setupprofilelogin.sytes.net Open in urlscan Pro
44.193.223.108 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://setupprofilelogin.sytes.net/
Submission: On August 27 via automatic, source certstream-suspicious (August 27th 2022, 10:34:38 am UTC) — Scanned from DE

Summary HTTP 53 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 53 HTTP transactions. The main IP is 44.193.223.108, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is setupprofilelogin.sytes.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 27th 2022. Valid for: 3 months.

This is the only time setupprofilelogin.sytes.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
26	44.193.223.108 44.193.223.108	14618 (AMAZON-AES) (AMAZON-AES)
26	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
53	3

26 44.193.223.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-223-108.compute-1.amazonaws.com

setupprofilelogin.sytes.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	citi.com online.citi.com — Cisco Umbrella Rank: 19711 paper.citi.com Failed	338 KB
26	sytes.net setupprofilelogin.sytes.net	230 KB
53	2

	Domain	Requested by
26	online.citi.com	setupprofilelogin.sytes.net online.citi.com
26	setupprofilelogin.sytes.net	setupprofilelogin.sytes.net
0	paper.citi.com Failed	setupprofilelogin.sytes.net
53	3

This site contains links to these domains. Also see Links.

Domain
www.citi.com
www.facebook.com
www.twitter.com
www.youtube.com
www.citigroup.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
setupprofilelogin.sytes.net cPanel, Inc. Certification Authority	`2022-08-27` - `2022-11-25`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2022-05-03` - `2023-05-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://setupprofilelogin.sytes.net/
Frame ID: B0AE3463954A3B16BF9C869D1239DA08
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On - Citibank

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

98 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

567 kB
Transfer

1680 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citi.com/credit-cards/citi.action
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citi
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/citi
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi&rreg; Private Pass®

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
setupprofilelogin.sytes.net/ 229 KB
230 KB 349ms
126ms Document
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ff9055592f7c4a2646cab47a75489572b95aba8cd972d98d7d84c32a056fa08e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 27 Aug 2022 10:34:30 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found amw.js
setupprofilelogin.sytes.net/JFP/amw/ 0
0 139ms
105ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JFP/amw/amw.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jquery-combined.min.js
setupprofilelogin.sytes.net/CBOL/portal/layout/js/ 0
0 244ms
105ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/CBOL/portal/layout/js/jquery-combined.min.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfp.branding.js
setupprofilelogin.sytes.net/JFP/js/widgets/ 0
0 319ms
107ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JFP/js/widgets/jfp.branding.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found cssPref.js
setupprofilelogin.sytes.net/JPS/portal/js/ 0
0 319ms
106ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JPS/portal/js/cssPref.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfp.widgets.js
setupprofilelogin.sytes.net/JFP/js/widgets/ 0
0 324ms
108ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JFP/js/widgets/jfp.widgets.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found SitecatCampaigns.js
setupprofilelogin.sytes.net/JPS/portal/js/ 0
0 324ms
107ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JPS/portal/js/SitecatCampaigns.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citi_Common.js
setupprofilelogin.sytes.net/GFC/common/js/ 0
0 324ms
107ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/GFC/common/js/citi_Common.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found JFPNav.js
setupprofilelogin.sytes.net/JPS/portal/js/ 0
0 349ms
105ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JPS/portal/js/JFPNav.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jquery.autocomplete.js
setupprofilelogin.sytes.net/JFP/js/jquery/plugins/ 0
0 112ms
109ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JFP/js/jquery/plugins/jquery.autocomplete.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found verisign.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 426ms
107ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/verisign.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 JPPTemp.css
online.citi.com/JFP/css/common/ 245 KB
35 KB 871ms
610ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/css/common/JPPTemp.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:31 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:31 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 35061
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 US-Regional.css
online.citi.com/JRS/css/ 59 KB
13 KB 341ms
80ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/US-Regional.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

8e40771ee97376e22303dd8f2c39ec717e7a9b71eb17e3656d76e035684747cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Sun, 18 Apr 2021 07:56:13 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:30 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:30 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 12517
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 branding_main_citi.css
online.citi.com/GFC/branding/css/ 38 KB
7 KB 1301ms
1041ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main_citi.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

00d7dddfbf9c6fe15484cff537ab312435bd120708acaff1ccca7fd158b2ac69

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Mon, 04 May 2020 06:59:11 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:31 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:31 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 6667
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cbol-topNav.css
online.citi.com/CBOL/IAServicing/css/ 35 KB
6 KB 460ms
199ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/IAServicing/css/cbol-topNav.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f8efbf80754a3c0422c619fec4b5706a303da895c139361eaf6133286f4ef440

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Mon, 11 May 2020 19:00:46 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:31 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:31 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 5366
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found mbox.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 426ms
107ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/mbox.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 Citi-Enterprise-White.png
online.citi.com/GFC/branding/img/ 1 KB
1 KB 75ms
72ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/Citi-Enterprise-White.png

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Wed, 14 Jun 2017 18:29:05 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 1040
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cbol-smartSearch.css
online.citi.com/NCCS/smartSearch/css/ 8 KB
1 KB 39ms
39ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/NCCS/smartSearch/css/cbol-smartSearch.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:10:30 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:31 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:31 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 899
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 search-white.png
online.citi.com/GFC/branding/img/ 429 B
920 B 701ms
698ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/search-white.png

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Wed, 14 Jun 2017 18:29:07 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 429
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 BrowserUpgrade.css
online.citi.com/JPS/portal/css/ 2 KB
1 KB 541ms
540ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/css/BrowserUpgrade.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:32 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:32 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 671
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found signon.js
setupprofilelogin.sytes.net/JSO/js/ 0
0 107ms
106ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JSO/js/signon.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfpm.autocomplete.off.js
setupprofilelogin.sytes.net/JFP/js/modules/ 0
0 106ms
106ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 signon_overlay.css
online.citi.com/JRS/css/common/ 3 KB
1 KB 547ms
543ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/common/signon_overlay.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

428bee7b9889e486f7a940078709a1283b91690d65af6afc1853a99649f588fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:32 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:32 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 874
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found new_signon.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 111ms
107ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bauble.js
setupprofilelogin.sytes.net/JRS/cm/js2/ 0
0 110ms
107ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/cm/js2/bauble.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bt_addelivery.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 112ms
108ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/bt_addelivery.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found adServe2.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 112ms
109ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/adServe2.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 so_lock.gif
online.citi.com/JRS/images/signon/ 197 B
687 B 627ms
624ms Image
image/gif 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/signon/so_lock.gif

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a564f37be2712b675335f2472c980e29bfbff448b5f925a92cd230d285aeb8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 197
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found fieldValidation.js
setupprofilelogin.sytes.net/JFP/js/jquery/plugins/ 0
0 112ms
112ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JFP/js/jquery/plugins/fieldValidation.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found SCFormElementReporting.js
setupprofilelogin.sytes.net/JSO/js/ 0
0 112ms
111ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JSO/js/SCFormElementReporting.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found signonUnamePwdMyCiti.js
setupprofilelogin.sytes.net/JSO/js/ 0
0 111ms
110ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JSO/js/signonUnamePwdMyCiti.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fp.js
setupprofilelogin.sytes.net/JSO/js/ 0
0 111ms
111ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JSO/js/fp.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 pixel.gif
online.citi.com/JRS/images/ 42 B
531 B 623ms
621ms Image
image/gif 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/pixel.gif

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 42
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 CBNA_441x222_contextual_generic.jpg
online.citi.com/JRS/images/ads/ 10 KB
11 KB 778ms
776ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/ads/CBNA_441x222_contextual_generic.jpg

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

eee52f6396c21a450545c7a3956596da8faba552a595616553baa67635a7f57a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 10514
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cobrowse_overlay.css
online.citi.com/GPS/portal/css/ 7 KB
2 KB 703ms
700ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GPS/portal/css/cobrowse_overlay.css

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Aug 2019 07:17:14 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:32 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:32 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 1597
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citi-logo-footer.png
online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/ 2 KB
2 KB 667ms
665ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/citi-logo-footer.png

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 1705
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 memberfdic.png
online.citi.com/GFC/branding/responsivebranding/img/ 2 KB
2 KB 676ms
674ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/memberfdic.png

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Wed, 14 Jun 2017 18:30:23 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 1784
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 EqualHousing.png
online.citi.com/JRS/images/ 416 B
906 B 670ms
668ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/EqualHousing.png

Requested by

Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:32 GMT
last-modified: Wed, 14 Jun 2017 18:38:37 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 416
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET style4.js
paper.citi.com/127893/ 0
0

GET
H2 200 topNavBase.css
online.citi.com/CBOL/IAServicing/css/ 745 KB
71 KB 60ms
59ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/IAServicing/css/topNavBase.css

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/IAServicing/css/cbol-topNav.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

19ff35516626fde80a6ff464d1dc038f5839f08e18f9e82f4613bc002f605a86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/CBOL/IAServicing/css/cbol-topNav.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 08 May 2018 04:46:52 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:31 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:31 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 72325
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 branding.css
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/ 24 KB
5 KB 80ms
80ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/IAServicing/css/cbol-topNav.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

08efa970cb660c1b05eb90856a8295dcf0d42cbdabcef61e2ebb936b28e82d36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/CBOL/IAServicing/css/cbol-topNav.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:31 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:31 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 4487
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 branding_main.css
online.citi.com/GFC/branding/css/ 115 KB
18 KB 44ms
44ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main.css

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/css/branding_main_citi.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

55c1a891895fc4a46dbc82176e0c0ff3407ef8f2cc9852f6a707ba3bac979004

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 14:30:25 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:31 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Sat, 27 Aug 2022 16:34:31 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 17450
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Interstate-Bold.woff
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/ 70 KB
71 KB 600ms
562ms Font
application/octet-stream 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/Interstate-Bold.woff

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css
Origin: https://setupprofilelogin.sytes.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:32 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: *
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 71859
content-type: text/plain
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Interstate-Light.woff
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/ 74 KB
74 KB 634ms
596ms Font
application/octet-stream 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/Interstate-Light.woff

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css
Origin: https://setupprofilelogin.sytes.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Sat, 27 Aug 2022 10:34:32 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: *
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 75483
content-type: text/plain
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found new_signon.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 108ms
108ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_signon.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 108ms
108ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found new_signon.js
setupprofilelogin.sytes.net/JRS/js/ 0
0 108ms
108ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found jfpm.autocomplete.off.js
setupprofilelogin.sytes.net/JFP/js/modules/ 0
0 108ms
108ms Script
text/html 44.193.223.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://setupprofilelogin.sytes.net/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: setupprofilelogin.sytes.net
URL: https://setupprofilelogin.sytes.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.193.223.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-223-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://setupprofilelogin.sytes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 10:34:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 bg-blue-chat-button.gif
online.citi.com/JRS/images/common/ 119 B
608 B 433ms
432ms Image
image/gif 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/common/bg-blue-chat-button.gif

Requested by

Host: online.citi.com
URL: https://online.citi.com/JRS/css/common/signon_overlay.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6091dc31b3c03e1a5b401ff2d35e21ae9f76a8630a85aaf4fe8d5cab1c5bb38a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/JRS/css/common/signon_overlay.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:33 GMT
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 119
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 sprite_social_icons.png
online.citi.com/GFC/branding/img/ 358 B
847 B 550ms
549ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/sprite_social_icons.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/css/branding_main_citi.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:33 GMT
last-modified: Wed, 14 Jun 2017 18:29:10 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 358
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 appStore_1px.png
online.citi.com/GFC/branding/responsivebranding/img/ 3 KB
4 KB 557ms
557ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/appStore_1px.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/css/branding_main_citi.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:33 GMT
last-modified: Thu, 27 Sep 2018 21:19:09 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 3513
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 googlePlay_1px.png
online.citi.com/GFC/branding/responsivebranding/img/ 4 KB
4 KB 589ms
589ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/googlePlay_1px.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/css/branding_main_citi.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:33 GMT
last-modified: Thu, 27 Sep 2018 21:21:52 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 3900
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 oo_icon_retina.gif
online.citi.com/GFC/branding/olab/images/ 2 KB
3 KB 585ms
585ms Image
image/gif 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/olab/images/oo_icon_retina.gif

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/css/branding_main_citi.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:34:33 GMT
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 2204
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paper.citi.com
URL: https://paper.citi.com/127893/style4.js?r=0.9795667798480188

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			setupprofilelogin.sytes.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: null

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://setupprofilelogin.sytes.net/JFP/amw/amw.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://paper.citi.com/127893/style4.js?r=0.9795667798480188 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://setupprofilelogin.sytes.net/CBOL/portal/layout/js/jquery-combined.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JFP/js/widgets/jfp.branding.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JPS/portal/js/cssPref.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JFP/js/widgets/jfp.widgets.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JPS/portal/js/SitecatCampaigns.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/GFC/common/js/citi_Common.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JPS/portal/js/JFPNav.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/verisign.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/mbox.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JSO/js/signon.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/cm/js2/bauble.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/bt_addelivery.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/adServe2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JFP/js/jquery/plugins/jquery.autocomplete.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JFP/js/modules/jfpm.autocomplete.off.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JSO/js/signonUnamePwdMyCiti.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JSO/js/fp.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JSO/js/SCFormElementReporting.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JFP/js/jquery/plugins/fieldValidation.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JRS/js/new_signon.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://setupprofilelogin.sytes.net/JFP/js/modules/jfpm.autocomplete.off.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://setupprofilelogin.sytes.net/(Line 72) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.citi.com
paper.citi.com
setupprofilelogin.sytes.net
paper.citi.com
104.111.238.178
44.193.223.108
00d7dddfbf9c6fe15484cff537ab312435bd120708acaff1ccca7fd158b2ac69
08efa970cb660c1b05eb90856a8295dcf0d42cbdabcef61e2ebb936b28e82d36
19ff35516626fde80a6ff464d1dc038f5839f08e18f9e82f4613bc002f605a86
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b
428bee7b9889e486f7a940078709a1283b91690d65af6afc1853a99649f588fb
522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b
55c1a891895fc4a46dbc82176e0c0ff3407ef8f2cc9852f6a707ba3bac979004
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
6091dc31b3c03e1a5b401ff2d35e21ae9f76a8630a85aaf4fe8d5cab1c5bb38a
6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484
705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
8e40771ee97376e22303dd8f2c39ec717e7a9b71eb17e3656d76e035684747cf
9a564f37be2712b675335f2472c980e29bfbff448b5f925a92cd230d285aeb8d
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e
c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1
e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
eee52f6396c21a450545c7a3956596da8faba552a595616553baa67635a7f57a
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2
f8efbf80754a3c0422c619fec4b5706a303da895c139361eaf6133286f4ef440
fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf
ff9055592f7c4a2646cab47a75489572b95aba8cd972d98d7d84c32a056fa08e

setupprofilelogin.sytes.net Open in urlscan Pro 44.193.223.108 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

567 kBTransfer

1680 kBSize

1 Cookies

11 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

setupprofilelogin.sytes.net Open in urlscan Pro
44.193.223.108 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

567 kB
Transfer

1680 kB
Size

1
Cookies

53 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!