urlscan.io logo urlscan.io
SecurityTrails logo

www.citibank.com.ph Open in urlscan Pro
104.89.42.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
Effective URL: https://www.citibank.com.ph/landing_page/id-verification-reminders/index.htm?scode=0MSBZLZM&&pcode=MC430&media=2022041700834...
Submission: On April 28 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 28 HTTP transactions. The main IP is 104.89.42.85, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.citibank.com.ph. The Cisco Umbrella rank of the primary domain is 564873.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 19th 2021. Valid for: a year.
This is the only time www.citibank.com.ph was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 192.193.128.152 24568 (CITI-HK-I...)
5 18.197.253.20 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 104.102.29.173 20940 (AKAMAI-ASN1)
2 70.42.32.127 22075 (AS-OUTBRAIN)
2 2 2620:1ec:22::14 8068 (MICROSOFT...)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 142.250.185.194 15169 (GOOGLE)
1 2 216.58.212.166 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 15.188.95.229 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.89.42.85 16625 (AKAMAI-AS)
28 17
4    192.193.128.152 (United States)

ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK)
PTR: citibank.com.ph
citibank.com.ph
5    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
1    2a02:26f0:3500:7::17d8:4dc9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
2    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net
6321644.fls.doubleclick.net
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
citiintl.122.2o7.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.89.42.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-85.deploy.static.akamaitechnologies.com
www.citibank.com.ph
Apex Domain
Subdomains		 Transfer
5 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2740
94 KB
5 citibank.com.ph
citibank.com.ph — Cisco Umbrella Rank: 427568
www.citibank.com.ph — Cisco Umbrella Rank: 564873
36 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 382
www.linkedin.com — Cisco Umbrella Rank: 585
px4.ads.linkedin.com — Cisco Umbrella Rank: 4726
3 KB
3 doubleclick.net
6321644.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
3 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2172
tr.outbrain.com — Cisco Umbrella Rank: 1990
4 KB
2 2o7.net
citiintl.122.2o7.net — Cisco Umbrella Rank: 94462
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 61
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
623 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 131
37 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
79 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6408
548 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 747
3 KB
28 13
Domain Requested by
5 nexus.ensighten.com citibank.com.ph
nexus.ensighten.com
4 citibank.com.ph citibank.com.ph
2 citiintl.122.2o7.net 1 redirects
2 6321644.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.facebook.com
2 px.ads.linkedin.com 2 redirects
2 tr.outbrain.com amplify.outbrain.com
2 connect.facebook.net nexus.ensighten.com
connect.facebook.net
2 www.googletagmanager.com citibank.com.ph
www.googletagmanager.com
1 www.citibank.com.ph nexus.ensighten.com
1 adservice.google.com 6321644.fls.doubleclick.net
1 www.google.de
1 www.google.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 amplify.outbrain.com nexus.ensighten.com
1 snap.licdn.com nexus.ensighten.com
28 19

This site contains no links.

Subject Issuer Validity Valid
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-04 -
2022-05-05		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.citibank.com.ph
DigiCert SHA2 Extended Validation Server CA		 2021-11-19 -
2022-12-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.citibank.com.ph/landing_page/id-verification-reminders/index.htm?scode=0MSBZLZM&&pcode=MC430&media=20220417008349486
Frame ID: 097B7F057168B0B7C650F64F3F7F7781
Requests: 26 HTTP requests in this frame

Frame: https://6321644.fls.doubleclick.net/activityi;dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486;u19=;u2=;u20=undefined;u3=;u4=MC430;u5=;u6=;u7=;u8=;u9=2607518255423.5156;~oref=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486
Frame ID: CE1C9BF9A6BE603C29D5697D6943211C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Denied

Page URL History Show full URLs

  1. http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486 Page URL
  2. https://www.citibank.com.ph/landing_page/id-verification-reminders/index.htm?scode=0MSBZLZM&&pcode=MC430... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

50 %
HTTPS

53 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

274 kB
Transfer

773 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486 Page URL
  2. https://www.citibank.com.ph/landing_page/id-verification-reminders/index.htm?scode=0MSBZLZM&&pcode=MC430&media=20220417008349486 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2376898%26time%3D1651128552818%26url%3Dhttp%253A%252F%252Fcitibank.com.ph%252Fekyc%252F%253Fmedia%253D20220417008349486%2526pcode%253DMC430%2526%253D%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D&liSync=true&e_ipv6=AQJHaZ0GAfKOyAAAAYBu7k90qQhBST8hbTZTzfOv2BqD2vgYU7QTh88irWgTEjp4VXQ0LlqWRQ
Request Chain 21
  • https://6321644.fls.doubleclick.net/activityi;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486;u19=;u2=;u20=undefined;u3=;u4=MC430;u5=;u6=;u7=;u8=;u9=2607518255423.5156;~oref=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486 HTTP 302
  • https://6321644.fls.doubleclick.net/activityi;dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486;u19=;u2=;u20=undefined;u3=;u4=MC430;u5=;u6=;u7=;u8=;u9=2607518255423.5156;~oref=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486
Request Chain 25
  • http://citiintl.122.2o7.net/b/ss/citiintlphilippinesprod/1/JS-1.5.4/s28004950416721?AQB=1&ndh=1&pf=1&t=28%2F3%2F2022%206%3A49%3A13%204%200&fid=76BD59BC9997862C-1348E264FCB7B05D&ce=ISO-8859-1&ns=citiintl&cdp=3&fpCookieDomainPeriods=3&pageName=PH%7Cekyc%7Chome&g=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&cc=USD&ch=PH&events=event73%3D14&c1=PH%7Cekyc&v1=D%3DpageName&h1=PH%7Cekyc&v5=anonymous&v6=anonymous&c7=2%3A49%20PM%7CThursday&v7=2%3A49%20PM%7CThursday&c9=PH&v11=New&c12=CitiBank%20Phillippines&v13=1&v49=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3Dmc430%26media%3D20220417008349486&c50=Citi%20Intl%20AM%20V1%20-%2020160324%20%7C%20SiteCatalyst%20Base%20Code%20JS1.5.4&v51=desktop%20layout%3A1600x1200%3Alandscape&v73=14&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • http://citiintl.122.2o7.net/b/ss/citiintlphilippinesprod/1/JS-1.5.4/s28004950416721?AQB=1&pccr=true&vidn=31351C74A93B2C3A-40000FB7E31C7099&ndh=1&pf=1&t=28%2F3%2F2022%206%3A49%3A13%204%200&fid=76BD59BC9997862C-1348E264FCB7B05D&ce=ISO-8859-1&ns=citiintl&cdp=3&fpCookieDomainPeriods=3&pageName=PH%7Cekyc%7Chome&g=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&cc=USD&ch=PH&events=event73%3D14&c1=PH%7Cekyc&v1=D%3DpageName&h1=PH%7Cekyc&v5=anonymous&v6=anonymous&c7=2%3A49%20PM%7CThursday&v7=2%3A49%20PM%7CThursday&c9=PH&v11=New&c12=CitiBank%20Phillippines&v13=1&v49=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3Dmc430%26media%3D20220417008349486&c50=Citi%20Intl%20AM%20V1%20-%2020160324%20%7C%20SiteCatalyst%20Base%20Code%20JS1.5.4&v51=desktop%20layout%3A1600x1200%3Alandscape&v73=14&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
citibank.com.ph/ekyc/ 		768 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
Protocol
HTTP/1.1
Server
192.193.128.152 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),
Reverse DNS
citibank.com.ph
Software
/
Resource Hash
ee1ce74ecd566a93867d4f6899a17857b6b886e3ecdcbedccaa02d878e644af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
423
Content-Type
text/html
Date
Thu, 28 Apr 2022 06:49:11 GMT
ETag
"f40080-300-5d8a744dc9c80"
Keep-Alive
timeout=10, max=512
Last-Modified
Wed, 23 Feb 2022 03:43:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
jquery-1.8.3.min.js
citibank.com.ph/gcb/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://citibank.com.ph/gcb/js/jquery-1.8.3.min.js
Requested by
Host: citibank.com.ph
URL: http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
Protocol
HTTP/1.1
Server
192.193.128.152 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),
Reverse DNS
citibank.com.ph
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 05 Nov 2013 04:29:44 GMT
ETag
"ed88e5-16dc4-4ea667b5b7e00"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Thu, 28 Apr 2022 06:49:12 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=511
Content-Length
33430
xss.js
citibank.com.ph/gcb/js/ 		2 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
http://citibank.com.ph/gcb/js/xss.js
Requested by
Host: citibank.com.ph
URL: http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
Protocol
HTTP/1.1
Server
192.193.128.152 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),
Reverse DNS
citibank.com.ph
Software
/
Resource Hash
16dec46b1b2f8111b2515144c2582d1cc155bac499169329d1a1113aaee61ea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 28 Sep 2017 10:19:55 GMT
ETag
"c7329b-7ac-55a3d3fe488c0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Thu, 28 Apr 2022 06:49:12 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=512
Content-Length
507
xfs.js
citibank.com.ph/gcb/js/ 		373 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
http://citibank.com.ph/gcb/js/xfs.js
Requested by
Host: citibank.com.ph
URL: http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
Protocol
HTTP/1.1
Server
192.193.128.152 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),
Reverse DNS
citibank.com.ph
Software
/
Resource Hash
4e024e69898d4a60f9a96e51f4ce2931148d54cfa15ee69854db577cde095477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 13 Sep 2017 04:02:33 GMT
ETag
"ed890c-175-5590a3ab46840"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Date
Thu, 28 Apr 2022 06:49:12 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=512
Content-Length
193
Bootstrap.js
nexus.ensighten.com/citi/ph_prod/ 		203 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/citi/ph_prod/Bootstrap.js
Requested by
Host: citibank.com.ph
URL: http://citibank.com.ph/ekyc/?&pcode=MC430&media=20220417008349486
Protocol
HTTP/1.1
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9521865d1cc008bd2e6baad6067466ce91be4af99df2df7c520b1e08a0f4582c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Apr 2022 10:32:38 GMT
Server
nginx
ETag
W/"624ebdc6-32a9f"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
serverComponent.php
nexus.ensighten.com/citi/ph_prod/ 		664 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/citi/ph_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/ph_prod/code/&publishedOn=Thu%20Apr%2007%2010:32:38%20GMT%202022&ClientID=1129&PageID=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/Bootstrap.js
Protocol
HTTP/1.1
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cd9e6d61b78cc3db53d916adbbfc1e513deee45e7f3e3f32f7aeea5165642ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Content-Type
text/javascript
Content-Length
664
Expires
Thu, 28 Apr 2022 06:49:11 GMT
e62926252d3ce3e16df20c239fa17777.js
nexus.ensighten.com/citi/ph_prod/code/ 		28 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/citi/ph_prod/code/e62926252d3ce3e16df20c239fa17777.js?conditionId0=421908
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/Bootstrap.js
Protocol
HTTP/1.1
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e1dbf70945b238433a516e4b68639ecb0e18ef783b5c917b912b0b59cc298702

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 06:08:21 GMT
Server
nginx
ETag
W/"621f09d5-6fb3"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
b768d199ed43f20293fcebd6d0d7852e.js
nexus.ensighten.com/citi/ph_prod/code/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/citi/ph_prod/code/b768d199ed43f20293fcebd6d0d7852e.js?conditionId0=485500
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/Bootstrap.js
Protocol
HTTP/1.1
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
df374c380a9ab06829f32391500b903533ae2963bf6c8fc5fef7805aad8cefda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Sep 2020 08:12:42 GMT
Server
nginx
ETag
W/"5f6b037a-c259"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
2ef4a23c109b86d114ebea90f16b5be1.js
nexus.ensighten.com/citi/ph_prod/code/ 		4 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/citi/ph_prod/code/2ef4a23c109b86d114ebea90f16b5be1.js?conditionId0=4854340
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/Bootstrap.js
Protocol
HTTP/1.1
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fd92c01a5bc66e9a50b4786c10c43b35cbbeaa1d1571f01e459741c9dad49d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Aug 2019 10:10:39 GMT
Server
nginx
ETag
W/"5d528c9f-e5a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/code/e62926252d3ce3e16df20c239fa17777.js?conditionId0=421908
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=84318
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
js
www.googletagmanager.com/gtag/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6321644&_=1651128552768
Requested by
Host: citibank.com.ph
URL: http://citibank.com.ph/gcb/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec4fcd786030902e68305f9e4a45f778b3bf44d7cda232fdb4f7e7aa1cb1e03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:49:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38228
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Apr 2022 06:49:12 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/code/e62926252d3ce3e16df20c239fa17777.js?conditionId0=421908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
n54yCyRcAvBtlUBo/kPC+7UIh8C6N7wy7moexeeWSiHz75yGIEwJHk6EjtzXLQ1afikVmtOoHWULk4YRMT7Klg==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Thu, 28 Apr 2022 06:49:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://amplify.outbrain.com/cp/obtp.js
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/code/e62926252d3ce3e16df20c239fa17777.js?conditionId0=421908
Protocol
HTTP/1.1
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 12:30:38 GMT
Server
AkamaiNetStorage
ETag
"23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Thu, 28 Apr 2022 07:09:12 GMT
2635184470087039
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2635184470087039?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a97141e0cb6c5570b2ca686772ccfd3a43ad20af4c04e101e2039bf4439704d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ZNAgIdKm/ocQvtWXbrNcB/1fARmE1Z6sjCDqlApetbNw7+DVfJyqxMdZnwS7o4AsuuaxO2mqYbmrky/gns/bNg==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 28 Apr 2022 06:49:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1651128552846
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tr.outbrain.com/cachedClickId?marketerId=00f3dd092df2616c865096f65e1487e669
Requested by
Host: amplify.outbrain.com
URL: http://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
content-encoding
gzip
X-TraceId
3dd39859cb990355f6e51223c2868616
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tr.outbrain.com/unifiedPixel?marketerId=00f3dd092df2616c865096f65e1487e669&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&optOut=false&bust=04864458335979027
Protocol
HTTP/1.1
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 06:49:12 GMT
Cache-Control
no-cache
X-TraceId
3edf3f65aa5c4fc70987d84a8e5139f5
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2376898%26time%3D1651128552818%26url%3Dhttp%253A%252F%252Fcitibank.com.ph%252Feky...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D&liSync=true&e_ipv6=AQJHaZ...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D&liSync=true&e_ipv6=AQJHaZ0GAfKOyAAAAYBu7k90qQhBST8hbTZTzfOv2BqD2vgYU7QTh88irWgTEjp4VXQ0LlqWRQ
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:49:13 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 899564D8E54D4FB0970C92C32F0DB4B4 Ref B: VIEEDGE1616 Ref C: 2022-04-28T06:49:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdsVLqAI7W9fNHDnTpGg==
x-li-fabric
prod-ltx1

Redirect headers

date
Thu, 28 Apr 2022 06:49:12 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D7D4EE1EAB864BF0BDA64EEE8A82C2F7 Ref B: VIEEDGE2517 Ref C: 2022-04-28T06:49:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2376898&time=1651128552818&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3Fmedia%3D20220417008349486%26pcode%3DMC430%26%3D&liSync=true&e_ipv6=AQJHaZ0GAfKOyAAAAYBu7k90qQhBST8hbTZTzfOv2BqD2vgYU7QTh88irWgTEjp4VXQ0LlqWRQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdsVLmMBR0JcHTgQtfQw==
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1014751645&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6321644&_=1651128552768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
359405935ff900ccab01afb5b21bc3794a096509a0145fdf8c873a68a5d961e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:49:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42285
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Apr 2022 06:49:12 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2635184470087039&ev=PageView&dl=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&rl=&if=false&ts=1651128552860&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&fbp=fb.2.1651128552859.547273320&it=1651128552807&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:49:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 28 Apr 2022 06:49:12 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2635184470087039&ev=ViewContent&dl=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&rl=&if=false&ts=1651128552862&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=28&fbp=fb.2.1651128552859.547273320&it=1651128552807&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:49:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 28 Apr 2022 06:49:12 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1014751645&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14892
x-xss-protection
0
server
cafe
etag
4605403730725282575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 06:49:12 GMT
activityi;dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcod...
6321644.fls.doubleclick.net/ Frame CE1C
Redirect Chain
  • https://6321644.fls.doubleclick.net/activityi;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pc...
  • https://6321644.fls.doubleclick.net/activityi;dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2...
616 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6321644.fls.doubleclick.net/activityi;dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486;u19=;u2=;u20=undefined;u3=;u4=MC430;u5=;u6=;u7=;u8=;u9=2607518255423.5156;~oref=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6321644&_=1651128552768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
cafe /
Resource Hash
e9d5a2c2362ea98cf86722a7a51a37b243f2d50e9c6601e3112e4f530b32c8ea
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
423
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:49:13 GMT
expires
Thu, 28 Apr 2022 06:49:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:49:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://6321644.fls.doubleclick.net/activityi;dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486;u19=;u2=;u20=undefined;u3=;u4=MC430;u5=;u6=;u7=;u8=;u9=2607518255423.5156;~oref=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014751645/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014751645/?random=1651128552954&cv=9&fst=1651128552954&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&tiba=Citibank%20Philippines&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ac69e3979088bea347fe0b9c8f4193d2a3b4951b0ee330c6611b5d122d2e538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 06:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1068
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1014751645/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1014751645/?random=1651128552954&cv=9&fst=1651125600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&tiba=Citibank%20Philippines&async=1&fmt=3&is_vtc=1&random=2542637802&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 06:49:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014751645/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014751645/?random=1651128552954&cv=9&fst=1651125600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&tiba=Citibank%20Philippines&async=1&fmt=3&is_vtc=1&random=2542637802&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 06:49:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s28004950416721
citiintl.122.2o7.net/b/ss/citiintlphilippinesprod/1/JS-1.5.4/
Redirect Chain
  • http://citiintl.122.2o7.net/b/ss/citiintlphilippinesprod/1/JS-1.5.4/s28004950416721?AQB=1&ndh=1&pf=1&t=28%2F3%2F2022%206%3A49%3A13%204%200&fid=76BD59BC9997862C-1348E264FCB7B05D&ce=ISO-8859-1&ns=cit...
  • http://citiintl.122.2o7.net/b/ss/citiintlphilippinesprod/1/JS-1.5.4/s28004950416721?AQB=1&pccr=true&vidn=31351C74A93B2C3A-40000FB7E31C7099&ndh=1&pf=1&t=28%2F3%2F2022%206%3A49%3A13%204%200&fid=76BD5...
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://citiintl.122.2o7.net/b/ss/citiintlphilippinesprod/1/JS-1.5.4/s28004950416721?AQB=1&pccr=true&vidn=31351C74A93B2C3A-40000FB7E31C7099&ndh=1&pf=1&t=28%2F3%2F2022%206%3A49%3A13%204%200&fid=76BD59BC9997862C-1348E264FCB7B05D&ce=ISO-8859-1&ns=citiintl&cdp=3&fpCookieDomainPeriods=3&pageName=PH%7Cekyc%7Chome&g=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&cc=USD&ch=PH&events=event73%3D14&c1=PH%7Cekyc&v1=D%3DpageName&h1=PH%7Cekyc&v5=anonymous&v6=anonymous&c7=2%3A49%20PM%7CThursday&v7=2%3A49%20PM%7CThursday&c9=PH&v11=New&c12=CitiBank%20Phillippines&v13=1&v49=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3Dmc430%26media%3D20220417008349486&c50=Citi%20Intl%20AM%20V1%20-%2020160324%20%7C%20SiteCatalyst%20Base%20Code%20JS1.5.4&v51=desktop%20layout%3A1600x1200%3Alandscape&v73=14&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
HTTP/1.1
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://citibank.com.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:49:13 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 29 Apr 2022 06:49:13 GMT
server
jag
xserver
anedge-b4b698fcd-nhs9d
etag
3545771569005133824-4619725337727365293
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 27 Apr 2022 06:49:13 GMT

Redirect headers

date
Thu, 28 Apr 2022 06:49:13 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
location
http://citiintl.122.2o7.net/b/ss/citiintlphilippinesprod/1/JS-1.5.4/s28004950416721?AQB=1&pccr=true&vidn=31351C74A93B2C3A-40000FB7E31C7099&ndh=1&pf=1&t=28%2F3%2F2022%206%3A49%3A13%204%200&fid=76BD59BC9997862C-1348E264FCB7B05D&ce=ISO-8859-1&ns=citiintl&cdp=3&fpCookieDomainPeriods=3&pageName=PH%7Cekyc%7Chome&g=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486&cc=USD&ch=PH&events=event73%3D14&c1=PH%7Cekyc&v1=D%3DpageName&h1=PH%7Cekyc&v5=anonymous&v6=anonymous&c7=2%3A49%20PM%7CThursday&v7=2%3A49%20PM%7CThursday&c9=PH&v11=New&c12=CitiBank%20Phillippines&v13=1&v49=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3Dmc430%26media%3D20220417008349486&c50=Citi%20Intl%20AM%20V1%20-%2020160324%20%7C%20SiteCatalyst%20Base%20Code%20JS1.5.4&v51=desktop%20layout%3A1600x1200%3Alandscape&v73=14&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified
Fri, 29 Apr 2022 06:49:13 GMT
server
jag
xserver
anedge-b4b698fcd-nhs9d
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 27 Apr 2022 06:49:13 GMT
dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=*;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D2022041700...
adservice.google.com/ddm/fls/z/ Frame CE1C 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=*;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486;u19=;u2=;u20=undefined;u3=;u4=MC430;u5=;u6=;u7=;u8=;u9=2607518255423.5156;~oref=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486
Requested by
Host: 6321644.fls.doubleclick.net
URL: https://6321644.fls.doubleclick.net/activityi;dc_pre=CI21hZeVtvcCFQFIHQkd7GEO9g;src=6321644;type=rce;cat=fphpc000;ord=1184522784540;gtm=2od4p0;auiddc=1647513295.1651128553;u1=;u10=;u11=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486;u19=;u2=;u20=undefined;u3=;u4=MC430;u5=;u6=;u7=;u8=;u9=2607518255423.5156;~oref=http%3A%2F%2Fcitibank.com.ph%2Fekyc%2F%3F%26pcode%3DMC430%26media%3D20220417008349486?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6321644.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 06:49:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request index.htm
www.citibank.com.ph/landing_page/id-verification-reminders/ 		350 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citibank.com.ph/landing_page/id-verification-reminders/index.htm?scode=0MSBZLZM&&pcode=MC430&media=20220417008349486
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/citi/ph_prod/code/e62926252d3ce3e16df20c239fa17777.js?conditionId0=421908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.42.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-42-85.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
c75fd6581935586a848fd2217edaf24b52e5b4239374dbff7b9360187b99baf5

Request headers

Referer
http://citibank.com.ph/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
350
Content-Type
text/html
Date
Thu, 28 Apr 2022 06:49:15 GMT
Expires
Thu, 28 Apr 2022 06:49:15 GMT
Mime-Version
1.0
Pragma
no-cache
Server
AkamaiGHost
Server-Timing
cdn-cache; desc=HIT edge; dur=1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

19 Cookies

Domain/Path Name / Value
.citibank.com.ph/ Name: _gcl_au
Value: 1.1.1647513295.1651128553
.citibank.com.ph/ Name: _fbp
Value: fb.2.1651128552859.547273320
.facebook.com/ Name: fr
Value: 0kE4Plm5d08WWiFyX..Biajjo...1.0.Biajjo.
.citibank.com.ph/ Name: s_fid
Value: 76BD59BC9997862C-1348E264FCB7B05D
.citibank.com.ph/ Name: gpv_pn
Value: PH%7Cekyc%7Chome
.citibank.com.ph/ Name: s_nr
Value: 1651128553026-New
.citibank.com.ph/ Name: s_vnum
Value: 1651363200027%26vn%3D1
.citibank.com.ph/ Name: s_invisit
Value: true
.citibank.com.ph/ Name: s_cc
Value: true
citibank.com.ph/ Name: outbrain_cid_fetch
Value: true
.linkedin.com/ Name: UserMatchHistory
Value: AQKUrn1mvHOVYAAAAYBu7k4DQmVT7Mb8BxLDnNQkaakxG4-EFtuQwI7KUXMk4Le00BYGTv28EBXt6Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLQPDctEjAhsAAAAYBu7k4DhkTQTeGJb3UaVPMM4xacpS4Cc5jOHQjXmpUlZt5UcTu6rdkXQrbiurw4fe1GYQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&dc92a73a-d633-43d9-8a6d-65b560b6724d"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2409:u=1:x=1:i=1651128552:t=1651214952:v=2:sig=AQEkLjiPlBBcSVN5_TN2qYqHjU73eu1z"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202204280649138915cbb4-7942-4af9-8e4e-47b820dbf37eAQFAFRhJRQqei8C9mv6wbZfO0fJHLzE5"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTExMjg1NTM7MjswMjFvpfHOiPBqnT9osYdiIncP2oScozfKRhEyw6xX+ozOOg==
.doubleclick.net/ Name: IDE
Value: AHWqTUlULO1fMLX26fOTR97E3L4zgvmGB0AVi8OeiEkPJMMpOmIldWVnmmvy0k_oSTk

1 Console Messages

Source Level URL
Text
network error URL: https://www.citibank.com.ph/landing_page/id-verification-reminders/index.htm?scode=0MSBZLZM&&pcode=MC430&media=20220417008349486
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6321644.fls.doubleclick.net
adservice.google.com
amplify.outbrain.com
citibank.com.ph
citiintl.122.2o7.net
connect.facebook.net
googleads.g.doubleclick.net
nexus.ensighten.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
tr.outbrain.com
www.citibank.com.ph
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.102.29.173
104.89.42.85
13.107.43.14
142.250.185.194
15.188.95.229
18.197.253.20
192.193.128.152
216.58.212.166
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a02:26f0:3500:7::17d8:4dc9
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
70.42.32.127
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
16dec46b1b2f8111b2515144c2582d1cc155bac499169329d1a1113aaee61ea2
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
359405935ff900ccab01afb5b21bc3794a096509a0145fdf8c873a68a5d961e4
3a97141e0cb6c5570b2ca686772ccfd3a43ad20af4c04e101e2039bf4439704d
4e024e69898d4a60f9a96e51f4ce2931148d54cfa15ee69854db577cde095477
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6ac69e3979088bea347fe0b9c8f4193d2a3b4951b0ee330c6611b5d122d2e538
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
9521865d1cc008bd2e6baad6067466ce91be4af99df2df7c520b1e08a0f4582c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
c75fd6581935586a848fd2217edaf24b52e5b4239374dbff7b9360187b99baf5
cd9e6d61b78cc3db53d916adbbfc1e513deee45e7f3e3f32f7aeea5165642ba2
df374c380a9ab06829f32391500b903533ae2963bf6c8fc5fef7805aad8cefda
e1dbf70945b238433a516e4b68639ecb0e18ef783b5c917b912b0b59cc298702
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d5a2c2362ea98cf86722a7a51a37b243f2d50e9c6601e3112e4f530b32c8ea
ec4fcd786030902e68305f9e4a45f778b3bf44d7cda232fdb4f7e7aa1cb1e03c
ee1ce74ecd566a93867d4f6899a17857b6b886e3ecdcbedccaa02d878e644af1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd92c01a5bc66e9a50b4786c10c43b35cbbeaa1d1571f01e459741c9dad49d20