citibanksgdvpadmin.investcloud.com Open in urlscan Pro
2606:4700::6811:b76b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://citibanksgdvpadmin.investcloud.com/
Effective URL:
https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
Submission: On September 23 via automatic, source certstream-suspicious (September 23rd 2023, 5:17:31 pm UTC) — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 33 HTTP transactions. The main IP is 2606:4700::6811:b76b, located in United States and belongs to CLOUDFLARENET, US. The main domain is citibanksgdvpadmin.investcloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 23rd 2023. Valid for: a year.

This is the only time citibanksgdvpadmin.investcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	2606:4700::68... 2606:4700::6811:b76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
33	4

27 2606:4700::6811:b76b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

citibanksgdvpadmin.investcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	investcloud.com 2 redirects citibanksgdvpadmin.investcloud.com	2 MB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	7 KB
0	gstatic.com Failed fonts.gstatic.com Failed
0	citigroup.net Failed secureaccessweb.nam.citigroup.net Failed
33	4

	Domain	Requested by
27	citibanksgdvpadmin.investcloud.com	2 redirects citibanksgdvpadmin.investcloud.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	citibanksgdvpadmin.investcloud.com
0	fonts.gstatic.com Failed	fonts.googleapis.com
0	secureaccessweb.nam.citigroup.net Failed	citibanksgdvpadmin.investcloud.com
33	5

This site contains no links.

Subject Issuer	Validity	Valid
citibanksgdvpadmin.investcloud.com Cloudflare Inc ECC CA-3	`2023-09-23` - `2024-09-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 1 frames:

Frame: https://secureaccessweb.nam.citigroup.net/siteminderagent/forms/logout.html
Frame ID: EEE9109F68F5BE86D32AFCE061FD378F
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://citibanksgdvpadmin.investcloud.com/ HTTP 302
https://citibanksgdvpadmin.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

33
Requests

82 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1964 kB
Transfer

8219 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://citibanksgdvpadmin.investcloud.com/ HTTP 302
https://citibanksgdvpadmin.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request CitiAdminLogin_WF_App.aspx Show response
citibanksgdvpadmin.investcloud.com/Membership/Apps/
Redirect Chain

https://citibanksgdvpadmin.investcloud.com/
https://citibanksgdvpadmin.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f
https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

8 KB
3 KB

320ms
318ms

Document
text/html

2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1028a5d027018b20acdf1e65f6e1a3b8059c9df910d74e21d8b342812690c67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 80b470dd3d739066-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Sat, 23 Sep 2023 17:17:23 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 80b470dbdc819066-FRA
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Sat, 23 Sep 2023 17:17:23 GMT
location: /Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

GET
H2 200 HomePage_CitiAdminLogin.WF.App_IX777D35F547A3317F8964B3CE50A2E94C.css
citibanksgdvpadmin.investcloud.com/styles/4803263D7C0C7EC23680D17653487E7F/ 1 MB
154 KB 1181ms
1179ms Stylesheet
text/css 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/styles/4803263D7C0C7EC23680D17653487E7F/HomePage_CitiAdminLogin.WF.App_IX777D35F547A3317F8964B3CE50A2E94C.css

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

020125e62d2535d557f80d6ae79a114681e6719dee56ddd334154215111bb68f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:24 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sun, 19 Mar 2023 23:32:40 GMT
server: cloudflare
etag: W/"d22e218bb5ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=15552000
cf-ray: 80b470df3f1a9066-FRA
expires: Thu, 21 Mar 2024 17:17:24 GMT

GET
H2 200 V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/ 276 KB
97 KB 1194ms
1193ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:24 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sun, 19 Mar 2023 23:32:36 GMT
server: cloudflare
etag: W/"24704616bb5ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 80b470df4f1c9066-FRA
expires: Thu, 21 Mar 2024 17:17:24 GMT

GET
H2 200 V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/ 3 MB
920 KB 1207ms
1205ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:24 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sun, 19 Mar 2023 23:32:36 GMT
server: cloudflare
etag: W/"a2968b16bb5ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 80b470df4f1d9066-FRA
expires: Thu, 21 Mar 2024 17:17:24 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/ 2 MB
425 KB 2197ms
2195ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/HomePage_CitiAdminLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:25 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sun, 19 Mar 2023 23:32:37 GMT
server: cloudflare
etag: W/"e8401817bb5ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 80b470df4f1f9066-FRA
expires: Thu, 21 Mar 2024 17:17:25 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_iXing_IXD818F286FC6D494A927E22FD55F50CEE.js Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/ 2 MB
337 KB 1383ms
1381ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/HomePage_CitiAdminLogin_WF_App_iXing_IXD818F286FC6D494A927E22FD55F50CEE.js

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9e7ffdfae76dcafb0be8523eaeeaaf9af37b2f0f024a1002d72c3322d490f6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:25 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sun, 19 Mar 2023 23:32:39 GMT
server: cloudflare
etag: W/"adf55218bb5ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 80b470df4f229066-FRA
expires: Thu, 21 Mar 2024 17:17:24 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_Generated_IX26792CF152A8532144184499E98D5749.js Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/ 12 KB
3 KB 244ms
244ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/HomePage_CitiAdminLogin_WF_App_Generated_IX26792CF152A8532144184499E98D5749.js

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b84ae1114d920820c657fc64d709454b01715dbb594293abdb9cf3a1967d0d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:25 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sun, 19 Mar 2023 23:32:39 GMT
server: cloudflare
etag: W/"1926f18bb5ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 80b470e9df669066-FRA
expires: Thu, 21 Mar 2024 17:17:25 GMT

GET
H2 200 CitiAdminLogin_WF_App-ApplicationMapper_IXC5AA563EED9DC5FC04AE9317AEF850DC.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 3 KB
658 B 694ms
684ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-ApplicationMapper_IXC5AA563EED9DC5FC04AE9317AEF850DC.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393a948ee177ef5e630447bdb642613e638123bf258b5c6353e9a9e9fe916682

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"2b85815bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470eefb9a9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-CommandListService_IX8E763BEBFAD91FCE8C16531ECFC90897.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 1009 B
572 B 206ms
196ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-CommandListService_IX8E763BEBFAD91FCE8C16531ECFC90897.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29fa5e13c28d17141ab044ed8774fb5df126bab9d8158eef450ea00d07bb54a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"398f6115bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0b9d9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-LocaleFieldFormats_IX711C617C5D04E84646EF6DE04C072E35.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 60 KB
3 KB 746ms
735ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-LocaleFieldFormats_IX711C617C5D04E84646EF6DE04C072E35.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79008e8eb48bd79578e49e6305a5f2e9af170cfdff67b1fd2b4135b3ec3a896

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:35 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"c4548515bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0b9e9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 116 B
173 B 708ms
698ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"32566615bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0b9f9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-WorkFlowApplicationTree_IX201016D156126F886E9D375D4DBA9407.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 269 B
192 B 669ms
659ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-WorkFlowApplicationTree_IX201016D156126F886E9D375D4DBA9407.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971a06447a65f9ccea74dcb058c865b18a0418931eed1b3699f83071bf59cb0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"8c304015bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0ba29066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-WorkFlow_IX24F608EF4B7F4B0293858C8F909222A3.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 1 KB
527 B 689ms
679ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-WorkFlow_IX24F608EF4B7F4B0293858C8F909222A3.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59390fbe7ade8ab9e1ae43cec3670e13b9be3b85894aa5fedf263f0cc985ab4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:35 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"3ca09315bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0ba69066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD_IXFB48401C46BA9C4DA64D7D9BEA83544C.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 3 KB
1 KB 703ms
694ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD_IXFB48401C46BA9C4DA64D7D9BEA83544C.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b8aabb1291ae66b3d98dedf5b7834eb9eea4766ab5a56e430bbedda9c6009c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sat, 23 Sep 2023 17:17:23 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"de8646d141eed91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0ba89066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-ApplicationMapper_IX00BC54E946ED3A1AAEA0D20527F6B37D.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 3 KB
699 B 721ms
711ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-ApplicationMapper_IX00BC54E946ED3A1AAEA0D20527F6B37D.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571ae25fbe855bb5633701c237368ed29ad88c1f8b6a032390b2879152bb88db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"2b85815bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0baa9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-ApplicationMapper_IXC6E1CF84FD28B1BE38ACFCF8C8B6D791.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 8 KB
2 KB 710ms
701ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-ApplicationMapper_IXC6E1CF84FD28B1BE38ACFCF8C8B6D791.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62225ca7cda1212f981952069055c269a168b1adcb1c915bea1a9423c2d45e23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Mar 2023 09:27:09 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"711a584fd75bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0bab9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-CommandListService_IX6DA3110EA0347F14078E7DBDB16C09E1.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 93 B
178 B 689ms
680ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-CommandListService_IX6DA3110EA0347F14078E7DBDB16C09E1.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31483ab01852b928c64ba6d5c271e20159886f1f67a36d74e367c204dc633e0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Mar 2023 09:27:10 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"edb0f04fd75bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef0bac9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 116 B
173 B 708ms
700ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Mar 2023 09:27:10 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"9875f54fd75bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef1bb69066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-WorkFlowApplicationTree_IX3AB8E9A2BB262E6202FADD8045214353.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 274 B
218 B 717ms
709ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-WorkFlowApplicationTree_IX3AB8E9A2BB262E6202FADD8045214353.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefd115e58f8910fd71b8cf599760f23a5d6fc85c807614f475f46119366ebd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Mar 2023 09:27:08 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"75a344fd75bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef1bb89066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-WorkFlowApplicationTree_IX9ACF8A467E76817F6078E92BED62DE5F.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 272 B
200 B 729ms
721ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-WorkFlowApplicationTree_IX9ACF8A467E76817F6078E92BED62DE5F.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6553f386755643d74580f0fdd8ece0892a8c8db3c19e8061423ea32949dba3da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"83554715bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef1bb99066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-WorkFlow_IX376D32AD9481CA2811FA04521BF41B54.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 1 KB
493 B 739ms
731ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-WorkFlow_IX376D32AD9481CA2811FA04521BF41B54.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860763e84c5642fc90f393488bd7ff944758f0162b915254d4b3b69a49f6684e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Mar 2023 09:27:12 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"98666951d75bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef1bba9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-WorkFlow_IXEC40074822FB96A2882493E570D21BCF.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 1 KB
631 B 705ms
697ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-WorkFlow_IXEC40074822FB96A2882493E570D21BCF.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deceb806bb8080857c4e05f5813e8abcaf0098a4e92a580adbc244765adbf39b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:35 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"eadd8e15bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef1bbc9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminPROD-638148943543865282-locale-en-US.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 8 KB
3 KB 735ms
729ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiSGAdminPROD-638148943543865282-locale-en-US.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63456e99c610d60e58ffef322ea694af1a4b36ef841bdb2adb0a7032ed8098

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:35 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"9908015bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef1bbf9066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-638148943543865282-locale-en-US.json Show response
citibanksgdvpadmin.investcloud.com/scripts/jig/ 9 KB
3 KB 732ms
726ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-638148943543865282-locale-en-US.json

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f19b820f6a2fe9522dcefa908c166d3bea90d4462a722ce68aa0612749e786e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
X-XSRF-TOKEN: 8916EF676FB859E0E375B4303AF21166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 17:17:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Mar 2023 23:32:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"b9c87b15bb5ad91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 80b470ef1bc09066-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

POST
H2 401 ecd.ashx Show response
citibanksgdvpadmin.investcloud.com/iXingPages/ 84 B
196 B 1346ms
1337ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadmin.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/scripts/jig/4803263D7C0C7EC23680D17653487E7F/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69e24abe68558d9b85ad26168a5dc962cc8f3517b5c0efdab15cfcc4083a0b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

IC-Culture: en-US
X-XSRF-TOKEN: 8916EF676FB859E0E375B4303AF21166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 23 Sep 2023 17:17:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 80b470ef1bc89066-FRA
content-length: 84
x-ua-compatible: IE=Edge

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 17:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 17:17:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 569 B
775 B 132ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadmin.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 17:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Sep 2023 17:17:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Sep 2023 17:17:27 GMT

POST Ecd.ashx
citibanksgdvpadmin.investcloud.com/iXingPages/ 0
0

GET ilg.ashx
citibanksgdvpadmin.investcloud.com/Membership/ExtPages/ 0
0

GET citi_logo.png
citibanksgdvpadmin.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 0
0

GET logout.html
secureaccessweb.nam.citigroup.net/siteminderagent/forms/ 0
0

GET SignOut.aspx
citibanksgdvpadmin.investcloud.com/Membership/ExtPages/ 0
0

GET flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/iXingPages/Ecd.ashx?IX_EXTAUTH=Y

Domain: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/ExtPages/ilg.ashx?IX_MN=Y

Domain: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/citi_logo.png

Domain: secureaccessweb.nam.citigroup.net
URL: https://secureaccessweb.nam.citigroup.net/siteminderagent/forms/logout.html

Domain: citibanksgdvpadmin.investcloud.com
URL: https://citibanksgdvpadmin.investcloud.com/Membership/ExtPages/SignOut.aspx?_=1695489445407

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citibanksgdvpadmin.investcloud.com/	1969-12-31 23:59:59	Name: ssc Value: caefb4664563d7a47d0f4e4fc2e26bdb
citibanksgdvpadmin.investcloud.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zskd3dchl4ynapeseacbcfq1
citibanksgdvpadmin.investcloud.com/	1969-12-31 23:59:59	Name: IXCulture Value: en-US
citibanksgdvpadmin.investcloud.com/	1969-12-31 23:59:59	Name: IXSBaseUtcOffset Value: 0
citibanksgdvpadmin.investcloud.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 8916EF676FB859E0E375B4303AF21166
citibanksgdvpadmin.investcloud.com/	1969-12-31 23:59:59	Name: IXTMO Value: 3600000
citibanksgdvpadmin.investcloud.com/	1970-01-20 15:01:09	Name: IXTimezone Value: Europe/Berlin
citibanksgdvpadmin.investcloud.com/	1969-12-31 23:59:59	Name: IXLastActivityTime Value: Sat Sep 23 2023 19:17:26 GMT+0200 (Central European Summer Time)

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://citibanksgdvpadmin.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citibanksgdvpadmin.investcloud.com
fonts.googleapis.com
fonts.gstatic.com
secureaccessweb.nam.citigroup.net
citibanksgdvpadmin.investcloud.com
fonts.gstatic.com
secureaccessweb.nam.citigroup.net
2606:4700::6811:b76b
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
020125e62d2535d557f80d6ae79a114681e6719dee56ddd334154215111bb68f
1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158
20b8aabb1291ae66b3d98dedf5b7834eb9eea4766ab5a56e430bbedda9c6009c
22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c
29fa5e13c28d17141ab044ed8774fb5df126bab9d8158eef450ea00d07bb54a0
31483ab01852b928c64ba6d5c271e20159886f1f67a36d74e367c204dc633e0d
393a948ee177ef5e630447bdb642613e638123bf258b5c6353e9a9e9fe916682
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
571ae25fbe855bb5633701c237368ed29ad88c1f8b6a032390b2879152bb88db
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59390fbe7ade8ab9e1ae43cec3670e13b9be3b85894aa5fedf263f0cc985ab4b
5a63456e99c610d60e58ffef322ea694af1a4b36ef841bdb2adb0a7032ed8098
62225ca7cda1212f981952069055c269a168b1adcb1c915bea1a9423c2d45e23
6553f386755643d74580f0fdd8ece0892a8c8db3c19e8061423ea32949dba3da
69e24abe68558d9b85ad26168a5dc962cc8f3517b5c0efdab15cfcc4083a0b31
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
860763e84c5642fc90f393488bd7ff944758f0162b915254d4b3b69a49f6684e
971a06447a65f9ccea74dcb058c865b18a0418931eed1b3699f83071bf59cb0c
9b84ae1114d920820c657fc64d709454b01715dbb594293abdb9cf3a1967d0d9
d79008e8eb48bd79578e49e6305a5f2e9af170cfdff67b1fd2b4135b3ec3a896
deceb806bb8080857c4e05f5813e8abcaf0098a4e92a580adbc244765adbf39b
df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74
eefd115e58f8910fd71b8cf599760f23a5d6fc85c807614f475f46119366ebd3
f1028a5d027018b20acdf1e65f6e1a3b8059c9df910d74e21d8b342812690c67
f19b820f6a2fe9522dcefa908c166d3bea90d4462a722ce68aa0612749e786e7
f9e7ffdfae76dcafb0be8523eaeeaaf9af37b2f0f024a1002d72c3322d490f6e

citibanksgdvpadmin.investcloud.com Open in urlscan Pro 2606:4700::6811:b76b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

82 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

1964 kBTransfer

8219 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

citibanksgdvpadmin.investcloud.com Open in urlscan Pro
2606:4700::6811:b76b Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

82 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1964 kB
Transfer

8219 kB
Size

8
Cookies

33 HTTP transactions
0 data transactions