 (LIQUIDWEB)
30 104.109.69.151 20940 (AKAMAI-ASN1)
3 54.251.98.0 16509 (AMAZON-02)
1 122.248.242.116 16509 (AMAZON-02)
1 8 172.217.22.68 15169 (GOOGLE)
3 172.217.22.78 15169 (GOOGLE)
1 2 172.82.228.21 15224 (OMNITURE)
1 216.58.208.42 15169 (GOOGLE)
48 8
2    72.52.225.22 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.alojate3.com
www.cemefes.com
30    104.109.69.151 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-69-151.deploy.static.akamaitechnologies.com
www.citibank.com.hk
3    54.251.98.0 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-251-98-0.ap-southeast-1.compute.amazonaws.com
step.citibank.com.hk
1    122.248.242.116 (Bedok, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-122-248-242-116.ap-southeast-1.compute.amazonaws.com
cold.citibank.com.hk
8    172.217.22.68 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f68.1e100.net
www.google.com
3    172.217.22.78 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f78.1e100.net
cse.google.com
clients1.google.com
2    172.82.228.21 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.122.2O7.net
citiintl.122.2o7.net
1    216.58.208.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f10.1e100.net
www.googleapis.com
Domain Requested by
30 www.citibank.com.hk www.cemefes.com
www.citibank.com.hk
8 www.google.com 1 redirects cse.google.com
www.google.com
3 step.citibank.com.hk www.citibank.com.hk
step.citibank.com.hk
2 citiintl.122.2o7.net 1 redirects www.cemefes.com
2 cse.google.com www.cemefes.com
www.google.com
2 www.cemefes.com www.cemefes.com
1 clients1.google.com
1 www.googleapis.com www.cemefes.com
1 cold.citibank.com.hk www.cemefes.com
48 9

This site contains links to these domains. Also see Links.

Domain
www.citibank.com.hk
citibank.hk
www.citigroup.com
careers.citigroup.com
Subject Issuer Validity Valid
cemefes.com
cPanel, Inc. Certification Authority		 2018-03-11 -
2018-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Frame ID: 1D16829B365510FBE7FFACE249487A44
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^List$/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

48
Requests

4 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

1633 kB
Transfer

3202 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://www.google.com/cse/cse.js?cx=000760143552763601331:snikialfvce HTTP 302
  • https://cse.google.com/cse/cse.js?cx=000760143552763601331:snikialfvce
Request Chain 30
  • https://citiintl.122.2o7.net/b/ss/citiintlhongkongdev/1/H.27.5/s68677209590530?AQB=1&ndh=1&t=12%2F2%2F2018%202%3A20%3A2%201%200&fid=0518F6930FF8C5B6-226D584433AD0BE3&ce=UTF-8&ns=citiintl&cdp=3&pageName=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&g=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&cc=HKD&server=cemefes.com&v1=D%3DpageName&c5=anon&v5=D%3Dc5&c6=anon&v6=D%3Dc6&c7=D%3Dv7&v7=11%3A00AM&c8=D%3Dv8&v8=Monday&c9=HK&c10=HKGCB&c11=zh_HK&v11=New&c12=Citibank%20Hong%20Kong&v13=1&v16=D%3Dc10&c17=D%3Dv11&c18=D%3Dv13&c23=HKGCB%3EHKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&c49=D%3Dv49&v49=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&c50=Citi%20Intl%20s_code%20v2.7%20-%2020151013%20%7C%20SiteCatalyst%20Base%20Code%20H27.5&h1=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://citiintl.122.2o7.net/b/ss/citiintlhongkongdev/1/H.27.5/s68677209590530?AQB=1&pccr=true&vidn=2D52F1E90531046E-600001098013C270&&ndh=1&t=12%2F2%2F2018%202%3A20%3A2%201%200&fid=0518F6930FF8C5B6-226D584433AD0BE3&ce=UTF-8&ns=citiintl&cdp=3&pageName=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&g=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&cc=HKD&server=cemefes.com&v1=D%3DpageName&c5=anon&v5=D%3Dc5&c6=anon&v6=D%3Dc6&c7=D%3Dv7&v7=11%3A00AM&c8=D%3Dv8&v8=Monday&c9=HK&c10=HKGCB&c11=zh_HK&v11=New&c12=Citibank%20Hong%20Kong&v13=1&v16=D%3Dc10&c17=D%3Dv11&c18=D%3Dv13&c23=HKGCB%3EHKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&c49=D%3Dv49&v49=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&c50=Citi%20Intl%20s_code%20v2.7%20-%2020151013%20%7C%20SiteCatalyst%20Base%20Code%20H27.5&h1=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/ 		41 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash
57dfac1c72c5773891bea44c528fb1f94dd18b3a649b228ef7a21cb815ba50ec

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.cemefes.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 12 Mar 2018 02:20:01 GMT
Last-Modified
Mon, 12 Mar 2018 02:20:01 GMT
Server
Apache
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
42103
amw.js
www.citibank.com.hk/JFP/amw/ 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JFP/amw/amw.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
431c61b57b273c885465d1fe5af1ec86e2c57a628e4cbe2e3b3a5317454062c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"1340007-41c-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=21600
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
636
expires
Mon, 12 Mar 2018 08:20:02 GMT
JPPWidget.css
www.citibank.com.hk/JFP/css/common/ 		192 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JFP/css/common/JPPWidget.css
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ee2f21bbae232aa81e5013c7fd53bb4ec8abf8f80aa4d8b8b28173cce73094c2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:01 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2017 20:27:42 GMT
x-frame-options
SAMEORIGIN
etag
"600022-301e8-560b74c7b8b80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=20683
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
text/css
content-length
25679
expires
Mon, 12 Mar 2018 08:04:44 GMT
JPPApps.css
www.citibank.com.hk/JFP/css/common/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JFP/css/common/JPPApps.css
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdd4c9906ecea69d18955f755727280746ddf4a0b5c08f3d7ee028ae749ddffd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:01 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"600020-d68e-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=19975
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
text/css
content-length
10217
expires
Mon, 12 Mar 2018 07:52:56 GMT
main_zh.css
www.citibank.com.hk/COA/portal/themes/css/avatar1.4/ 		242 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8bdfa79965c91c60500c2b26d9eaaf6d9ec3f7de22d4e7dc4369d48d07d721ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"142067b-3c8e6-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=21600
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
text/css
content-length
46683
expires
Mon, 12 Mar 2018 08:20:02 GMT
main.js
www.citibank.com.hk/COA/portal/themes/js/ 		838 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/COA/portal/themes/js/main.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
075f088602d2f3b26de653c716e801cae8797ffcde77aae2205e830db4d23ed2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"d60149-d1822-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=18796
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
227522
expires
Mon, 12 Mar 2018 07:33:18 GMT
citi_s_code.js
www.citibank.com.hk/JRS/js/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JRS/js/citi_s_code.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d5a5097b232843507222b7645e795178421f1f61916f4e5ff2092539426f2f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"13e02ae-c1d5-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=21600
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
17704
expires
Mon, 12 Mar 2018 08:20:02 GMT
space.gif
www.citibank.com.hk/JPC/gsearch/images/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/JPC/gsearch/images/space.gif
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"3a0212-2b-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=371839
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Fri, 16 Mar 2018 09:37:21 GMT
logoBlueBackground.png
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/logoBlueBackground.png
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b68eca05b07c307e6756024c00c8ece08558c8a63c111ead6635bfadfb62909
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Mon, 01 Feb 2016 07:41:23 GMT
etag
"1422bce-79e-52ab082f10ec0"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=372240
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
1950
expires
Fri, 16 Mar 2018 09:44:02 GMT
landingnavbar.js
www.citibank.com.hk/COA/portal/themes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/COA/portal/themes/js/landingnavbar.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
16b1e7fdb4b35a9a5ed992e3a985e2bcfce5279e29b5e8669df2f8912517f84c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:12 GMT
x-frame-options
SAMEORIGIN
etag
"13823f7-80d-564f445f47600"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=18794
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
1044
expires
Mon, 12 Mar 2018 07:33:16 GMT
registration.js
www.citibank.com.hk/JSO/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JSO/js/registration.js?_TS=1520268514786
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6f9ac775b1217808a69b31167495923a58fc56c144b9ca238802ef9de44192bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"78001b-b699-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=21600
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
9568
expires
Mon, 12 Mar 2018 08:20:02 GMT
jfpm.autocomplete.off.js
www.citibank.com.hk/JFP/js/modules/ 		1 KB
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JFP/js/modules/jfpm.autocomplete.off.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15a020d0ea4e347932020c2eb0ade98dd6a7b8a669535746079c0771693496e4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"d62357-406-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=20407
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
348
expires
Mon, 12 Mar 2018 08:00:09 GMT
fp.js
www.citibank.com.hk/JSO/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JSO/js/fp.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a545169923ae1d6a80d1bc8d2f19779349833533ed1d1cc2de6b93a6dfc526f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"13e02b8-3b15-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=21600
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
4396
expires
Mon, 12 Mar 2018 08:20:02 GMT
s_locale.js
step.citibank.com.hk/hk/ 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://step.citibank.com.hk/hk/s_locale.js
Requested by
Host: www.citibank.com.hk
URL: https://www.citibank.com.hk/JFP/amw/amw.js
Protocol
HTTP/1.1
Server
54.251.98.0 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-251-98-0.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ad8b57f80f73fc665fb591fb09b3d8011241c2f7cdca7e95a49f5348135de532

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Mar 2018 02:20:02 GMT
Content-Encoding
gzip
Server
nginx
transfer-encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
banking.js
cold.citibank.com.hk/19237/ 		25 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cold.citibank.com.hk/19237/banking.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
HTTP/1.1
Server
122.248.242.116 Bedok, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-122-248-242-116.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
36a2ca5b2b63b1ae07bd94f0103d1275723de1f3fa79d32c730070d9f362e0ad

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Mar 2018 02:20:02 GMT
Content-Encoding
gzip
Server
nginx
transfer-encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
CitiE2E.js
www.citibank.com.hk/JSO/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JSO/js/CitiE2E.js?ver=m8iD/jzeF6NPFn8a
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
628d67bc7bf13859bdd5345ec7a3c5913f3f8090c5b7c14ce2ed3557ad2a717a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"78000e-5ab4-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=21600
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
7489
expires
Mon, 12 Mar 2018 08:20:02 GMT
jbaCommon.js
www.citibank.com.hk/JBA/common/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/JBA/common/js/jbaCommon.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
353ffb011702583f5c79b832f53300692bf3baf6e17bc100befd502213a36ab5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Sun, 11 Feb 2018 18:53:14 GMT
x-frame-options
SAMEORIGIN
etag
"382d85-1bb2-564f44612fa80"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=21600
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
2445
expires
Mon, 12 Mar 2018 08:20:02 GMT
xfs.js
www.citibank.com.hk/views/js/ 		384 B
504 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/views/js/xfs.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c16e0065584a91793c42e061307d6f6e2e520ad8a93c089d7bc006f1d62f907
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 03:43:24 GMT
x-frame-options
SAMEORIGIN
etag
"d830e6-180-558f5d860af00"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=18455
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
196
expires
Mon, 12 Mar 2018 07:27:37 GMT
xss.js
www.citibank.com.hk/views/templates/ch/ 		872 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.hk/views/templates/ch/xss.js
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f363048c7ccc9d479fc6649e5c5e710b0bd59472ade1a558bf4c90fc5ff9772
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
last-modified
Mon, 25 Sep 2017 10:16:47 GMT
x-frame-options
SAMEORIGIN
etag
"d82e0d-368-55a00db29c1c0"
vary
Accept-Encoding
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
must-revalidate, max-age=19547
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
application/x-javascript
content-length
355
expires
Mon, 12 Mar 2018 07:45:49 GMT
logo_footer.gif
www.citibank.com.hk/chinese/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/chinese/images/logo_footer.gif
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79c2fd99700ad1372b6e6b3a76ccd8badd901bd5b6701bf1fc9b9e3d3f68f830
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Mon, 01 Feb 2016 07:43:42 GMT
etag
"27cb8-44b-52ab08b3a0780"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=139167
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/gif
content-length
1099
expires
Tue, 13 Mar 2018 16:59:29 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=000760143552763601331:snikialfvce
  • https://cse.google.com/cse/cse.js?cx=000760143552763601331:snikialfvce
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=000760143552763601331:snikialfvce
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
172.217.22.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f78.1e100.net
Software
gws /
Resource Hash
b48d0f5642f0ba610baf58389092e75f0686934b1bbbdb587f90dc0b0a1a8abe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
1753
x-xss-protection
1; mode=block
expires
Mon, 12 Mar 2018 02:20:02 GMT

Redirect headers

date
Mon, 12 Mar 2018 02:20:02 GMT
x-content-type-options
nosniff
server
sffe
status
302
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=000760143552763601331:snikialfvce
cache-control
private
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
267
x-xss-protection
1; mode=block
cse.css
www.cemefes.com/JPC/gsearch/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cemefes.com/JPC/gsearch/css/cse.css
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.cemefes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 12 Mar 2018 02:20:02 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://www.cemefes.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=99
Expires
Wed, 11 Jan 1984 05:00:00 GMT
coa_sprite_1px.png
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/coa_sprite_1px.png
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0507271066f7888b0f7ce985b0446982a6ba005ed26be162c334b39df9acc5c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"138269f-de8-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=368978
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
3560
expires
Fri, 16 Mar 2018 08:49:40 GMT
global_sprite.png
www.citibank.com.hk/JFP/images/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/JFP/images/global_sprite.png
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a68642a2f363b5bbe08a70645d10e7a33d161236e798f2121f0e87983694d6e2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/JFP/css/common/JPPApps.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Thu, 26 Jun 2014 12:01:08 GMT
etag
"1385a42-112d2-4fcbbf2b6e900"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=137238
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
70354
expires
Tue, 13 Mar 2018 16:27:20 GMT
coa_sprite.png
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/coa_sprite.png
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4270ce274c7567c028183ef07521758889413ebcdd7a4dc81ffc702af3f5ba28
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"3814e4-1187-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=137616
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
4487
expires
Tue, 13 Mar 2018 16:33:38 GMT
blackmenu_dd_bg.png
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/needhelp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/needhelp/blackmenu_dd_bg.png
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79fb431f987bf227609aa3f2ca6d74dc9ee97f1f4634ee2893a52129219e2a73
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"13826f4-b2b-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=369087
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
2859
expires
Fri, 16 Mar 2018 08:51:29 GMT
cross_line.gif
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/needhelp/ 		67 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/needhelp/cross_line.gif
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f2ec3fcac971772fd26119bb87aff1c3043c8860280c2016de4b40a433fed28f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"d60250-43-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=137619
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/gif
content-length
67
expires
Tue, 13 Mar 2018 16:33:41 GMT
branding_main.png
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/needhelp/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/needhelp/branding_main.png
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47838fabc5d78b860b1ec7224b420092a48fcbd7350ff70234aa1adbfcaaae93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"38153c-2e9d-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=137275
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
11933
expires
Tue, 13 Mar 2018 16:27:57 GMT
bg_grad_01.gif
www.citibank.com.hk/JSO/signon/images/ 		177 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/JSO/signon/images/bg_grad_01.gif
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b7c81fca7c283cc54915d1f9486d31be31396d182fef700bc10ad530f7be8bd0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"d634cb-b1-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=137229
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/gif
content-length
177
expires
Tue, 13 Mar 2018 16:27:11 GMT
signon_sprite.png
www.citibank.com.hk/JSO/signon/images/ 		610 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/JSO/signon/images/signon_sprite.png
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44cc48bbfb5d35230cc092dbbec6d810ee76aa1031eb3188284316ca14f1a49d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/COA/portal/themes/css/avatar1.4/main_zh.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 15 Jul 2014 03:57:20 GMT
etag
"13e787b-262-4fe33677ee800"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=137272
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
610
expires
Tue, 13 Mar 2018 16:27:54 GMT
citipriority.gif
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/ 		362 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/citipriority.gif
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcc58f7b882a3e0886f9ac3efea58ec80c795f5ca26bf5e952a573bdb0addc06
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Tue, 05 Sep 2017 07:51:41 GMT
etag
"13859f3-5a800-5586c7f6b3d40"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=466834
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/gif
content-length
370688
expires
Sat, 17 Mar 2018 12:00:36 GMT
s68677209590530
citiintl.122.2o7.net/b/ss/citiintlhongkongdev/1/H.27.5/
Redirect Chain
  • https://citiintl.122.2o7.net/b/ss/citiintlhongkongdev/1/H.27.5/s68677209590530?AQB=1&ndh=1&t=12%2F2%2F2018%202%3A20%3A2%201%200&fid=0518F6930FF8C5B6-226D584433AD0BE3&ce=UTF-8&ns=citiintl&cdp=3&page...
  • https://citiintl.122.2o7.net/b/ss/citiintlhongkongdev/1/H.27.5/s68677209590530?AQB=1&pccr=true&vidn=2D52F1E90531046E-600001098013C270&&ndh=1&t=12%2F2%2F2018%202%3A20%3A2%201%200&fid=0518F6930FF8C5B...
43 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citiintl.122.2o7.net/b/ss/citiintlhongkongdev/1/H.27.5/s68677209590530?AQB=1&pccr=true&vidn=2D52F1E90531046E-600001098013C270&&ndh=1&t=12%2F2%2F2018%202%3A20%3A2%201%200&fid=0518F6930FF8C5B6-226D584433AD0BE3&ce=UTF-8&ns=citiintl&cdp=3&pageName=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&g=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&cc=HKD&server=cemefes.com&v1=D%3DpageName&c5=anon&v5=D%3Dc5&c6=anon&v6=D%3Dc6&c7=D%3Dv7&v7=11%3A00AM&c8=D%3Dv8&v8=Monday&c9=HK&c10=HKGCB&c11=zh_HK&v11=New&c12=Citibank%20Hong%20Kong&v13=1&v16=D%3Dc10&c17=D%3Dv11&c18=D%3Dv13&c23=HKGCB%3EHKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&c49=D%3Dv49&v49=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&c50=Citi%20Intl%20s_code%20v2.7%20-%2020151013%20%7C%20SiteCatalyst%20Base%20Code%20H27.5&h1=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
HTTP/1.1
Server
172.82.228.21 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.122.2O7.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Mar 2018 02:20:02 GMT
Last-Modified
Tue, 13 Mar 2018 02:20:02 GMT
Server
Omniture DC/2.0.0
xserver
www76
ETag
"5AA5E3D2-08BB-0779B2AE"
Vary
*
X-C
ms-6.0.6
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 11 Mar 2018 02:20:02 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Mar 2018 02:20:02 GMT
Last-Modified
Tue, 13 Mar 2018 02:20:02 GMT
Server
Omniture DC/2.0.0
Access-Control-Allow-Origin
*
xserver
www76
X-C
ms-6.0.6
P3P
CP="This is not a P3P policy"
Location
https://citiintl.122.2o7.net/b/ss/citiintlhongkongdev/1/H.27.5/s68677209590530?AQB=1&pccr=true&vidn=2D52F1E90531046E-600001098013C270&&ndh=1&t=12%2F2%2F2018%202%3A20%3A2%201%200&fid=0518F6930FF8C5B6-226D584433AD0BE3&ce=UTF-8&ns=citiintl&cdp=3&pageName=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&g=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&cc=HKD&server=cemefes.com&v1=D%3DpageName&c5=anon&v5=D%3Dc5&c6=anon&v6=D%3Dc6&c7=D%3Dv7&v7=11%3A00AM&c8=D%3Dv8&v8=Monday&c9=HK&c10=HKGCB&c11=zh_HK&v11=New&c12=Citibank%20Hong%20Kong&v13=1&v16=D%3Dc10&c17=D%3Dv11&c18=D%3Dv13&c23=HKGCB%3EHKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201&c49=D%3Dv49&v49=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html&c50=Citi%20Intl%20s_code%20v2.7%20-%2020151013%20%7C%20SiteCatalyst%20Base%20Code%20H27.5&h1=HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
keep-alive
Content-Type
text/plain
Content-Length
0
Expires
Sun, 11 Mar 2018 02:20:02 GMT
jfpw-megamenu-bg-citi.png
www.citibank.com.hk/JFP/images/widgets/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/JFP/images/widgets/jfpw-megamenu-bg-citi.png
Requested by
Host: www.citibank.com.hk
URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
527b61fb762503e755c4acc87835804b58a85065fb8919f24a63ce139e4624aa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citibank.com.hk/JFP/css/common/JPPWidget.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
last-modified
Thu, 26 Jun 2014 12:01:10 GMT
etag
"383081-bc8e-4fcbbf2d56d80"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=368878
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/png
content-length
48270
expires
Fri, 16 Mar 2018 08:48:00 GMT
jsapi
www.google.com/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22zh_CN%22%7D%5D%7D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=000760143552763601331:snikialfvce
Protocol
SPDY
Server
172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f68.1e100.net
Software
GSE /
Resource Hash
02e914d662a69eced4c81653e4b1b9ecb48bcd82c4993fcdb72d2b798f51c65e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600, must-revalidate
vary
Accept-Encoding
content-length
6394
x-xss-protection
1; mode=block
expires
Mon, 12 Mar 2018 02:20:02 GMT
default+zh_CN.css
www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+zh_CN.css
Requested by
Host: www.google.com
URL: https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22zh_CN%22%7D%5D%7D
Protocol
SPDY
Server
172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f68.1e100.net
Software
GSE /
Resource Hash
72d4175bacbbc61b9b282dc40b8e796bc60575e2b743a27a01968a50a7612a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Feb 2018 18:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
age
2359348
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
status
200
vary
Accept-Encoding
cache-control
public, max-age=31536000
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
10177
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 18:57:34 GMT
default.css
www.google.com/cse/static/style/look/v2/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v2/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22zh_CN%22%7D%5D%7D
Protocol
SPDY
Server
172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f68.1e100.net
Software
sffe /
Resource Hash
a1b9bff84d3e757590d4d5af6505890f2c457a20822c1bc50c8de062f6c4985e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Mar 2018 15:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
private, max-age=0
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
3083
x-xss-protection
1; mode=block
expires
Mon, 12 Mar 2018 02:20:02 GMT
default+zh_CN.I.js
www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/ 		300 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+zh_CN.I.js
Requested by
Host: www.google.com
URL: https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22zh_CN%22%7D%5D%7D
Protocol
SPDY
Server
172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f68.1e100.net
Software
GSE /
Resource Hash
7992a3c9e2d1ee57b072892fd562ef5b643e24cade29eeafd7471d0534834d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 04 Feb 2018 03:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
age
3106119
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
status
200
vary
Accept-Encoding
cache-control
public, max-age=31536000
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
90342
x-xss-protection
1; mode=block
expires
Mon, 04 Feb 2019 03:31:23 GMT
generate_204
www.googleapis.com/ 		0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.cemefes.com
URL: https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
Protocol
SPDY
Server
216.58.208.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f10.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status
204
date
Mon, 12 Mar 2018 02:20:02 GMT
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
0
dtpBg1_31.jpg
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/chi/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/chi/dtpBg1_31.jpg
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77c9db78329062d09976f16c02030ea0d62d8a2d81316f1b333a3ff1c95984e2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:03 GMT
last-modified
Mon, 26 Feb 2018 11:21:10 GMT
etag
"2027ca-2c92d-5661bb4fa3580"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=138377
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/jpeg
content-length
182573
expires
Tue, 13 Mar 2018 16:46:20 GMT
citi_MGM_logon_background-ch.jpg
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/citi_MGM_logon_background-ch.jpg
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d8a9bd61995a8ef16f1d02e26d05743a6eeaa1906f26078b956c8f6ec19f5ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:03 GMT
last-modified
Wed, 31 Aug 2016 11:57:49 GMT
etag
"1420549-ca84-53b5cce604940"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=371117
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/jpeg
content-length
51844
expires
Fri, 16 Mar 2018 09:25:20 GMT
dac_logonbanner_ch.jpg
www.citibank.com.hk/COA/portal/themes/images/avatar1.4/ 		289 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citibank.com.hk/COA/portal/themes/images/avatar1.4/dac_logonbanner_ch.jpg
Protocol
SPDY
Server
104.109.69.151 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0269f7c71db6574fbc9e273873394c8ed8aacf6e790b42c65e8b28bc49efe7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:03 GMT
last-modified
Thu, 24 Aug 2017 12:33:22 GMT
etag
"13859f9-485ff-5577f08b38880"
x-frame-options
SAMEORIGIN
p3p
CP="STA NAV PRE UNI TAI ADM DEV CUR OUR NOR STP DSP CAO CONo"
status
200
cache-control
max-age=138483
x-ua-compatible
IE=Edge
accept-ranges
bytes
content-type
image/jpeg
content-length
296447
expires
Tue, 13 Mar 2018 16:48:06 GMT
async-ads.js
cse.google.com/adsense/search/ 		216 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+zh_CN.I.js
Protocol
SPDY
Server
172.217.22.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f78.1e100.net
Software
sffe /
Resource Hash
abbca11f3d032d1ec50aacf7afe55d65d0175c881ede4cd85e76bc1b4535e672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"16997334864817430501"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=3600
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection
1; mode=block
expires
Mon, 12 Mar 2018 02:20:03 GMT
clear.png
www.google.com/uds/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/uds/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+zh_CN.I.js
Protocol
SPDY
Server
172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f68.1e100.net
Software
GSE /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/cse/static/style/look/v2/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Jan 2018 16:54:09 GMT
server
GSE
age
0
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=0
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
1018
x-xss-protection
1; mode=block
expires
Mon, 12 Mar 2018 02:20:03 GMT
googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 		919 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png
Protocol
SPDY
Server
172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f68.1e100.net
Software
sffe /
Resource Hash
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Dec 2016 15:00:00 GMT
server
sffe
content-type
image/png
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
919
x-xss-protection
1; mode=block
expires
Mon, 12 Mar 2018 02:20:03 GMT
search_box_icon.png
www.google.com/uds/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/uds/css/v2/search_box_icon.png
Protocol
SPDY
Server
172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f68.1e100.net
Software
GSE /
Resource Hash
76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 02:20:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Jan 2018 16:54:09 GMT
server
GSE
age
0
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=0
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
1018
x-xss-protection
1; mode=block
expires
Mon, 12 Mar 2018 02:20:03 GMT
generate_204
clients1.google.com/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Protocol
SPDY
Server
172.217.22.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f78.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status
204
date
Mon, 12 Mar 2018 02:20:03 GMT
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
0
l2gsY
step.citibank.com.hk/hk/ 		148 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://step.citibank.com.hk/hk/l2gsY?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ExLjgwMzA2MDA0ODM0MDUxMTJlJTJCMjMlN0QlN0QlNUQ%3D&cid=4&si=1&e=https%3A%2F%2Fwww.cemefes.com&LSESSIONID=jLd1oKYd44YjcCmLLRsh0D4Cpv%2BSpXrRUkGzEXavFtPX08UvN8py4MM%3D&t=jsonp&c=xziduqblfqavywmd&eu=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html
Requested by
Host: step.citibank.com.hk
URL: https://step.citibank.com.hk/hk/s_locale.js
Protocol
HTTP/1.1
Server
54.251.98.0 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-251-98-0.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
df8bf7397c743e8a8f3cb2a614f0e1598e56236da9015991d92894cc56585177

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Mar 2018 02:20:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
148
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
l2gsY
step.citibank.com.hk/hk/ 		148 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://step.citibank.com.hk/hk/l2gsY?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI2JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjYlMjIlMkMlMjJiJTIyJTNBMCUyQyUyMnRtJTIyJTNBMCUyQyUyMmQlMjIlM0ElMjIlMjU3QiUyNTIyZG9tLmJsb2NrcXVvdGUlMjUyMiUyNTNBJTI1NUIlMjU1RCUyNTJDJTI1MjJqcyUyNTIyJTI1M0ElMjU1QiUyNTVCJTI1MjJBTEVSVF9CVVRUT05TJTI1MjIlMjU1RCUyNTJDJTI1NUIlMjUyMkFMUEhBX1RZUEUlMjUyMiUyNTVEJTI1MkMlMjU1QiUyNTIyQUxQSEFOVU1FUklDX1RZUEUlMjUyMiUyNTVEJTI1NUQlMjU3RCUyMiUyQyUyMnAlMjIlM0ExJTJDJTIyciUyMiUzQTAuMzkwNTY0NjA1NjA4OTg1MSU3RCU3RCU1RA%3D%3D&cid=6&si=1&e=https%3A%2F%2Fwww.cemefes.com&LSESSIONID=jLd1oKYd44YjcCmLLRsh0D4Cpv%2BSpXrRUkGzEXavFtPX08UvN8py4MM%3D&t=jsonp&c=uhpbcnvlbfmoqwrp&eu=https%3A%2F%2Fwww.cemefes.com%2Fcss%2Fcitibank.com.hk%2Fsecurity%2520upgrade%2F2018%2Findex.html
Requested by
Host: step.citibank.com.hk
URL: https://step.citibank.com.hk/hk/s_locale.js
Protocol
HTTP/1.1
Server
54.251.98.0 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-251-98-0.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
430ebd7dc8d4b9bc0c9a008ea0b434414a0261ec6d8c16da9a81d1c7ad8f9dc6

Request headers

Referer
https://www.cemefes.com/css/citibank.com.hk/security%20upgrade/2018/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Mar 2018 02:20:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
148
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

669 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| data2 function| getData2 string| HOST string| PATH_FOLDERNAME string| PAGE_NAME undefined| __delayWidgetIns__disable undefined| liveBankInterval function| loadCSS function| createCookie function| readCookie function| loadPrefCSS function| showPrefCSS function| loadCookie function| unloadCookie function| getObjAttr function| isString undefined| resDate undefined| oldScreenID string| sCodeForVerify function| copySCAttr function| displayHostErrorsForJBA object| JFPWClass object| CJW function| doNothing function| mustOverrideMe object| JFP function| JFPObject boolean| isE2e object| openWins number| openWinsCount function| addWinToList function| closeOpenWins function| submitLinkPostForm function| submitLinkPostForm2 function| encryptE2e function| validateToken function| validateCredential function| validateCredentialOnClient function| validateRequired function| validateRequired2 function| validateMaxLength function| validateInputText function| isEmpty function| isWhitespace function| displayHelp object| _evt function| winMouseDown function| winSize function| popupWinSize function| getClickPos function| showPopup_W_XY function| showPopup_L_XY function| showPopup function| doPopup function| linkParentAndCloseSelf function| trim function| openPrintWin string| navClass undefined| L1 undefined| L2 undefined| L3 undefined| L4 function| hlMenu function| getCookie function| setCookie function| __closePrintWindow function| __oldOperaVersion function| isSubappBusy function| setSubappBusy function| setSubappBusy2 function| NS6OnClickHandler function| confirmGoW function| confirmGo function| requestWa function| ConfirmGo2 function| setBrowserAndDeviceWNName function| checkMyPFM function| mypfmCallback function| openPopupWin object| customer_portal_chat function| openGlobalChat boolean| foundFirstErrorTooltip object| firstErrorTooltipId boolean| firstFieldHasCSError function| callAjaxWithPostData function| callAjax function| callAjaxWithoutOTP function| callAjaxWithMenuHL function| confirmGoWHL function| normalCall function| callOverLay function| overLayClose function| panelWidgetLoop function| panelHeaderColorIconChange function| subscribePanelEvent function| tabWidgetLoop function| subscribeTabEvent function| tabVerticalWidgetLoop function| overLayWidgetLoop function| changeTabConfirm function| show_help function| hide_help function| submitFormInSubappByAjax function| submitFormNormal function| sublaybuttonWidgetLoop function| createSpinner function| spinnerBlock function| spinnerUnblock number| DIALOG_TYPE_GENERAL number| DIALOG_TYPE_ALERT number| DIALOG_TYPE_INFO number| DIALOG_TYPE_CONFIRM number| CONFIRM_TYPE_1 number| CONFIRM_TYPE_2 string| DEFAULT_BUTTON_LABEL_OK string| DEFAULT_BUTTON_LABEL_CANCEL string| DEFAULT_BUTTON_LABEL_YES string| DEFAULT_BUTTON_LABEL_NO string| DIALOG_ALERT_TITLE string| DIALOG_INFO_TITLE string| DIALOG_CONFIRM_TITLE string| BUTTON_STYLE_BLUE string| BUTTON_STYLE_WHITE string| BUTTON_ALIGN_LEFT string| BUTTON_ALIGN_RIGHT number| DEFAULT_OVERLAY_WIDTH number| DEFAULT_OVERLAY_HEIGHT number| DEFAULT_DIALOG_WIDTH number| DEFAULT_DIALOG_HEIGHT number| POPUPDIALOG_COUNT number| FIXED_WIDTH_SPACING number| FIXED_HEIGHT_SPACING number| MAX_HEIGHT number| MAX_WIDTH number| MIN_HEIGHT_WITH_FOOTER number| MIN_HEIGHT_WITHOUT_FOOTER number| MIN_WIDTH_WITH_FOOTER number| MIN_WIDTH_WITHOUT_FOOTER number| GENERAL_PADDING_BOTTOM_SPACING number| HEIGHT_OF_FOOTER object| ALERT_BUTTONS object| INFO_BUTTON_LABLES object| CONFIRM_1_BUTTONS object| CONFIRM_2_BUTTONS function| initCoaOverlay function| initOverlay function| closeAllTooltip function| initButton function| getButtonsHtml function| getButtonDivHtml function| createButtons function| initializeCommonComponents function| initializeCommonComponentsOverlayFooter function| measureSize function| resize function| call_ajax_for_commonOverlay function| closeCommonOverlay function| closeOverlayNoDes function| cancelFormNormal function| createPrintAreaDiv function| widgetForExport function| validateformatSelectForExport function| signOffPopupWin function| signOffXsellOK string| COMMON_ERROR_TOOLTIP_POSITION string| COMMON_ERROR_TOOLTIP_POSITION_JBA string| COMMON_ERROR_TOOLTIP_FUNCTION_JBA object| errorToolTipErrorMessage object| errorToolTipFocusID boolean| CSValidationForFocus string| errorToolTipform function| validateFormForToolTipError function| generateCSValidation function| generateCSValidationForField function| validateFieldForToolTipDP4 function| errorTooltipHandlingForMSG function| validateFieldForToolTipDP4ForFun boolean| validateClientFirstError object| validateClientFirstField object| validateClientFirstErrorFunction object| validateClientFirstErrorPosition function| validateFieldForToolTip function| validateFormForToolTip function| repositionErrorTooltip function| confirmCancelHandler function| renderData function| blueButtonWidgetLoop function| whiteButtonWidgetLoop function| closePanel function| allOverlayClose function| allCoaOverlayClose function| setDynamicContentFlag function| bindClearDCFlagFuncToCloseEvent object| overlayConfiguration function| configureOverlay function| showStaticContentInOverlay function| showDynamicContentInOverlay function| showAlertDialog function| showConfirmDialog function| setDynamicOverlayElements function| setOverlayHeaderElements function| setOverlayTitle function| setOverlaySubtitle function| setOverlayProgressIndicator function| setOverlayDisclaimerFooter function| setOverlayButtons function| setOverlayHeader function| realignTopMostOverlay function| $ function| jQuery function| DP_jQuery_1520821202105 object| _subscribe_topics object| _subscribe_handlers function| _subscribe_getDocumentWindow undefined| mixin function| $jq function| doOnload function| doUnload function| doBeforeUnload function| setwncookie object| jQuery19107588228418851524 function| DP_jQuery_1520821202121 string| s_account string| locationName string| reportSuites object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| omtr_omnitureRSID string| omtr_internalDomain string| omtr_countryID string| omtr_siteID string| omtr_externalcampaignID string| omtr_internalcampaignID string| omtr_charSet string| omtr_timezone string| omtr_currency string| omtr_pagePrefix string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq string| spinnerDisPhrase string| DEFAULT_SPINNER_TEXT function| reqDetect boolean| isSearchResults function| gssCallback function| gsearch boolean| jpcFirstClickToSearch function| jpcClickToSearch function| renderSearchControls object| __gcse object| imgNames object| re object| match number| selectedTab string| bgDivSelector function| initializeImages function| appendImages function| imageLoaded number| counter function| activateTabLinks string| alphanum object| upperCase object| lowerCase object| acctPattern number| acctMinLength number| acctMaxLength object| unamePattern object| unamePattern1 object| unamePattern2 number| unameMinLength number| unameMaxLength string| polishchars string| specialchars object| pwdPattern0 object| pwdPattern1 object| pwdPattern2 object| pwdPattern3 number| pwdMinLength number| pwdMaxLength boolean| clientSidePwdValidation object| pwdCriteria boolean| emailRequired object| emailPattern number| minSecretLength number| maxSecretLength object| cvv2Pattern number| cvv2MinLength number| cvv2MaxLength number| creditLimitMinAmt number| creditLimitMaxAmt number| expDateMinLength number| expDateMaxLength number| dobMinLength number| dobMaxLength object| dobPattern number| postalCodeMinLength number| postalCodeMaxLength number| homeNoMinLength number| homeNoMaxLength number| officeNoMinLength number| officeNoMaxLength number| billToOptMinLength number| billToOptMaxLength number| paymentOptMinLength number| paymentOptMaxLength number| mmnMinLength number| mmnMaxLength number| CURRENCY_MAX_LENGTH number| NUM_OF_SEQ_CHARS string| CONFIRM_ANSWER_LABEL_LAYER string| CONFIRM_ANSWER_LAYER undefined| tempCA undefined| tempCCA boolean| confirmCAshown string| goodQIDs boolean| validateCAOnErrScreen string| normalizationCharSet object| cvv2Errors object| creditLimitErrors object| dateOfBirthErrors object| expiredateErrors object| homePhoneNoErrors object| primesecIndErrors object| acctNumberErrors object| nationalIDErrors object| residentCardErrors object| cfiErrors object| passportErrors object| dninifErrors object| icNumberErrors object| memberSinceErrors object| mobilePhoneNumberErrors object| cardNumberErrors boolean| signonError boolean| displaySignonError boolean| allownextpopup boolean| pwdCaseSensitive object| toolTipErrorMsg function| captchaValidation function| cinValidation function| pinValidation function| cvv2Validation function| creditLimitValidation function| accountNumberValidation function| usernameRegValidation function| usernameRegValidationInline function| checkCurrentPwd function| checkPwd function| checkCurrentPwdInline function| checkPwdInline function| checkPin function| passwordRegValidation function| passwordRegValidationUS function| passwordRegValidationInline function| currentPasswordValidation function| currentPasswordValidationInline function| validateEmail function| pwdMetCriteria function| resetPwdCriteria function| checkPwdOnline function| checkCfmPwdOnline object| chr function| alphaNumericToAscii function| validSequence function| isSimilar function| removeNCS function| checkAgreement function| setOption function| selectedDropDown function| updateLPCount number| ruleType_atLeast number| ruleType_cannotContain function| getDateFormatForTipDatepicker boolean| sentForm boolean| vkbSupported string| otpRequired function| signOnUnamePwd function| signOnUname function| signOnPwd function| signOnCap function| clearSignonScreen function| pwdValidation function| pwdValidationInline function| passwordValidation function| usernameValidation object| cinPattern number| cinMinLength number| cinMaxLength object| pinPattern number| pinMinLength number| pinMaxLength string| logonIDTypeName undefined| logonIDTypeParams undefined| lgonIDTypePreselected boolean| pinPadSupported undefined| currentForm undefined| currentSignonUI undefined| currentLogonIDType string| RANGE boolean| clearFormOnError object| alphaPattern object| alphaNumPattern object| numPattern object| expDatePattern number| ALPHA_TYPE number| ALPHANUMERIC_TYPE number| NUMERIC_TYPE number| DATE_TYPE string| FERR string| EERR string| LERR string| LRERR string| ZERR number| MMDDYYYY number| DDMMYYYY number| YYYYMMDD undefined| addlCharsAllowed string| whitespace boolean| mtSupported function| displayNickname function| accessLayer function| getLogonIDType function| initVars function| preselectItem function| onSelectLogonID function| clearForm function| selectRegForm function| clearRegForm function| closeKeyPad function| isAdditionalItemValid function| validateExpDate function| validateAlpha function| validateAlphaNumeric function| validateNumeric function| getDatePattern function| getDatePattern2 function| isValidDate string| SEP function| getTimeZone function| getResolution function| getColorDepth function| populateClientData function| setPwdKeyOptions function| isGALayout function| modifyTargetDIVObject object| jso_common_tooltip_validation function| jso_common_tooltip_validation_do_check object| jso_common_dialog number| MMYY object| JSODateTool function| $autocomplete function| disableAutocomplete function| populateClientData4RBA function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| detectFields string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint string| gpPlsMyCitiUserName boolean| validate boolean| validatePwdLength boolean| captchaSupported string| gpPlsMyCitiUsrId string| gpPlsMyCitiPass string| gpPlsMyCitiCap string| gpDashOnCookiedScreen string| gpErrorOnUserIDSelect string| gpEnterOTP string| gpMyCitiCond string| gpMyCitiPassCond string| pwdFormat string| usernameSameAsPwd object| unamePwd function| jsoCallAjax function| JSOOnload boolean| callJSOOnload undefined| SYNC_TOKEN_VALUE undefined| localInputConfig function| setDefaultFocus object| list object| Mask string| isFormEncryptionSupported string| strList string| ENCRYPT_FIELD_SEP string| ENCRYPTED_STRING_SEP string| PublicKeyMo string| PublicKeyEx string| eid function| getByteArray number| dbits boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnpBitwiseTo function| op_xor function| bnXor function| lbit function| parseBigInt function| pkcs1pad2B function| randomBytes function| pkcs1pad2 function| RSAKey function| des function| des_createKeys function| stringToHex function| encryptPIN function| encryptData function| rsaEncryptPIN function| fromHexToString function| generateRandomString function| padClearPIN2 function| padClearPIN function| padPINField function| DES_Encrypt function| pubKeyCheck function| FormatAmt function| FormatAmtWithoutCurrCode function| appendThousandSeperator function| removeLeadingZero function| replace function| sfClearCred function| sfClearTanCred function| SubmitForm function| encryptSensitiveFields function| callEncryptionAPI function| encryptFormFields function| getEncryptionString function| createHtmlAttribute function| ltrim function| rtrim function| encryptSensitiveData function| getEncryptedData function| urlencode function| getFinalURL object| child_win function| launchPopup function| tv object| todayAd number| li string| s_prop_26 number| d object| eo number| y object| s_i_0_citiintl string| disclaimerFlag function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| $arrow number| googleLT_ object| google object| Y function| google_exportSymbol function| google_exportProperty string| UDS_ServiceBase string| UDS_ApiKey boolean| UDS_KeyVerified boolean| UDS_LoadFailure string| UDS_CurrentLocale string| UDS_ShortDatePattern string| UDS_Version string| UDS_JSHash function| GwebSearch function| GcustomwebSearch function| GbookSearch function| GblogSearch function| GvideoSearch function| GnewsSearch function| GlocalSearch function| GimageSearch function| GcustomimageSearch function| GpatentSearch function| GSearch function| GSearchControl function| GSearchForm function| GsearcherOptions function| GdrawOptions object| ___so19237 string| PSESSIONID string| SSESSIONID object| regex string| LSESSIONID object| __tp number| __gt function| _googCsa number| nextSearchboxId string| jsonpCallback function| xziduqblfqavywmd function| uhpbcnvlbfmoqwrp number| googleNDT_ number| useGwsAfdAdRequestPath_ number| _googCsaShowAfdSurvey number| _googCsaAlwaysHttps number| googleAltLoader

9 Cookies

Domain/Path Name / Value
.www.cemefes.com/ Name: s_invisit
Value: true
.www.cemefes.com/ Name: s_nr
Value: 1520821202186-New
.www.cemefes.com/ Name: s_vnum
Value: 1522540800186%26vn%3D1
.www.cemefes.com/ Name: s_fid
Value: 0518F6930FF8C5B6-226D584433AD0BE3
.www.cemefes.com/ Name: s_cc
Value: true
.www.cemefes.com/ Name: s_gpv_products
Value: no%20value
.www.cemefes.com/ Name: s_gpv_pageName
Value: HKGCB%7CJSO%7CSign%20On%7CSign%20On%20Screen%7CScreen%201
.www.cemefes.com/ Name: s_sq
Value: %5B%5BB%5D%5D
www.cemefes.com/ Name: AdTrack
Value: pageHistory|Signon.713.200

7 Console Messages

Source Level URL
Text
console-api log URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js(Line 73)
Message:
JQMIGRATE: Logging is active
console-api warning URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js(Line 73)
Message:
JQMIGRATE: jQuery.browser is deprecated
console-api log URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js(Line 73)
Message:
console.trace
console-api warning URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js(Line 73)
Message:
JQMIGRATE: jQuery.fn.live() is deprecated
console-api log URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js(Line 73)
Message:
console.trace
console-api warning URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js(Line 73)
Message:
JQMIGRATE: jQuery.fn.load() is deprecated
console-api log URL: https://www.citibank.com.hk/COA/portal/themes/js/main.js(Line 73)
Message:
console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citiintl.122.2o7.net
clients1.google.com
cold.citibank.com.hk
cse.google.com
step.citibank.com.hk
www.cemefes.com
www.citibank.com.hk
www.google.com
www.googleapis.com
104.109.69.151
122.248.242.116
172.217.22.68
172.217.22.78
172.82.228.21
216.58.208.42
54.251.98.0
72.52.225.22
02e914d662a69eced4c81653e4b1b9ecb48bcd82c4993fcdb72d2b798f51c65e
075f088602d2f3b26de653c716e801cae8797ffcde77aae2205e830db4d23ed2
0d8a9bd61995a8ef16f1d02e26d05743a6eeaa1906f26078b956c8f6ec19f5ac
15a020d0ea4e347932020c2eb0ade98dd6a7b8a669535746079c0771693496e4
16b1e7fdb4b35a9a5ed992e3a985e2bcfce5279e29b5e8669df2f8912517f84c
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
353ffb011702583f5c79b832f53300692bf3baf6e17bc100befd502213a36ab5
36a2ca5b2b63b1ae07bd94f0103d1275723de1f3fa79d32c730070d9f362e0ad
4270ce274c7567c028183ef07521758889413ebcdd7a4dc81ffc702af3f5ba28
430ebd7dc8d4b9bc0c9a008ea0b434414a0261ec6d8c16da9a81d1c7ad8f9dc6
431c61b57b273c885465d1fe5af1ec86e2c57a628e4cbe2e3b3a5317454062c1
44cc48bbfb5d35230cc092dbbec6d810ee76aa1031eb3188284316ca14f1a49d
47838fabc5d78b860b1ec7224b420092a48fcbd7350ff70234aa1adbfcaaae93
527b61fb762503e755c4acc87835804b58a85065fb8919f24a63ce139e4624aa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57dfac1c72c5773891bea44c528fb1f94dd18b3a649b228ef7a21cb815ba50ec
5f363048c7ccc9d479fc6649e5c5e710b0bd59472ade1a558bf4c90fc5ff9772
628d67bc7bf13859bdd5345ec7a3c5913f3f8090c5b7c14ce2ed3557ad2a717a
6d0269f7c71db6574fbc9e273873394c8ed8aacf6e790b42c65e8b28bc49efe7
6f9ac775b1217808a69b31167495923a58fc56c144b9ca238802ef9de44192bc
72d4175bacbbc61b9b282dc40b8e796bc60575e2b743a27a01968a50a7612a76
76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18
77c9db78329062d09976f16c02030ea0d62d8a2d81316f1b333a3ff1c95984e2
7992a3c9e2d1ee57b072892fd562ef5b643e24cade29eeafd7471d0534834d58
79c2fd99700ad1372b6e6b3a76ccd8badd901bd5b6701bf1fc9b9e3d3f68f830
79fb431f987bf227609aa3f2ca6d74dc9ee97f1f4634ee2893a52129219e2a73
8bdfa79965c91c60500c2b26d9eaaf6d9ec3f7de22d4e7dc4369d48d07d721ce
8c16e0065584a91793c42e061307d6f6e2e520ad8a93c089d7bc006f1d62f907
8d5a5097b232843507222b7645e795178421f1f61916f4e5ff2092539426f2f5
9b68eca05b07c307e6756024c00c8ece08558c8a63c111ead6635bfadfb62909
a1b9bff84d3e757590d4d5af6505890f2c457a20822c1bc50c8de062f6c4985e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a545169923ae1d6a80d1bc8d2f19779349833533ed1d1cc2de6b93a6dfc526f2
a68642a2f363b5bbe08a70645d10e7a33d161236e798f2121f0e87983694d6e2
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
abbca11f3d032d1ec50aacf7afe55d65d0175c881ede4cd85e76bc1b4535e672
ad8b57f80f73fc665fb591fb09b3d8011241c2f7cdca7e95a49f5348135de532
b48d0f5642f0ba610baf58389092e75f0686934b1bbbdb587f90dc0b0a1a8abe
b7c81fca7c283cc54915d1f9486d31be31396d182fef700bc10ad530f7be8bd0
c0507271066f7888b0f7ce985b0446982a6ba005ed26be162c334b39df9acc5c
cdd4c9906ecea69d18955f755727280746ddf4a0b5c08f3d7ee028ae749ddffd
df8bf7397c743e8a8f3cb2a614f0e1598e56236da9015991d92894cc56585177
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2f21bbae232aa81e5013c7fd53bb4ec8abf8f80aa4d8b8b28173cce73094c2
f2ec3fcac971772fd26119bb87aff1c3043c8860280c2016de4b40a433fed28f
fcc58f7b882a3e0886f9ac3efea58ec80c795f5ca26bf5e952a573bdb0addc06