www.cobrosonline.citibank.com Open in urlscan Pro
104.96.155.218 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cobrosonline.citibank.com/PPCD/index.html
Submission: On May 06 via manual (May 6th 2024, 8:07:48 am UTC) from IN — Scanned from DE

Summary HTTP 32 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 32 HTTP transactions. The main IP is 104.96.155.218, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is www.cobrosonline.citibank.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on February 13th 2024. Valid for: a year.

This is the only time www.cobrosonline.citibank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
31	104.96.155.218 104.96.155.218		16625 (AKAMAI-AS) (AKAMAI-AS)
32	2

31 104.96.155.218 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-155-218.deploy.static.akamaitechnologies.com

www.cobrosonline.citibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	citibank.com www.cobrosonline.citibank.com	653 KB
32	1

	Domain	Requested by
31	www.cobrosonline.citibank.com	www.cobrosonline.citibank.com
32	1

This site contains links to these domains. Also see Links.

Domain
www.citigroup.com

Subject Issuer	Validity	Valid
www.cobrosonline.citibank.com DigiCert EV RSA CA G2	`2024-02-13` - `2025-03-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.cobrosonline.citibank.com/PPCD/index.html
Frame ID: A10178F3ED1FF85AFD7A67DE4F86BE96
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Payment Channel

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

653 kB
Transfer

1895 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citigroup.com/
Title: CITIGROUP.COM

Search URL Search Domain Scan URL

URL: https://www.citigroup.com/citi/privacy.html
Title: Citigroup Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
www.cobrosonline.citibank.com/PPCD/ 16 KB
7 KB 1429ms
1184ms Document
text/html 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

704da28279e44cd34f994bc989977eee8b4d98da3069a909e50752d542977adb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Cache-Control: no-cache no-store must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Length: 4665
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 May 2024 08:07:41 GMT
Expires: Tue, 08 Aug 2006 10:00:00 GMT
Permissions-Policy: geolocation=(self); accelerometer=()
Pragma: no-cache
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload max-age=86400; includeSubDomains; preload
Vary: Accept-Encoding
X-Akamai-Transformed: 9 16537 0 pmb=mTOE,1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Servlet/3.0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.css.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/bootstrap-4.5.2-dist/css/ 193 KB
26 KB 1587ms
1583ms Stylesheet
text/css 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/bootstrap-4.5.2-dist/css/bootstrap.css.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

538fca3b551cce7af15e486a0ef584bc87599b66ef44cdafc05b0bebd8a8b882

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 26136
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Apr 2024 01:43:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK bootstrap-grid.css.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/bootstrap-4.5.2-dist/css/ 66 KB
8 KB 1369ms
1335ms Stylesheet
text/css 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/bootstrap-4.5.2-dist/css/bootstrap-grid.css.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

434ff0dd1eac1acf7aa683e97a8da20304a963ca14978005b8221ab07248c6d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 7107
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Apr 2024 01:43:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK header.css.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/ 3 KB
2 KB 954ms
920ms Stylesheet
text/css 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/header.css.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

e3af72881900ccba23902ea1da89fd36dbba2f5a84caf9c470a9770a80c90ee4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 807
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Apr 2024 01:43:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK login.css.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/ 12 KB
4 KB 1150ms
1116ms Stylesheet
text/css 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/login.css.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

22dc92bb40731efc926a65488d76d7286100d6417af9453f2161d90be0065db2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 2723
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Apr 2024 01:43:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK messages.css.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/ 1 KB
1 KB 1155ms
1120ms Stylesheet
text/css 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/messages.css.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

6ff26a70592494e9104e5991c557b8426ec46c3f170d6d3e89cb3ca665526421

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 432
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Apr 2024 01:43:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK custom.css.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/ 2 KB
2 KB 1036ms
1002ms Stylesheet
text/css 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/custom.css.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

ecbfb71fde6cd71cd44bc1383e8c9dff1c4d3a1a0581a7ed9eaebfdadba5367a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 592
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Apr 2024 01:43:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK components.css.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/ 94 KB
16 KB 1503ms
549ms Stylesheet
text/css 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/components.css.jsf?ln=primefaces&v=8.0

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

73f2b16838b632a3af00938f1d79b15f50aafaf1ab0d8541049bba5429f25c0e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 15801
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Apr 2024 01:43:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK jquery.js.jsf Show response
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/jquery/ 87 KB
31 KB 1591ms
554ms Script
application/x-javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/jquery/jquery.js.jsf?ln=primefaces&v=8.0

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 30946
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK jquery-plugins.js.jsf Show response
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/jquery/ 261 KB
72 KB 1832ms
683ms Script
application/x-javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/jquery/jquery-plugins.js.jsf?ln=primefaces&v=8.0

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

99d02c2df8caf8fa07a68d82e7a63a112635c73f03367665786b056c972e1334

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:32:38 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK core.js.jsf Show response
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/ 42 KB
14 KB 1595ms
441ms Script
application/x-javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/core.js.jsf?ln=primefaces&v=8.0

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

40509d57086c720aa07557e34ae53097bd9cdd44a362da9d523ff00893d49537

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 13110
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:32:38 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK components.js.jsf Show response
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/ 424 KB
90 KB 2058ms
690ms Script
application/x-javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/components.js.jsf?ln=primefaces&v=8.0

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

3bc6502a1cb11feab43da0f3f27ed769b52f6e45c8585df652c2a58d5d8b9190

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:32:38 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK Logo.png.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 1 KB
2 KB 166ms
166ms Image
image/png 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/Logo.png.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

324d9f7b51e9071a4a05d908af7e44117956de8313d7703a57324d87378daadc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:42 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 1086
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK arrow.gif.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 210 B
1 KB 163ms
163ms Image
image/gif 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/arrow.gif.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

e931803209174b58845529a44f993ce11005c37932061938fc403b0124446d75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 210
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:42 GMT

GET
H/1.1 200
OK oamSubmit.js.jsf Show response
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/ 2 KB
2 KB 169ms
169ms Script
application/x-javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/oamSubmit.js.jsf?ln=org.apache.myfaces

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

3f74a07b889b162944d9612b74414a93c74e878dc8179f70a92af0bb5287cf05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 744
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 27 Jun 2023 20:30:02 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK info.gif.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 59 B
984 B 177ms
176ms Image
image/gif 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/info.gif.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

a7045bb05de3074f2e371e58bb1118aa98cbd025f25978bbc35b6c5eb904d2f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 59
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK jsf.js.jsf Show response
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/ 112 KB
26 KB 303ms
303ms Script
application/x-javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/jsf.js.jsf?ln=javax.faces

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

b2a6d68a3b69ed1c95f01cc598ea770784da4132f8aeb93416790a2c4c092969

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 25624
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 27 Jun 2023 20:24:18 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK dot_clear.gif.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/spacer/ 42 B
967 B 197ms
197ms Image
image/gif 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/spacer/dot_clear.gif.jsf?ln=primefaces&v=8.0

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 42
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:32:38 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK citi_footer_logo_new.png.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 861 B
2 KB 165ms
164ms Image
image/png 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/citi_footer_logo_new.png.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

34e671e642224084c8dccc70ce1bca568d0c54b012e2c29f20437262cbd39eb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 861
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK bootstrap.js.jsf Show response
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/bootstrap-4.5.2-dist/js/ 132 KB
26 KB 424ms
424ms Script
application/x-javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/bootstrap-4.5.2-dist/js/bootstrap.js.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

dd94aa9fafad4addd6cefb49809b9752132d5e9fe2afa116805440c733ebc22f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
Content-Encoding: gzip
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 25637
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK GHxEPhQ Show response
www.cobrosonline.citibank.com/C1Bci/Zi/b9/ZKJi/xFjUdbP/acz9rfQzQG7c/WTAXAg/AAMY/ 213 KB
79 KB 32ms
32ms Script
application/javascript 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobrosonline.citibank.com/C1Bci/Zi/b9/ZKJi/xFjUdbP/acz9rfQzQG7c/WTAXAg/AAMY/GHxEPhQ
Requested by: Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-155-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 08:07:43 GMT
Content-Encoding: br
Last-Modified: Wed, 02 Aug 2023 16:13:53 GMT
Stored-Attribute-Sha-Checksum: d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b
Content-Type: application/javascript
Cache-Control: max-age=21600, max-age=21600
Connection: keep-alive
Content-Length: 80094

GET
H/1.1 200
OK info.gif.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 59 B
0 0ms
0ms Image
image/gif 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/info.gif.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

a7045bb05de3074f2e371e58bb1118aa98cbd025f25978bbc35b6c5eb904d2f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Date: Mon, 06 May 2024 08:07:43 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Powered-By: Servlet/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Content-Length: 59
X-XSS-Protection: 1; mode=block
Expires: Mon, 13 May 2024 08:07:43 GMT

POST
H/1.1 201
Created GHxEPhQ Show response
www.cobrosonline.citibank.com/C1Bci/Zi/b9/ZKJi/xFjUdbP/acz9rfQzQG7c/WTAXAg/AAMY/ 18 B
948 B 411ms
410ms XHR
application/json 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobrosonline.citibank.com/C1Bci/Zi/b9/ZKJi/xFjUdbP/acz9rfQzQG7c/WTAXAg/AAMY/GHxEPhQ
Requested by: Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/C1Bci/Zi/b9/ZKJi/xFjUdbP/acz9rfQzQG7c/WTAXAg/AAMY/GHxEPhQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-155-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 06 May 2024 08:07:44 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Access-Control-Allow-Credentials: true
x_req_id: b64b8824-542c-422e-bed6-aa32f90a5bdf
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 18

GET
H/1.1 200
OK bg.gif.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 71 B
996 B 168ms
167ms Image
image/gif 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/bg.gif.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/login.css.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

a0fd307c0dcae52eddcc6d7e09dda2dc7d2a2dbb2d7dd5384690a58a6682599d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 71
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK top_bg.jpg.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 753 B
2 KB 167ms
166ms Image
image/jpeg 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/top_bg.jpg.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/header.css.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

8e1e014f1aeab3be56d884ac94ebf4693ac20912678535aab7c019c8e2ee5283

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 753
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK bluegradient.jpg.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 841 B
2 KB 173ms
173ms Image
image/jpeg 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/bluegradient.jpg.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/header.css.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

ddfee13a69baaa0e25acaf3f08bdae7509cb4a2b096070ed950eb89c430f8673

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 841
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK mainpage.jpg.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 228 KB
229 KB 230ms
165ms Image
image/jpeg 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/mainpage.jpg.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/login.css.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

b13cd5c173efcee09f78bae318a300b2148b9ec0073b63420878aa5a681186d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK Login_Box_BG.png.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 1 KB
2 KB 251ms
163ms Image
image/png 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/Login_Box_BG.png.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/login.css.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

5e520eef30fc1b5ef310580f204b27c8e80718339f6407000eeb62a4738c57c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:43 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 1400
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK login_btn_normal.gif.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 178 B
1 KB 173ms
172ms Image
image/gif 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/login_btn_normal.gif.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/login.css.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

5b250db4a19d3d7b7bbd9db62172062fec7d0eb0f0670f8cbc2151277139aa12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:44 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 178
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK arrow1.gif.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 74 B
999 B 167ms
167ms Image
image/gif 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/arrow1.gif.jsf

Requested by

Host: www.cobrosonline.citibank.com
URL: https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/css/login.css.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

4d2d7742bee5c4cc7e284285be1c0aa748418cf45045f2be2479cbf73cd7c6f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:44 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 74
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:43 GMT

GET
H/1.1 200
OK favicon.ico.jsf
www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/ 1 KB
2 KB 264ms
248ms Other
image/x-icon 104.96.155.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cobrosonline.citibank.com/PPCD/javax.faces.resource/img/favicon.ico.jsf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.155.218 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-155-218.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0

Resource Hash

c52e48eb0d54c04a0c3d7b374d2753b1f65b18337ec4f081912a261b0b4e5b0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.cobrosonline.citibank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload, max-age=86400; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
Date: Mon, 06 May 2024 08:07:44 GMT
X-Powered-By: Servlet/3.0
Connection: keep-alive
Content-Length: 1150
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 16 Apr 2024 12:31:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon
Access-Control-Allow-Origin: https://www.cobrosonline.citibank.com
Content-Language: en-US
Access-Control-Allow-Credentials: false
Permissions-Policy: geolocation=(self); accelerometer=()
Expires: Mon, 13 May 2024 08:07:44 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cobrosonline.citibank.com/PPCD	1969-12-31 23:59:59	Name: oam.Flash.RENDERMAP.TOKEN Value: zsvyz4uur
www.cobrosonline.citibank.com/	1969-12-31 23:59:59	Name: CITI_SITE Value: GTDC
www.cobrosonline.citibank.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000oNXsQq-HH6LNRnE5OJaAVb9:C4CF14ACE459D7B50000043400000015A9AF721C
.cobrosonline.citibank.com/	1970-01-20 20:23:10	Name: ak_bmsc Value: 1925DD6B4D249C3628D5BC207616611F~000000000000000000000000000000~YAAQCk4SArOQRDOPAQAAQLnxTBcM0VeBBjo5WydU5FwLlF6ZQIYuaUHNobcHKT1DK5ux0JFI4QI9j4b/OjEeyLFzOy+DV+6QcofWk1AGKd6nxD2p551/x6FE9l3xBwcDqaCdlNS90GinsJSI2I6KGu2Q8sCGZQTjYAANz7PfsL9O/ZhvYDTiWAW4xsY617bGNXso0mR3PPxWahiPhMkSp791rwcG3ZqR3KfSKT+SXDX+T/hQptLg1QN/YC/nBmNbpzMgUb5CdJbtxiSWJHL7YFmuMAssePtebA6ASEV3tTIJn9nujCS9DlFKBZ+lOjSAF4HC+iP0H2bymdJxqRZ1U+XPdBXUTG8wcUZEhKFMyhHcXyiD3SHtsWLfvyWkxEETDFyVSxOnhuq4pfJS+bjH8g==
.citibank.com/	1970-01-20 20:23:17	Name: bm_sz Value: AE1C0ADF8EAECA479207EDBD6262F578~YAAQCk4SArSQRDOPAQAAQLnxTBf9nFH6yPYbVDTs3F7L3Y+ggOFTgbi1zHLwCNxaaYHLxKtyTX9hey/sbEWKpzyLG9f6Zncud6GiUnXiYPOfSxOpTGORZcMQcVRaEbgIBBArIXDomxB7Ceimu5xH/jMf+F66sASxOxlQOEX7MWzs/rebdAm1GcANgReMfhW8nD/5aFTQF0CMuEYvYmF/82cIPn2/1x5vQoIPGXqfmNbUjGZC8rllnq0GcpiAZKWO6uHzf2nk39moD7s3jDuWTOMvVKfcvBOWf8lcw0AFTwwRMwJQ0+0zHa0qES6vFue+IMNcPlVUKUgRDEqED1Pbmmj8ibfkCgU3+3PmNcJe/AAFbQfhBQ51ofzyde2c3ZAEjDu51AQ=~3420724~3553349
.citibank.com/	1970-01-21 05:08:38	Name: _abck Value: 6230C00288EDDE3E75BD54D387730D6F~0~YAAQCk4SAu6QRDOPAQAA0MTxTAtaH+z6tKeH72vEL8W5su4aKDMGcjuQmERc+26XU47pWoZ0bngNFxgX9Ki4iPaBdcC1vOe7/FJZFJAYKPT5LXnAZ+QFS0o8XO2yTA0XOUDKM6fGsrjmHaG+ClNzrJSiDlh3mMQlTZ3gKMBN/Tke+YFP2vT7UPnIEvvjVwQyUi04RHVDLAsRQM+ywW4CEhHn4y6QWXu259rgRx+ipaBq6yu/Vg+P8mKapNfB6pvC0wi3dpzO2+8Ncw65S77dN7j5+vozyGOqkppt9CdmNOozPQdidz3Iuv5mlJz5RnvK/9Hao3uhF6vaJ1I+JJwHkHHzMPED5uJJe4HrNsj1Pxd9sQQaPlZDrjnN6o8CtnhZtYmedXjWntVaHEX9czwXzL6uDQZt9poipXo=~-1~-1~-1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
recommendation	warning	URL: https://www.cobrosonline.citibank.com/PPCD/index.html Message: [DOM] Found 2 elements with non-unique id #javax.faces.ViewState: (More info: https://goo.gl/9p2vKq) %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; font-src ;img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.cobrosonline.citibank.com
104.96.155.218
22dc92bb40731efc926a65488d76d7286100d6417af9453f2161d90be0065db2
324d9f7b51e9071a4a05d908af7e44117956de8313d7703a57324d87378daadc
34e671e642224084c8dccc70ce1bca568d0c54b012e2c29f20437262cbd39eb4
3bc6502a1cb11feab43da0f3f27ed769b52f6e45c8585df652c2a58d5d8b9190
3f74a07b889b162944d9612b74414a93c74e878dc8179f70a92af0bb5287cf05
40509d57086c720aa07557e34ae53097bd9cdd44a362da9d523ff00893d49537
434ff0dd1eac1acf7aa683e97a8da20304a963ca14978005b8221ab07248c6d5
4d2d7742bee5c4cc7e284285be1c0aa748418cf45045f2be2479cbf73cd7c6f1
538fca3b551cce7af15e486a0ef584bc87599b66ef44cdafc05b0bebd8a8b882
5b250db4a19d3d7b7bbd9db62172062fec7d0eb0f0670f8cbc2151277139aa12
5e520eef30fc1b5ef310580f204b27c8e80718339f6407000eeb62a4738c57c9
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ff26a70592494e9104e5991c557b8426ec46c3f170d6d3e89cb3ca665526421
704da28279e44cd34f994bc989977eee8b4d98da3069a909e50752d542977adb
73f2b16838b632a3af00938f1d79b15f50aafaf1ab0d8541049bba5429f25c0e
8e1e014f1aeab3be56d884ac94ebf4693ac20912678535aab7c019c8e2ee5283
99d02c2df8caf8fa07a68d82e7a63a112635c73f03367665786b056c972e1334
a0fd307c0dcae52eddcc6d7e09dda2dc7d2a2dbb2d7dd5384690a58a6682599d
a7045bb05de3074f2e371e58bb1118aa98cbd025f25978bbc35b6c5eb904d2f9
b13cd5c173efcee09f78bae318a300b2148b9ec0073b63420878aa5a681186d0
b2a6d68a3b69ed1c95f01cc598ea770784da4132f8aeb93416790a2c4c092969
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c52e48eb0d54c04a0c3d7b374d2753b1f65b18337ec4f081912a261b0b4e5b0d
d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b
dd94aa9fafad4addd6cefb49809b9752132d5e9fe2afa116805440c733ebc22f
ddfee13a69baaa0e25acaf3f08bdae7509cb4a2b096070ed950eb89c430f8673
e3af72881900ccba23902ea1da89fd36dbba2f5a84caf9c470a9770a80c90ee4
e931803209174b58845529a44f993ce11005c37932061938fc403b0124446d75
ecbfb71fde6cd71cd44bc1383e8c9dff1c4d3a1a0581a7ed9eaebfdadba5367a

www.cobrosonline.citibank.com Open in urlscan Pro 104.96.155.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

653 kBTransfer

1895 kBSize

6 Cookies

2 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cobrosonline.citibank.com Open in urlscan Pro
104.96.155.218 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

653 kB
Transfer

1895 kB
Size

6
Cookies

32 HTTP transactions
-1 data transactions