www.citi.com Open in urlscan Pro
95.101.160.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ft...
Effective URL:
https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Submission Tags: falconsandbox
Submission: On March 20 via api (March 20th 2024, 9:03:46 am UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 30 HTTP transactions. The main IP is 95.101.160.129, located in Seattle, United States and belongs to AKAMAI-AS, US. The main domain is www.citi.com. The Cisco Umbrella rank of the primary domain is 29463.
TLS certificate: Issued by DigiCert EV RSA CA G2 on November 7th 2023. Valid for: a year.

This is the only time www.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	173.213.4.17 173.213.4.17	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	63.148.46.76 63.148.46.76	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1 1	23.44.247.124 23.44.247.124	16625 (AKAMAI-AS) (AKAMAI-AS)
19	95.101.160.129 95.101.160.129	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:310... 2a02:26f0:3100::1735:2a82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
30	6

2 173.213.4.17 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)

fm.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.148.46.76 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com

sts.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.247.124 (Seattle, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-247-124.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 95.101.160.129 (Seattle, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-160-129.deploy.static.akamaitechnologies.com

www.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3100::1735:2a82 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p11.techlab-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	citi.com 1 redirects fm.info6.citi.com — Cisco Umbrella Rank: 338213 l.info6.citi.com — Cisco Umbrella Rank: 104818 online.citi.com — Cisco Umbrella Rank: 23657 www.citi.com — Cisco Umbrella Rank: 29463	866 KB
4	techlab-cdn.com p11.techlab-cdn.com — Cisco Umbrella Rank: 5067	59 KB
3	eccmp.com sts.eccmp.com — Cisco Umbrella Rank: 31946	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 716	83 KB
30	4

	Domain	Requested by
19	www.citi.com	fm.info6.citi.com www.citi.com
4	p11.techlab-cdn.com	www.citi.com
3	sts.eccmp.com	fm.info6.citi.com sts.eccmp.com
1	online.citi.com	1 redirects
1	l.info6.citi.com	fm.info6.citi.com
1	ajax.googleapis.com	fm.info6.citi.com
1	fm.info6.citi.com
30	7

This site contains no links.

Subject Issuer	Validity	Valid
info6.citi.com DigiCert EV RSA CA G2	`2023-11-29` - `2024-12-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-24` - `2024-06-09`	a year	crt.sh
www.citi.com DigiCert EV RSA CA G2	`2023-11-07` - `2024-12-05`	a year	crt.sh
p11.techlab-cdn.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Frame ID: BBDE91FEEED0A95E3E14267A0CD4C2B2
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%... Page URL
https://online.citi.com/US/JRS/infrastructure/target.do?next_page=jfp|jEDelivery_DocCenterLetters HTTP 301
https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1016 kB
Transfer

4919 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ftarget.do%3Fnext_page%3Djfp%7CjEDelivery_DocCenterLetters%26enid%3DAFA7DF3A4278A26460D50C0103D9BCA4CCDF&linkName=CN_ECOMM_CENTER_URL&transId=I2022100280008566 Page URL
https://online.citi.com/US/JRS/infrastructure/target.do?next_page=jfp|jEDelivery_DocCenterLetters HTTP 301
https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK url.aspx Show response
fm.info6.citi.com/ats/ 16 KB
5 KB 749ms
180ms Document
text/html 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ftarget.do%3Fnext_page%3Djfp%7CjEDelivery_DocCenterLetters%26enid%3DAFA7DF3A4278A26460D50C0103D9BCA4CCDF&linkName=CN_ECOMM_CENTER_URL&transId=I2022100280008566
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: 86b3480f7032d69d3002a071be3bd3febbed5a7b3f59be135292e5c70e475aac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4878
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Mar 2024 09:03:41 GMT
Expires: 0
Pragma: no-cache
SERVER
Vary: Accept-Encoding
X-Powered-By

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
83 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ftarget.do%3Fnext_page%3Djfp%7CjEDelivery_DocCenterLetters%26enid%3DAFA7DF3A4278A26460D50C0103D9BCA4CCDF&linkName=CN_ECOMM_CENTER_URL&transId=I2022100280008566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 22:17:19 GMT
x-content-type-options: nosniff
age: 38782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84320
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 22:17:19 GMT

GET
H/1.1 200
OK open.aspx
l.info6.citi.com/rts/ 43 B
432 B 799ms
107ms Image
image/gif 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.info6.citi.com/rts/open.aspx?tp=i-16Hv-9x-Eu-0-1c-U3-G-lAB0HAHFMa-26rbwB
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ftarget.do%3Fnext_page%3Djfp%7CjEDelivery_DocCenterLetters%26enid%3DAFA7DF3A4278A26460D50C0103D9BCA4CCDF&linkName=CN_ECOMM_CENTER_URL&transId=I2022100280008566
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2024 09:03:42 GMT
Server
X-Powered-By
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, max-age=0
Expires: 0

GET
H/1.1 200
OK conversen-SDK.js Show response
sts.eccmp.com/sts/scripts/ 15 KB
7 KB 481ms
109ms Script
application/javascript 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ftarget.do%3Fnext_page%3Djfp%7CjEDelivery_DocCenterLetters%26enid%3DAFA7DF3A4278A26460D50C0103D9BCA4CCDF&linkName=CN_ECOMM_CENTER_URL&transId=I2022100280008566
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 09:03:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2024 19:05:24 GMT
Server
Age: 5595
ETag: "032e9928b71da1:0"
X-Powered-By
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7009

GET
H/1.1 200
OK 617 Show response
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 35 B
426 B 409ms
104ms XHR
text/xml 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/617
Requested by: Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 09:03:41 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 35

GET
H/1.1 200
OK image.gif
sts.eccmp.com/wts/WebEvent/ 807 B
1 KB 117ms
117ms Image
image/gif 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sts.eccmp.com/wts/WebEvent/image.gif?isSplit=false&guid=d644819c-062d-efd3-ad54-7f60738a87ae&segmentNumber=1&pm[linkName]=CN_ECOMM_CENTER_URL&pm[transId]=I2022100280008566&rp[cr]=617&rp[wegc]=&rp[et]=100&rp[ap]=&rp[we]=8
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ftarget.do%3Fnext_page%3Djfp%7CjEDelivery_DocCenterLetters%26enid%3DAFA7DF3A4278A26460D50C0103D9BCA4CCDF&linkName=CN_ECOMM_CENTER_URL&transId=I2022100280008566
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm.info6.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 09:03:41 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: private
Content-Length: 807

GET
H/1.1

200
OK

Primary Request login Show response
www.citi.com/
Redirect Chain

https://online.citi.com/US/JRS/infrastructure/target.do?next_page=jfp|jEDelivery_DocCenterLetters
https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

211 KB
43 KB

739ms
205ms

Document
text/html

95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5ca352fa4464f68d236ae0a8b8946f3a5c1107112a14dd8eb96b2e6e4be6a0c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://fm.info6.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Max-Age: 2147483647
Cache-Control: no-cache, no-store
Connection: keep-alive Transfer-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Mar 2024 09:03:44 GMT
Dclocation: SW1DMS
ETag: W/"34abc-XbbJpRLIiNv3njSr9LSYvFWJ7dc"
Expires: Wed, 20 Mar 2024 09:03:44 GMT
Nonce: 9404417992939899
Pragma: no-cache
Referrer-Policy: no-referrer
Scope: VISITOR
Server: nginx
Sid: 370cd198-54d4-4053-8e77-10460788f752
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Uuid: fa6538d9-2fc8-42bb-ac05-496a3fe3da24
Vary: Accept-Encoding
X-Akamai-CITISITE: SWDC
X-Akamai-Transformed: 9 42210 0 pmb=mTOE,1
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: 0c5aa90b-fb48-4018-4efc-ab471d4099bb
X-Xss-Protection: 1 ; mode=block
x-robots-tag: noindex, nofollow

Redirect headers

content-length: 0
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
date: Wed, 20 Mar 2024 09:03:43 GMT
location: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
server: AkamaiGHost
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-robots-tag: noindex, nofollow
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK 2be5433306a1555bf6f96086ea852669dd0011213c3f Show response
www.citi.com/public/ 158 KB
56 KB 545ms
183ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-160-129.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e864d99a8d998cba8772938c0fc9785007685f0d43fe7c532a8c8e4b8dae4c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 09:03:45 GMT
Content-Encoding: gzip
Content-MD5: jaY7dBzoVbYFoWF4z9HCDA==
Connection: keep-alive
Content-Length: 56381
Last-Modified: Thu, 14 Mar 2024 21:38:45 GMT
ETag: 0x8DC446F205AADA4
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 20 Mar 2024 09:13:45 GMT

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 1 KB
1 KB 636ms
273ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-160-129.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dcbf4a3e6aa481ac519a2a03794d4bcf4fe740f47ec5e82a70f4ba80cee8a709

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2024 09:03:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: Prod
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 737
Expires: 0

GET
H/1.1 200
OK tagging.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 42 KB
10 KB 537ms
172ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/tagging.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6fac9e333a345d008b027e55517ba0a7b37f4cf5e2218b01ba9855c7614ec47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 9908
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"a700-18e4ad09358"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 7caf574e-8e51-4437-7d52-71a48d3b87e7
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Wed, 20 Mar 2024 15:03:45 GMT

GET
H/1.1 200
OK banner.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 14 KB
5 KB 538ms
173ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7ee631ff5513ea1a236f455459687f7ba034f2ca6bca26ca3bb439ced608a46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 4355
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"363d-18e4ad09358"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: fab219cd-4c17-4972-6f3f-746e113dd714
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Wed, 20 Mar 2024 15:03:45 GMT

GET
H/1.1 200
OK Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 74 KB
75 KB 548ms
177ms Font
font/woff 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Sid: 864d7334-bbcf-4f90-b91c-cdfebe5e6354
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 0683132716277163
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Uuid: c2d50cc8-f480-4fb1-9c48-5d51cd844cd8
Connection: keep-alive
Content-Length: 75538
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"12712-18e4ad09358"
Access-Control-Max-Age: 2147483647
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: d2e11a9a-9a6d-4845-5215-660944e76b5f
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Expires: Wed, 20 Mar 2024 15:03:45 GMT

GET
H/1.1 200
OK Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 70 KB
71 KB 738ms
200ms Font
font/woff 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Sid: 3b5f0a75-e3e0-4631-8755-0d9fdca14991
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 8192655762637477
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Uuid: ed53cc8b-adcb-49c3-b46b-d1d26c2a9041
Connection: keep-alive
Content-Length: 71874
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"118c2-18e4ad09358"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: 0d593831-ee27-4b4e-7bb9-c9a56e0c369c
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Wed, 20 Mar 2024 15:03:45 GMT

GET
H/1.1 200
OK Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 77 KB
78 KB 717ms
179ms Font
font/woff 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Sid: d49091a4-17b3-458c-ad37-bc5ccdda8e61
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 4224679564193729
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Uuid: 7a9be97a-0ee1-41b3-9c8c-d88a5001c639
Connection: keep-alive
Content-Length: 78762
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"133aa-18e4ad09358"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: 7de0d80b-293f-48d7-7e22-b0f6b272dcee
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Wed, 20 Mar 2024 15:03:45 GMT

GET
H/1.1 200
OK styles.958e0aa55e23c233.css
www.citi.com/cbol-pre-login-static-assets/ 2 MB
163 KB 407ms
210ms Stylesheet
text/css 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/styles.958e0aa55e23c233.css

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

800b1e1c1ae4398778aba23368c9d3ecb82cc011f70605127e0d657153b10ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:44 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 165852
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:10:59 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"18467d-18e4ad1fab8"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 7356c14c-82f5-4d8a-58b1-8500e4bc42b9
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Tue, 16 Apr 2024 08:15:53 GMT

GET
H/1.1 200
OK fp-clientlib-v5.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 4 KB
2 KB 805ms
170ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp-clientlib-v5.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3bcf19ce679acd27c2218eeb943c2d8611265d526df55518b416e43f151b4c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 1547
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"e6d-18e4ad09358"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: b36522d3-a97f-43d3-5bd3-6ee7a216d3ca
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Wed, 20 Mar 2024 15:03:45 GMT

GET
H/1.1 200
OK fp.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 19 KB
6 KB 178ms
177ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:46 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 4844
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"4de4-18e4ad09358"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 8ba7793e-29d9-4eb8-4989-20358e049a24
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Wed, 20 Mar 2024 15:03:46 GMT

GET
H/1.1 200
OK runtime.04e838de78ece0ff.js Show response
www.citi.com/cbol-pre-login-static-assets/ 3 KB
3 KB 714ms
174ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/runtime.04e838de78ece0ff.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1e6350d625fa8dfb8570f6e44683c22532cec183d8c2996db78b74d87d578396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 1757
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"d22-18e4ad09358"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: 5867d339-ad16-4515-4694-4e9a73077b53
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Tue, 16 Apr 2024 08:13:31 GMT

GET
H/1.1 200
OK polyfills.adb80ee790195eb1.js Show response
www.citi.com/cbol-pre-login-static-assets/ 48 KB
17 KB 986ms
371ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/polyfills.adb80ee790195eb1.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 16650
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"be3d-18e4ad09358"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: d80a2101-eee3-4c44-4a6f-49fa9c0ebfff
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Tue, 16 Apr 2024 08:13:17 GMT

GET
H/1.1 200
OK scripts.9655e22a1093af91.js Show response
www.citi.com/cbol-pre-login-static-assets/ 52 KB
16 KB 183ms
182ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/scripts.9655e22a1093af91.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01be85a6d596b0b84d59f2b4de7285d41272d6a0c2d97a897a428bbfb140370e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:46 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 15188
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"d1b6-18e4ad09358"
Access-Control-Max-Age: 2147483647
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 91425c6a-87c8-446b-58ab-8cf500f22e49
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Tue, 16 Apr 2024 08:15:34 GMT

GET
H/1.1 200
OK main.58dfbe0c43e97e35.js
www.citi.com/cbol-pre-login-static-assets/ 2 MB
0 1003ms
380ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/main.58dfbe0c43e97e35.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 20 Mar 2024 09:03:45 GMT
Dclocation: GT1DMS
Connection: keep-alive
Content-Length: 814720
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:10:59 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"39aa2d-18e4ad1fab8"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
X-Vcap-Request-Id: cc1dd518-a55f-4e30-4fa2-831d188285ec
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=2592000, public, no-transform
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Tue, 16 Apr 2024 08:13:27 GMT

GET
H/1.1 200
OK RwImc Show response
www.citi.com/f6oua685q6/KVBd/4wRagm/3if9cpSJNG1QO7/BxRDUWU/JTpDJT/ 210 KB
78 KB 887ms
185ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/f6oua685q6/KVBd/4wRagm/3if9cpSJNG1QO7/BxRDUWU/JTpDJT/RwImc
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-160-129.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa2d9e17f98e261ee737a48868ad52fa1dbdf31f675c1fc3b837c2732c480a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 09:03:45 GMT
Content-Encoding: br
Last-Modified: Wed, 02 Aug 2023 16:13:42 GMT
Stored-Attribute-Sha-Checksum: aa2d9e17f98e261ee737a48868ad52fa1dbdf31f675c1fc3b837c2732c480a8f
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=21600, max-age=21600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 78330

GET
H2 200 65319_1825202430.js Show response
p11.techlab-cdn.com/e/ 54 KB
18 KB 259ms
76ms Fetch
application/javascript 2a02:26f0:3100::1735:2a82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65319_1825202430.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1762a6d546dfc49a32e2e4b2caefb01368b948b0d137b4e03447e18e3119c65a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:03:45 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 13:18:33 GMT
content-md5: rUBDMtkKPwbICzxwW6Zmug==
etag: 0x8DBF4CB84416B0B
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 18224
expires: Wed, 20 Mar 2024 09:13:45 GMT

GET
H2 200 65257_1825232097.js Show response
p11.techlab-cdn.com/e/ 14 KB
6 KB 337ms
154ms Fetch
application/javascript 2a02:26f0:3100::1735:2a82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:03:45 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 12:38:55 GMT
content-md5: 7rdGFe+/Y2zHt4sXxqkzxw==
etag: 0x8DAD39902829531
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 6061
expires: Wed, 20 Mar 2024 09:13:45 GMT

GET
H2 200 64885_1825202523.js Show response
p11.techlab-cdn.com/e/ 3 KB
2 KB 349ms
165ms Fetch
application/javascript 2a02:26f0:3100::1735:2a82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:03:45 GMT
content-encoding: gzip
last-modified: Sun, 24 Apr 2022 12:00:07 GMT
content-md5: DnvBZTKTbXGPNtxH2P6zMg==
etag: "0x8DA25E9F9A41165"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1470
expires: Wed, 20 Mar 2024 09:13:45 GMT

GET
H2 200 65226_747628217.js Show response
p11.techlab-cdn.com/e/ 70 KB
33 KB 298ms
114ms Fetch
application/javascript 2a02:26f0:3100::1735:2a82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65226_747628217.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:03:45 GMT
content-encoding: gzip
last-modified: Thu, 07 Dec 2023 21:28:41 GMT
content-md5: FfPxnOXyJHEeTjF3kZAIQQ==
etag: 0x8DBF76B7C0E97C7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 33072
expires: Wed, 20 Mar 2024 09:13:45 GMT

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 313 KB
180 KB 349ms
305ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AIC6FluOAQAAlRBRjfLhcs6sgSc5EBJbdqG_lI-kcu2zTboxQtteFo4cvxJD&X-soz9htCz--z=q
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-160-129.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 50e318ba3791efc745ee17d8754332c0f0993f18b59f6fe97b5437fa18c84c13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 09:03:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: Prod
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: public, max-age=3600, immutable
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding

GET
H/1.1 200
OK 2be5433306a1555bf6f96086ea852669dd0011213c3f Show response
www.citi.com/public/ 158 KB
56 KB 172ms
171ms Script
application/javascript 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/public/2be5433306a1555bf6f96086ea852669dd0011213c3f
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-160-129.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e864d99a8d998cba8772938c0fc9785007685f0d43fe7c532a8c8e4b8dae4c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 09:03:46 GMT
Content-Encoding: gzip
Content-MD5: jaY7dBzoVbYFoWF4z9HCDA==
Connection: keep-alive
Content-Length: 56381
Last-Modified: Thu, 14 Mar 2024 21:38:45 GMT
ETag: 0x8DC446F205AADA4
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 20 Mar 2024 09:13:46 GMT

POST RwImc
www.citi.com/f6oua685q6/KVBd/4wRagm/3if9cpSJNG1QO7/BxRDUWU/JTpDJT/ 0
0

GET
H/1.1 200
OK Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 50 KB
0 188ms
187ms Font
font/woff 95.101.160.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.160.129 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-160-129.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Sid: 864d7334-bbcf-4f90-b91c-cdfebe5e6354
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 0683132716277163
Date: Wed, 20 Mar 2024 09:03:46 GMT
Dclocation: GT1DMS
Uuid: c2d50cc8-f480-4fb1-9c48-5d51cd844cd8
Connection: keep-alive
Content-Length: 75538
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Mar 2024 05:09:27 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
ETag: W/"12712-18e4ad09358"
Access-Control-Max-Age: 2147483647
Content-Type: font/woff
Scope: VISITOR
X-Vcap-Request-Id: d2e11a9a-9a6d-4845-5215-660944e76b5f
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Accept-Ranges: bytes
Expires: Wed, 20 Mar 2024 15:03:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.citi.com
URL: https://www.citi.com/f6oua685q6/KVBd/4wRagm/3if9cpSJNG1QO7/BxRDUWU/JTpDJT/RwImc

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fm.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1128732682.47873.0000
l.info6.citi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2qwredtmcmxbawd1l3we501h
l.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1061623818.47873.0000
.citi.com/	1970-01-20 19:25:30	Name: xyz_cr_617_et_100 Value: cr=617&wegc=&et=100&ap=&we=8
.citi.com/	1969-12-31 23:59:59	Name: AKMTLTSID Value: 3B3CFF9E1186609F3095B6EB8ED11CC7
.citi.com/	1970-01-20 19:15:39	Name: bm_sz Value: CBE77F649E3BF202692687F50470D462~YAAQiE3bF7pq2EqOAQAAziQaWxewbvmSp/TOEwgZnuWfvd9LrXDhx+C46dI6Jx87K3KdkpvHLp/JiFiwNG0dBUhVSHvdLQfvxPIaFJBVNQIMhWiMuDIyrRM0FPmobJgMR63WWZH4IuV17qdyCQy/Ye2Hyzaoain1QaPsO+HgC3mypdSblJZ8Fb7mIiZkUtgkcoJrxLiEek7eVz2HbawiLcAmrzGB2I8P2hl+5seUqdDkt+zlPd8c5BRSxULeBPva1UNn5hcuxTTK9pnDj/seCC+4nq/Rt/g20LkyV0Cp8/H38K/71kF2BmyRw8/C/TtMIdFk4iF/McxvOiD7WRHIqtK6n4Ly5GbdJG3fUV77GWpXvMRfyg==~3551539~3424563
.citi.com/	1970-01-20 19:15:32	Name: ak_bmsc Value: D5113E5E74DDB3606D71B08634856542~000000000000000000000000000000~YAAQiE3bF/Jq2EqOAQAAoicaWxcVzzVLbwrfI1XO8yUctMG7/uA7DdBFPj6bNfp9eVLRRBNsOE4Rs+K81uEniLOKksVMHf9p3B2jenhiik2a/f85CS5BJYLeHbsQKVivMtLNeLkkTNyOoyDKJlIUuBYyvrNQa4vzcCuxy8XEk3H97yCRnll/AVMKLTpHdGy+WdLQNNn+ZkRCA1avHrfhMKGpkOJcsYAj+sDhrylUsUFaoPPmVBU5L67UhwiRT+UjqD5Ck/mx8nU7tderlzS1VtL4epTB3i/CcKG1SrB+WyffL6RCxvnZoCqy/dgDFoqOnP0h9HyZYTIJPxWXCgIVhsJy4duEjQzgqkMLo0bxvU0XcRfOaBheThw5t7gd9Kg=
.citi.com/	1970-01-21 04:51:25	Name: NMO5iv8Z Value: AwEqGluOAQAAttssb3IhW1TacyOKkelC2k8IlxD5Fng6xcyqHxFIk_G2pHGSAdly2huucrZKwH8AAEB3AAAAAA\|1\|0\|07f7523ee5d8a6a8aa7fc3ffb534fee6cdd23276
.citi.com/	1970-01-21 04:01:01	Name: _abck Value: BE8193B9861EE3D93A452751D6EE4BA0~-1~YAAQiE3bF1lr2EqOAQAA6SsaWws3IIsXuCXek/VwBvo1iRJo860Qw9i7rDL0WBVA+8xNb25r1LTUYFx8wfOyZQMSRnfFcg80mUIJweOdHdW4gM4KWPF0dx4+MpBgA6wnYDyq32LI0R/iw/QgACr6e5Jq6LsrrIlSfMS+qgr/5XbwvXgfsRnxhZBCMGcG1IxW9SFy3P1chwDB/M4sHu2CH5Q+VNfpeIz+aZrim8zdZc8JtsICt2D7FzirfL6/EMQsX1Zz5QlshX7Y8NO5ld4mSQ1Vz7LpgoCbaVkBhGeAsCobWTL/0uPKxAIYbuBnSrO21zWslk76b3vjd/IwAGyHNW+MxgucOSIY23nd8CYp1+pYXNiTi0BrlgOhwCAWw2jxqs/rhM77tT8=~-1~-1~-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fm.info6.citi.com
l.info6.citi.com
online.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
www.citi.com
173.213.4.17
23.44.247.124
2a00:1450:4001:80f::200a
2a02:26f0:3100::1735:2a82
63.148.46.76
95.101.160.129
01be85a6d596b0b84d59f2b4de7285d41272d6a0c2d97a897a428bbfb140370e
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
1762a6d546dfc49a32e2e4b2caefb01368b948b0d137b4e03447e18e3119c65a
1e6350d625fa8dfb8570f6e44683c22532cec183d8c2996db78b74d87d578396
3bcf19ce679acd27c2218eeb943c2d8611265d526df55518b416e43f151b4c6c
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca
50e318ba3791efc745ee17d8754332c0f0993f18b59f6fe97b5437fa18c84c13
5ca352fa4464f68d236ae0a8b8946f3a5c1107112a14dd8eb96b2e6e4be6a0c7
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
6fac9e333a345d008b027e55517ba0a7b37f4cf5e2218b01ba9855c7614ec47e
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
7ee631ff5513ea1a236f455459687f7ba034f2ca6bca26ca3bb439ced608a46f
800b1e1c1ae4398778aba23368c9d3ecb82cc011f70605127e0d657153b10ead
86b3480f7032d69d3002a071be3bd3febbed5a7b3f59be135292e5c70e475aac
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
aa2d9e17f98e261ee737a48868ad52fa1dbdf31f675c1fc3b837c2732c480a8f
b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411
dcbf4a3e6aa481ac519a2a03794d4bcf4fe740f47ec5e82a70f4ba80cee8a709
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
e864d99a8d998cba8772938c0fc9785007685f0d43fe7c532a8c8e4b8dae4c1a
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

www.citi.com Open in urlscan Pro 95.101.160.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

33 %IPv6

4 Domains

7 Subdomains

6 IPs

2 Countries

1016 kBTransfer

4919 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.citi.com Open in urlscan Pro
95.101.160.129 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1016 kB
Transfer

4919 kB
Size

9
Cookies

30 HTTP transactions
0 data transactions