citibanksgdvpadminuat.investcloud.com Open in urlscan Pro
2606:4700::6811:b76b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://citibanksgdvpadminuat.investcloud.com/
Effective URL:
https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
Submission: On April 27 via automatic, source certstream-suspicious (April 27th 2023, 3:00:22 pm UTC) — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 33 HTTP transactions. The main IP is 2606:4700::6811:b76b, located in United States and belongs to CLOUDFLARENET, US. The main domain is citibanksgdvpadminuat.investcloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.

This is the only time citibanksgdvpadminuat.investcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	2606:4700::68... 2606:4700::6811:b76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
33	5

27 2606:4700::6811:b76b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

citibanksgdvpadminuat.investcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	investcloud.com 2 redirects citibanksgdvpadminuat.investcloud.com	2 MB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607 fonts.googleapis.com — Cisco Umbrella Rank: 119	7 KB
1	gstatic.com fonts.gstatic.com	126 KB
0	citigroup.net Failed secureaccessweb.uat.nam.citigroup.net Failed
33	4

	Domain	Requested by
27	citibanksgdvpadminuat.investcloud.com	2 redirects citibanksgdvpadminuat.investcloud.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	citibanksgdvpadminuat.investcloud.com
0	secureaccessweb.uat.nam.citigroup.net Failed	citibanksgdvpadminuat.investcloud.com
33	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-27` - `2024-04-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 1 frames:

Frame: https://secureaccessweb.uat.nam.citigroup.net/siteminderagent/forms/logout.html
Frame ID: 86FAB6866DD6255EC08F55BD21A2EE5D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://citibanksgdvpadminuat.investcloud.com/ HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

33
Requests

85 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2093 kB
Transfer

8346 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://citibanksgdvpadminuat.investcloud.com/ HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request CitiAdminLogin_WF_App.aspx Show response
citibanksgdvpadminuat.investcloud.com/Membership/Apps/
Redirect Chain

https://citibanksgdvpadminuat.investcloud.com/
https://citibanksgdvpadminuat.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f
https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

8 KB
3 KB

230ms
230ms

Document
text/html

2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88434fc8e0f3845e8544adb1329c737cc3253b5fa688d689c8d297f6cc34b7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7be7ef19e971383b-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 27 Apr 2023 15:00:15 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7be7ef189f42383b-FRA
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 27 Apr 2023 15:00:15 GMT
location: /Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

GET
H2 200 HomePage_CitiAdminLogin.WF.App_IX777D35F547A3317F8964B3CE50A2E94C.css
citibanksgdvpadminuat.investcloud.com/styles/5D94B819B6447F5E052A1B49107F1AD4/ 1 MB
154 KB 1147ms
1147ms Stylesheet
text/css 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/styles/5D94B819B6447F5E052A1B49107F1AD4/HomePage_CitiAdminLogin.WF.App_IX777D35F547A3317F8964B3CE50A2E94C.css

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

020125e62d2535d557f80d6ae79a114681e6719dee56ddd334154215111bb68f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Wed, 08 Feb 2023 08:50:23 GMT
server: cloudflare
etag: W/"3fc7f619a3bd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=15552000
cf-ray: 7be7ef1b6bb3383b-FRA
expires: Tue, 24 Oct 2023 15:00:15 GMT

GET
H2 200 V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ 276 KB
97 KB 1223ms
1222ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
etag: W/"617ba609a3bd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 7be7ef1b6bb5383b-FRA
expires: Tue, 24 Oct 2023 15:00:15 GMT

GET
H2 200 V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ 3 MB
920 KB 1236ms
1236ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
etag: W/"472acd609a3bd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 7be7ef1b6bb6383b-FRA
expires: Tue, 24 Oct 2023 15:00:15 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ 2 MB
425 KB 1147ms
1147ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/HomePage_CitiAdminLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Wed, 08 Feb 2023 08:50:22 GMT
server: cloudflare
etag: W/"45d8dd609a3bd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 7be7ef1b6bb7383b-FRA
expires: Tue, 24 Oct 2023 15:00:15 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_iXing_IXDFACFDCF09A7926365DCE8D0F3E21FB8.js Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ 2 MB
338 KB 1138ms
1138ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/HomePage_CitiAdminLogin_WF_App_iXing_IXDFACFDCF09A7926365DCE8D0F3E21FB8.js

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c590d31f65b7a5adb7fcdbf60feb1b360f06a93e90a533fd64a362a4083c8a3c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Wed, 08 Feb 2023 08:50:22 GMT
server: cloudflare
etag: W/"f1383d619a3bd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 7be7ef1b6bb9383b-FRA
expires: Tue, 24 Oct 2023 15:00:15 GMT

GET
H2 200 HomePage_CitiAdminLogin_WF_App_Generated_IX26792CF152A8532144184499E98D5749.js Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ 12 KB
3 KB 705ms
705ms Script
application/javascript 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/HomePage_CitiAdminLogin_WF_App_Generated_IX26792CF152A8532144184499E98D5749.js

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b84ae1114d920820c657fc64d709454b01715dbb594293abdb9cf3a1967d0d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Wed, 08 Feb 2023 08:50:22 GMT
server: cloudflare
etag: W/"6b5d44619a3bd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=15552000
cf-ray: 7be7ef232f7e383b-FRA
expires: Tue, 24 Oct 2023 15:00:17 GMT

GET
H2 200 CitiAdminLogin_WF_App-ApplicationMapper_IXC5AA563EED9DC5FC04AE9317AEF850DC.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 3 KB
649 B 708ms
707ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-ApplicationMapper_IXC5AA563EED9DC5FC04AE9317AEF850DC.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393a948ee177ef5e630447bdb642613e638123bf258b5c6353e9a9e9fe916682

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"f884a609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef282fb8383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-CommandListService_IX8E763BEBFAD91FCE8C16531ECFC90897.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 1009 B
505 B 645ms
642ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-CommandListService_IX8E763BEBFAD91FCE8C16531ECFC90897.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29fa5e13c28d17141ab044ed8774fb5df126bab9d8158eef450ea00d07bb54a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"703051609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fba383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-LocaleFieldFormats_IX711C617C5D04E84646EF6DE04C072E35.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 60 KB
3 KB 712ms
710ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-LocaleFieldFormats_IX711C617C5D04E84646EF6DE04C072E35.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79008e8eb48bd79578e49e6305a5f2e9af170cfdff67b1fd2b4135b3ec3a896

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"77769609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fbb383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 116 B
185 B 209ms
207ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"94f455609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fbc383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-WorkFlowApplicationTree_IX201016D156126F886E9D375D4DBA9407.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 269 B
223 B 652ms
650ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-WorkFlowApplicationTree_IX201016D156126F886E9D375D4DBA9407.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971a06447a65f9ccea74dcb058c865b18a0418931eed1b3699f83071bf59cb0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:20 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"c41a3e609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fbe383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiAdminLogin_WF_App-WorkFlow_IX24F608EF4B7F4B0293858C8F909222A3.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 1 KB
504 B 651ms
648ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-WorkFlow_IX24F608EF4B7F4B0293858C8F909222A3.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59390fbe7ade8ab9e1ae43cec3670e13b9be3b85894aa5fedf263f0cc985ab4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"b59072609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fbf383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT_IX78F87337543FC7B936AF1AB0F7D21B34.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 3 KB
1 KB 683ms
681ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT_IX78F87337543FC7B936AF1AB0F7D21B34.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a485480fdddf24c55d071a27fb7355c9ff9d8752408c2a8f80e08b7e7e3d8521

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Thu, 27 Apr 2023 15:00:15 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"9dda34f91879d91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fc1383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-ApplicationMapper_IX00BC54E946ED3A1AAEA0D20527F6B37D.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 3 KB
715 B 654ms
652ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-ApplicationMapper_IX00BC54E946ED3A1AAEA0D20527F6B37D.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571ae25fbe855bb5633701c237368ed29ad88c1f8b6a032390b2879152bb88db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"f884a609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fc2383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-ApplicationMapper_IXC6E1CF84FD28B1BE38ACFCF8C8B6D791.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 8 KB
2 KB 675ms
673ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-ApplicationMapper_IXC6E1CF84FD28B1BE38ACFCF8C8B6D791.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62225ca7cda1212f981952069055c269a168b1adcb1c915bea1a9423c2d45e23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 15 Feb 2023 02:34:43 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"8e95abfe640d91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fc3383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-CommandListService_IX6DA3110EA0347F14078E7DBDB16C09E1.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 93 B
827 B 665ms
663ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-CommandListService_IX6DA3110EA0347F14078E7DBDB16C09E1.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31483ab01852b928c64ba6d5c271e20159886f1f67a36d74e367c204dc633e0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=S5sTVYl8eGZPKhspBxUWgNcM_ol7zm3DaPjYanbyK.0-1682607617-0-AWlelyxfbth_55cR4aDvR8sXUd91bbNsdINzL0WkfYkWFgjgV9Wqe41mPuDDpinBDz_NqjopnIq9eAStCVJSKp5dVA5k5CK9wjmIusmakP0_mCXjdT5HLi5OZ5TaPyts1BWbbmVKtDNuckMCGaOrHWkjusR-zQotlQilexL75ktaBSwGd_Byt5FHR8MeUyFipA; report-to cf-csp-endpoint
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Wed, 15 Feb 2023 02:34:44 GMT
server: cloudflare
etag: W/"1aa41b10e640d91:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=S5sTVYl8eGZPKhspBxUWgNcM_ol7zm3DaPjYanbyK.0-1682607617-0-AWlelyxfbth_55cR4aDvR8sXUd91bbNsdINzL0WkfYkWFgjgV9Wqe41mPuDDpinBDz_NqjopnIq9eAStCVJSKp5dVA5k5CK9wjmIusmakP0_mCXjdT5HLi5OZ5TaPyts1BWbbmVKtDNuckMCGaOrHWkjusR-zQotlQilexL75ktaBSwGd_Byt5FHR8MeUyFipA"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json
cf-ray: 7be7ef283fc5383b-FRA

GET
H2 200 CitiSGAdminUAT-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 116 B
195 B 656ms
654ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 15 Feb 2023 02:34:44 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"44662010e640d91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fce383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-WorkFlowApplicationTree_IX3AB8E9A2BB262E6202FADD8045214353.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 274 B
218 B 706ms
704ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-WorkFlowApplicationTree_IX3AB8E9A2BB262E6202FADD8045214353.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefd115e58f8910fd71b8cf599760f23a5d6fc85c807614f475f46119366ebd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 15 Feb 2023 02:34:43 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"1a978cfe640d91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fd0383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-WorkFlowApplicationTree_IX9ACF8A467E76817F6078E92BED62DE5F.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 272 B
197 B 658ms
656ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-WorkFlowApplicationTree_IX9ACF8A467E76817F6078E92BED62DE5F.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6553f386755643d74580f0fdd8ece0892a8c8db3c19e8061423ea32949dba3da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:20 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"148040609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fd3383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-WorkFlow_IX376D32AD9481CA2811FA04521BF41B54.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 1 KB
653 B 668ms
667ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-WorkFlow_IX376D32AD9481CA2811FA04521BF41B54.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860763e84c5642fc90f393488bd7ff944758f0162b915254d4b3b69a49f6684e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 15 Feb 2023 02:34:46 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"a1a58311e640d91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fd4383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-WorkFlow_IXEC40074822FB96A2882493E570D21BCF.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 1 KB
520 B 681ms
680ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-WorkFlow_IXEC40074822FB96A2882493E570D21BCF.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deceb806bb8080857c4e05f5813e8abcaf0098a4e92a580adbc244765adbf39b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"972f70609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fd6383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 CitiSGAdminUAT-638114718209044915-locale-en-US.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 8 KB
3 KB 673ms
672ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiSGAdminUAT-638114718209044915-locale-en-US.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63456e99c610d60e58ffef322ea694af1a4b36ef841bdb2adb0a7032ed8098

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=tZfqcsroSRVHKtu3PaKYGimWPl6u5kwNFWrSylxCkIc-1682607617-0-AZh_RRy1JFql2KvhsfLVW5M-6yU0GrFSTmAA6xdcyvoP_LJGWYGfWhCpj5wLqMoDsuXfayB1g_KIC__B5jklK059xGK4Fw4SYkghvEukUoB_NxFqry3wUlkYC4yqb_1Uzqo0k_wbWkrtETqz4VT9EgoQ-JRPUDWzq2FpkWARyJMOWQgXlYpNEPsgATRLu7YNJg; report-to cf-csp-endpoint
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
etag: W/"65a266609a3bd91:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=tZfqcsroSRVHKtu3PaKYGimWPl6u5kwNFWrSylxCkIc-1682607617-0-AZh_RRy1JFql2KvhsfLVW5M-6yU0GrFSTmAA6xdcyvoP_LJGWYGfWhCpj5wLqMoDsuXfayB1g_KIC__B5jklK059xGK4Fw4SYkghvEukUoB_NxFqry3wUlkYC4yqb_1Uzqo0k_wbWkrtETqz4VT9EgoQ-JRPUDWzq2FpkWARyJMOWQgXlYpNEPsgATRLu7YNJg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json
cf-ray: 7be7ef283fd7383b-FRA

GET
H2 200 CitiAdminLogin_WF_App-638114718209044915-locale-en-US.json Show response
citibanksgdvpadminuat.investcloud.com/scripts/jig/ 9 KB
3 KB 689ms
688ms XHR
application/json 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/scripts/jig/CitiAdminLogin_WF_App-638114718209044915-locale-en-US.json

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f19b820f6a2fe9522dcefa908c166d3bea90d4462a722ce68aa0612749e786e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
X-XSRF-TOKEN: A1B0663426FFCD29719894A2099575D3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 15:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 08 Feb 2023 08:50:21 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
etag: W/"ab4264609a3bd91:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7be7ef283fd8383b-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

POST
H2 401 ecd.ashx Show response
citibanksgdvpadminuat.investcloud.com/iXingPages/ 1 KB
2 KB 1341ms
1341ms XHR
text/html 2606:4700::6811:b76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpadminuat.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46ea45e2d4a3a5bc6c1dbe0d5dc214abdafe999081c6425f51f57616b183399b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

IC-Culture: en-US
X-XSRF-TOKEN: A1B0663426FFCD29719894A2099575D3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 27 Apr 2023 15:00:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ZOmjpIQ_iZuaUluZtz.f1myuoN_nQXHtdbvu3r1iC.Q-1682607618-0-AdaA1djm-QuaVVuvcQt6-GIDE9BCypNzz-7_F1rYJOfXi-mUXZyUVOORTeRzYK0tlCsS0KiyNlK1KDYzOSivIo4yfM9HiVVRmlKCv5-bz3QHDcmlT2adKDVBw-oH6QaANpAZF0sVmHFNj7cSyqg2xSJPS-ZQtDFyJWa7fPHEzP0lowh6RO4gZ0SBTRWTCDE85Q; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ZOmjpIQ_iZuaUluZtz.f1myuoN_nQXHtdbvu3r1iC.Q-1682607618-0-AdaA1djm-QuaVVuvcQt6-GIDE9BCypNzz-7_F1rYJOfXi-mUXZyUVOORTeRzYK0tlCsS0KiyNlK1KDYzOSivIo4yfM9HiVVRmlKCv5-bz3QHDcmlT2adKDVBw-oH6QaANpAZF0sVmHFNj7cSyqg2xSJPS-ZQtDFyJWa7fPHEzP0lowh6RO4gZ0SBTRWTCDE85Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/html
cache-control: private
cf-ray: 7be7ef283fdb383b-FRA
x-ua-compatible: IE=Edge

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 19:03:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 569 B
775 B 43ms
20ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citibanksgdvpadminuat.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 15:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 15:00:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 15:00:18 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 38ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://citibanksgdvpadminuat.investcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:43:28 GMT
x-content-type-options: nosniff
age: 422210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:43:28 GMT

POST Ecd.ashx
citibanksgdvpadminuat.investcloud.com/iXingPages/ 0
0

GET ilg.ashx
citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/ 0
0

GET citi_logo.png
citibanksgdvpadminuat.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 0
0

GET logout.html
secureaccessweb.uat.nam.citigroup.net/siteminderagent/forms/ 0
0

GET SignOut.aspx
citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/iXingPages/Ecd.ashx?IX_EXTAUTH=Y

Domain: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/ilg.ashx?IX_MN=Y

Domain: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/citi_logo.png

Domain: secureaccessweb.uat.nam.citigroup.net
URL: https://secureaccessweb.uat.nam.citigroup.net/siteminderagent/forms/logout.html

Domain: citibanksgdvpadminuat.investcloud.com
URL: https://citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/SignOut.aspx?_=1682607616499

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citibanksgdvpadminuat.investcloud.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yjoaeo5zmkfwlxdvrxt2nirb
citibanksgdvpadminuat.investcloud.com/	1969-12-31 23:59:59	Name: IXCulture Value: en-US
citibanksgdvpadminuat.investcloud.com/	1969-12-31 23:59:59	Name: IXSBaseUtcOffset Value: 480
citibanksgdvpadminuat.investcloud.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: A1B0663426FFCD29719894A2099575D3
citibanksgdvpadminuat.investcloud.com/	1969-12-31 23:59:59	Name: IXTMO Value: 3600000
citibanksgdvpadminuat.investcloud.com/	1970-01-20 11:26:20	Name: IXTimezone Value: Etc/UTC
citibanksgdvpadminuat.investcloud.com/	1969-12-31 23:59:59	Name: IXLastActivityTime Value: Thu Apr 27 2023 15:00:17 GMT+0000 (GMT)

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://citibanksgdvpadminuat.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citibanksgdvpadminuat.investcloud.com
fonts.googleapis.com
fonts.gstatic.com
secureaccessweb.uat.nam.citigroup.net
citibanksgdvpadminuat.investcloud.com
secureaccessweb.uat.nam.citigroup.net
2606:4700::6811:b76b
2a00:1450:4001:80e::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
020125e62d2535d557f80d6ae79a114681e6719dee56ddd334154215111bb68f
1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158
22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c
29fa5e13c28d17141ab044ed8774fb5df126bab9d8158eef450ea00d07bb54a0
31483ab01852b928c64ba6d5c271e20159886f1f67a36d74e367c204dc633e0d
393a948ee177ef5e630447bdb642613e638123bf258b5c6353e9a9e9fe916682
46ea45e2d4a3a5bc6c1dbe0d5dc214abdafe999081c6425f51f57616b183399b
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
571ae25fbe855bb5633701c237368ed29ad88c1f8b6a032390b2879152bb88db
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59390fbe7ade8ab9e1ae43cec3670e13b9be3b85894aa5fedf263f0cc985ab4b
5a63456e99c610d60e58ffef322ea694af1a4b36ef841bdb2adb0a7032ed8098
62225ca7cda1212f981952069055c269a168b1adcb1c915bea1a9423c2d45e23
6553f386755643d74580f0fdd8ece0892a8c8db3c19e8061423ea32949dba3da
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
860763e84c5642fc90f393488bd7ff944758f0162b915254d4b3b69a49f6684e
971a06447a65f9ccea74dcb058c865b18a0418931eed1b3699f83071bf59cb0c
9b84ae1114d920820c657fc64d709454b01715dbb594293abdb9cf3a1967d0d9
a485480fdddf24c55d071a27fb7355c9ff9d8752408c2a8f80e08b7e7e3d8521
c590d31f65b7a5adb7fcdbf60feb1b360f06a93e90a533fd64a362a4083c8a3c
c88434fc8e0f3845e8544adb1329c737cc3253b5fa688d689c8d297f6cc34b7e
d79008e8eb48bd79578e49e6305a5f2e9af170cfdff67b1fd2b4135b3ec3a896
deceb806bb8080857c4e05f5813e8abcaf0098a4e92a580adbc244765adbf39b
df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74
eefd115e58f8910fd71b8cf599760f23a5d6fc85c807614f475f46119366ebd3
f19b820f6a2fe9522dcefa908c166d3bea90d4462a722ce68aa0612749e786e7

citibanksgdvpadminuat.investcloud.com Open in urlscan Pro 2606:4700::6811:b76b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

85 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

2093 kBTransfer

8346 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

citibanksgdvpadminuat.investcloud.com Open in urlscan Pro
2606:4700::6811:b76b Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

85 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2093 kB
Transfer

8346 kB
Size

7
Cookies

33 HTTP transactions
0 data transactions