citibanksgdvpadminsit.investcloud.com Open in urlscan Pro
2606:4700::6811:b86b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://citibanksgdvpadminsit.investcloud.com/
Effective URL:
https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
Submission: On February 14 via automatic, source certstream-suspicious (February 14th 2024, 2:01:44 am UTC) — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 30 HTTP transactions. The main IP is 2606:4700::6811:b86b, located in United States and belongs to CLOUDFLARENET, US. The main domain is citibanksgdvpadminsit.investcloud.com.
TLS certificate: Issued by E1 on February 14th 2024. Valid for: 3 months.

This is the only time citibanksgdvpadminsit.investcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 24	2606:4700::68... 2606:4700::6811:b86b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
30	5

24 2606:4700::6811:b86b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

citibanksgdvpadminsit.investcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	investcloud.com 2 redirects citibanksgdvpadminsit.investcloud.com	2 MB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 434 fonts.googleapis.com — Cisco Umbrella Rank: 48	7 KB
1	gstatic.com fonts.gstatic.com	126 KB
0	citigroup.net Failed secureaccessweb.sit.nam.citigroup.net Failed
30	4

	Domain	Requested by
24	citibanksgdvpadminsit.investcloud.com	2 redirects citibanksgdvpadminsit.investcloud.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	citibanksgdvpadminsit.investcloud.com
0	secureaccessweb.sit.nam.citigroup.net Failed	citibanksgdvpadminsit.investcloud.com
30	5

This site contains no links.

Subject Issuer	Validity	Valid
citibanksgdvpadminsit.investcloud.com E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 1 frames:

Frame: https://secureaccessweb.sit.nam.citigroup.net/siteminderagent/forms/logout.html
Frame ID: 97251360FEEE23A3AC244033AD76B928
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://citibanksgdvpadminsit.investcloud.com/ HTTP 302
https://citibanksgdvpadminsit.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

30
Requests

83 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2080 kB
Transfer

8229 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://citibanksgdvpadminsit.investcloud.com/ HTTP 302
https://citibanksgdvpadminsit.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request CitiAdminLogin_WF_App.aspx Show response
citibanksgdvpadminsit.investcloud.com/Membership/Apps/
Redirect Chain

https://citibanksgdvpadminsit.investcloud.com/
https://citibanksgdvpadminsit.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f
https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

7 KB
3 KB

291ms
290ms

Document
text/html

2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aeffc09b69769c80b9370cf41d2ca9affd66228e6e710221053f7570536edeb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8551b953cf921c32-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Wed, 14 Feb 2024 02:01:34 GMT
expires: -1
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8551b951ae641c32-FRA
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Wed, 14 Feb 2024 02:01:34 GMT
location: /Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge

GET
H2 200 HomePage_CitiAdminLogin.WF.App_IX233F9F03E5E8AC1033B6312CDA52A1FE.css
citibanksgdvpadminsit.investcloud.com/styles/8CE82FA4C4B291FFF94D86488508BDC3/ 1 MB
152 KB 1870ms
1869ms Stylesheet
text/css 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/styles/8CE82FA4C4B291FFF94D86488508BDC3/HomePage_CitiAdminLogin.WF.App_IX233F9F03E5E8AC1033B6312CDA52A1FE.css

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5e8553ab930daa8aeeddba22e0ab09e67ce0777de37a643f202f6a8391c83a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
pragma: public
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:51:06 GMT
server: cloudflare
etag: W/"506bbf25adbd71:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=15552000
cf-ray: 8551b955a8d31c32-FRA
expires: Mon, 12 Aug 2024 02:01:35 GMT

GET
H2 200 V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/ 276 KB
97 KB 1449ms
1448ms Script
application/javascript 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
pragma: public
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:59 GMT
server: cloudflare
etag: W/"2c6e1622adbd71:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 8551b955a8d41c32-FRA
expires: Mon, 12 Aug 2024 02:01:35 GMT

GET
H2 200 V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/ 3 MB
920 KB 1771ms
1770ms Script
application/javascript 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
pragma: public
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:51:00 GMT
server: cloudflare
etag: W/"247ca522adbd71:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 8551b955a8d51c32-FRA
expires: Mon, 12 Aug 2024 02:01:35 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/ 2 MB
425 KB 3608ms
3608ms Script
application/javascript 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/HomePage_CitiAdminLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:37 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
pragma: public
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:51:02 GMT
server: cloudflare
etag: W/"945d8a23adbd71:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 8551b955a8d61c32-FRA
expires: Mon, 12 Aug 2024 02:01:37 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_iXing_IX07AFD72F2A1E289E22FB19DD6256DC5C.js Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/ 1 MB
332 KB 1812ms
1811ms Script
application/javascript 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/HomePage_CitiAdminLogin_WF_App_iXing_IX07AFD72F2A1E289E22FB19DD6256DC5C.js

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4817a4109d5cc88f866b3e0e40b3e7d54e1bf1bb444e893e5cb962926a137b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
pragma: public
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:51:04 GMT
server: cloudflare
etag: W/"d61c325adbd71:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 8551b955a8d81c32-FRA
expires: Mon, 12 Aug 2024 02:01:35 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_Generated_IX26792CF152A8532144184499E98D5749.js Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/ 12 KB
3 KB 975ms
975ms Script
application/javascript 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/HomePage_CitiAdminLogin_WF_App_Generated_IX26792CF152A8532144184499E98D5749.js

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b84ae1114d920820c657fc64d709454b01715dbb594293abdb9cf3a1967d0d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:37 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
pragma: public
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:51:04 GMT
server: cloudflare
etag: W/"f2e81a25adbd71:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 8551b962ef921c32-FRA
expires: Mon, 12 Aug 2024 02:01:37 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 18:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 18:08:55 GMT

GET
H2 200 CitiAdminLogin_WF_App-ApplicationMapper_IXC5AA563EED9DC5FC04AE9317AEF850DC.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 3 KB
649 B 948ms
947ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-ApplicationMapper_IXC5AA563EED9DC5FC04AE9317AEF850DC.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393a948ee177ef5e630447bdb642613e638123bf258b5c6353e9a9e9fe916682

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"4d818320adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e291c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-CommandListService_IX8E763BEBFAD91FCE8C16531ECFC90897.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 1009 B
562 B 488ms
487ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-CommandListService_IX8E763BEBFAD91FCE8C16531ECFC90897.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29fa5e13c28d17141ab044ed8774fb5df126bab9d8158eef450ea00d07bb54a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:38 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"8f589b20adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e2a1c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-LocaleFieldFormats_IX23AD2825990F688E747A913D86ABAE97.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 53 KB
3 KB 972ms
970ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-LocaleFieldFormats_IX23AD2825990F688E747A913D86ABAE97.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150e609d90bdf8f22327c618b86d5381105eef8fdf23574be4be348508a35565

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"e2b7fa20adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e2b1c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 116 B
180 B 862ms
860ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"a89ac20adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e2d1c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-WorkFlowApplicationTree_IX201016D156126F886E9D375D4DBA9407.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 269 B
214 B 848ms
847ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-WorkFlowApplicationTree_IX201016D156126F886E9D375D4DBA9407.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971a06447a65f9ccea74dcb058c865b18a0418931eed1b3699f83071bf59cb0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:56 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"53f85a20adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e2e1c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-WorkFlow_IX24F608EF4B7F4B0293858C8F909222A3.json
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 1 KB
1 KB 1910ms
1908ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-WorkFlow_IX24F608EF4B7F4B0293858C8F909222A3.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kdfO.Iq6s6UeBhIrJHOa8I0D1_vI6ybNxLQ8V8G1V18-1707876100-1-AYg_R8IQ7mmIw3s6s56fR_bjAbcVfuzoLHeF8TdlJGqVpycnMo-0s8l0EXVhc8vnHVe2FxJxhHDlzmY2TNge_7zNWEoNXqDg-2Axre-WRFdqi7IQkfkMOh6KTGpXPErQpvGGH0Rd6Eh6mlqfr2URC-Bv3eH7tPI_WTPzuEs9VLilYLu91rrYgQPdKq3-aHzsSw; report-to cf-csp-endpoint
x-ua-compatible: IE=Edge
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:58 GMT
server: cloudflare
etag: W/"cd171c21adbd71:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=kdfO.Iq6s6UeBhIrJHOa8I0D1_vI6ybNxLQ8V8G1V18-1707876100-1-AYg_R8IQ7mmIw3s6s56fR_bjAbcVfuzoLHeF8TdlJGqVpycnMo-0s8l0EXVhc8vnHVe2FxJxhHDlzmY2TNge_7zNWEoNXqDg-2Axre-WRFdqi7IQkfkMOh6KTGpXPErQpvGGH0Rd6Eh6mlqfr2URC-Bv3eH7tPI_WTPzuEs9VLilYLu91rrYgQPdKq3-aHzsSw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json
cf-ray: 8551b96f7e2f1c32-FRA

GET
H2 200 CitiSGAdmin_IX97BC9DE23DBAE52C7B1796D9846A3124.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 3 KB
1 KB 866ms
865ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiSGAdmin_IX97BC9DE23DBAE52C7B1796D9846A3124.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5013160cc86a12223b9e360d39c0f02d8c470e9e5fc0eb98245cd1105496f37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 14 Feb 2024 02:01:36 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"3780c5bde95eda1:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e301c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdmin-ApplicationMapper_IX00BC54E946ED3A1AAEA0D20527F6B37D.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 3 KB
724 B 974ms
973ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiSGAdmin-ApplicationMapper_IX00BC54E946ED3A1AAEA0D20527F6B37D.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571ae25fbe855bb5633701c237368ed29ad88c1f8b6a032390b2879152bb88db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"93e38520adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e311c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdmin-CommandListService_IX6DA3110EA0347F14078E7DBDB16C09E1.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 93 B
137 B 828ms
827ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiSGAdmin-CommandListService_IX6DA3110EA0347F14078E7DBDB16C09E1.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31483ab01852b928c64ba6d5c271e20159886f1f67a36d74e367c204dc633e0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"8f589b20adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e321c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdmin-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 116 B
181 B 1722ms
1722ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiSGAdmin-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"a89ac20adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e331c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdmin-WorkFlowApplicationTree_IX9ACF8A467E76817F6078E92BED62DE5F.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 272 B
196 B 890ms
889ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiSGAdmin-WorkFlowApplicationTree_IX9ACF8A467E76817F6078E92BED62DE5F.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6553f386755643d74580f0fdd8ece0892a8c8db3c19e8061423ea32949dba3da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"e4826420adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e381c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdmin-WorkFlow_IXEC40074822FB96A2882493E570D21BCF.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 1 KB
510 B 821ms
820ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiSGAdmin-WorkFlow_IXEC40074822FB96A2882493E570D21BCF.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deceb806bb8080857c4e05f5813e8abcaf0098a4e92a580adbc244765adbf39b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"77f01421adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e391c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdmin-637726602565958194-locale-en-US.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 8 KB
3 KB 1345ms
1344ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiSGAdmin-637726602565958194-locale-en-US.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ca92780db1a103377b9f9469f9a0716736cc2c61672e7cf103d4baec8fb74d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"e42ef120adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e3a1c32-FRA
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-637726602565958194-locale-en-US.json Show response
citibanksgdvpadminsit.investcloud.com/scripts/jig/ 9 KB
3 KB 914ms
913ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-637726602565958194-locale-en-US.json

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f3299ad578cba9fb69ad8d5db20a2228af85de1bcf330e271ee62ecd80b7a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
X-XSRF-TOKEN: 0A2451B71EB5203259F90FC31697944E
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:01:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 16 Nov 2021 16:50:57 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"146ea20adbd71:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8551b96f7e3b1c32-FRA
x-ua-compatible: IE=Edge

POST
H2 401 ecd.ashx
citibanksgdvpadminsit.investcloud.com/iXingPages/ 84 B
173 B 1819ms
1818ms XHR
application/json 2606:4700::6811:b86b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminsit.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2

Requested by

Host: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/scripts/jig/8CE82FA4C4B291FFF94D86488508BDC3/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b86b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

IC-Culture: en-US
X-XSRF-TOKEN: 0A2451B71EB5203259F90FC31697944E
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 14 Feb 2024 02:01:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 8551b96f7e3d1c32-FRA
content-length: 84
x-ua-compatible: IE=Edge

GET
H2 200 css
fonts.googleapis.com/ 569 B
775 B 63ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 02:01:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 02:01:38 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v141/ 125 KB
126 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://citibanksgdvpadminsit.investcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:10:25 GMT
x-content-type-options: nosniff
age: 60673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:10:25 GMT

POST Ecd.ashx
citibanksgdvpadminsit.investcloud.com/iXingPages/ 0
0

GET ilg.ashx
citibanksgdvpadminsit.investcloud.com/Membership/ExtPages/ 0
0

GET citi_logo.png
citibanksgdvpadminsit.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 0
0

GET logout.html
secureaccessweb.sit.nam.citigroup.net/siteminderagent/forms/ 0
0

GET SignOut.aspx
citibanksgdvpadminsit.investcloud.com/Membership/ExtPages/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/iXingPages/Ecd.ashx?IX_EXTAUTH=Y

Domain: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/ExtPages/ilg.ashx?IX_MN=Y

Domain: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/citi_logo.png

Domain: secureaccessweb.sit.nam.citigroup.net
URL: https://secureaccessweb.sit.nam.citigroup.net/siteminderagent/forms/logout.html

Domain: citibanksgdvpadminsit.investcloud.com
URL: https://citibanksgdvpadminsit.investcloud.com/Membership/ExtPages/SignOut.aspx?_=1707876096456

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citibanksgdvpadminsit.investcloud.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bhrujhogc5sil4ttgezquxwo
citibanksgdvpadminsit.investcloud.com/	1969-12-31 23:59:59	Name: IXCulture Value: en-US
citibanksgdvpadminsit.investcloud.com/	1969-12-31 23:59:59	Name: IXSBaseUtcOffset Value: -300
citibanksgdvpadminsit.investcloud.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 0A2451B71EB5203259F90FC31697944E
citibanksgdvpadminsit.investcloud.com/	1969-12-31 23:59:59	Name: IXTMO Value: 3600000
citibanksgdvpadminsit.investcloud.com/	1970-01-20 18:27:32	Name: IXTimezone Value: Europe/Berlin
citibanksgdvpadminsit.investcloud.com/	1969-12-31 23:59:59	Name: IXLastActivityTime Value: Wed Feb 14 2024 03:01:38 GMT+0100 (Central European Standard Time)

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://citibanksgdvpadminsit.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citibanksgdvpadminsit.investcloud.com
fonts.googleapis.com
fonts.gstatic.com
secureaccessweb.sit.nam.citigroup.net
citibanksgdvpadminsit.investcloud.com
secureaccessweb.sit.nam.citigroup.net
2606:4700::6811:b86b
2a00:1450:4001:80f::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2003
08ca92780db1a103377b9f9469f9a0716736cc2c61672e7cf103d4baec8fb74d
150e609d90bdf8f22327c618b86d5381105eef8fdf23574be4be348508a35565
1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158
22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c
29fa5e13c28d17141ab044ed8774fb5df126bab9d8158eef450ea00d07bb54a0
31483ab01852b928c64ba6d5c271e20159886f1f67a36d74e367c204dc633e0d
393a948ee177ef5e630447bdb642613e638123bf258b5c6353e9a9e9fe916682
3aeffc09b69769c80b9370cf41d2ca9affd66228e6e710221053f7570536edeb
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
571ae25fbe855bb5633701c237368ed29ad88c1f8b6a032390b2879152bb88db
62f3299ad578cba9fb69ad8d5db20a2228af85de1bcf330e271ee62ecd80b7a9
6553f386755643d74580f0fdd8ece0892a8c8db3c19e8061423ea32949dba3da
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
971a06447a65f9ccea74dcb058c865b18a0418931eed1b3699f83071bf59cb0c
9b84ae1114d920820c657fc64d709454b01715dbb594293abdb9cf3a1967d0d9
a4817a4109d5cc88f866b3e0e40b3e7d54e1bf1bb444e893e5cb962926a137b1
b5013160cc86a12223b9e360d39c0f02d8c470e9e5fc0eb98245cd1105496f37
b5e8553ab930daa8aeeddba22e0ab09e67ce0777de37a643f202f6a8391c83a0
deceb806bb8080857c4e05f5813e8abcaf0098a4e92a580adbc244765adbf39b
df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74

citibanksgdvpadminsit.investcloud.com Open in urlscan Pro 2606:4700::6811:b86b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

83 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

2080 kBTransfer

8229 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

7 Cookies

1 Console Messages

Security Headers

Indicators

citibanksgdvpadminsit.investcloud.com Open in urlscan Pro
2606:4700::6811:b86b Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

83 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2080 kB
Transfer

8229 kB
Size

7
Cookies

30 HTTP transactions
0 data transactions