urlscan.io logo urlscan.io
SecurityTrails logo

citibanksgdvpapiuat1qa.investcloud.com Open in urlscan Pro
2606:4700::6811:b76b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://citibanksgdvpapiuat1qa.investcloud.com/
Effective URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Submission: On December 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6811:b76b, located in United States and belongs to CLOUDFLARENET, US. The main domain is citibanksgdvpapiuat1qa.investcloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 12th 2022. Valid for: a year.
This is the only time citibanksgdvpapiuat1qa.investcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 30 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
31 4
1    2606:4700::6811:b86b (United States)

ASN13335 (CLOUDFLARENET, US)
citibanksgdvpapiuat1qa.investcloud.com
30    2606:4700::6811:b76b (United States)

ASN13335 (CLOUDFLARENET, US)
citibanksgdvpapiuat1qa.investcloud.com
1    2607:f8b0:4006:821::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2607:f8b0:4006:806::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
31 investcloud.com
citibanksgdvpapiuat1qa.investcloud.com
3 MB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 300
fonts.googleapis.com — Cisco Umbrella Rank: 36
7 KB
1 gstatic.com
fonts.gstatic.com
126 KB
31 3
Domain Requested by
31 citibanksgdvpapiuat1qa.investcloud.com 3 redirects citibanksgdvpapiuat1qa.investcloud.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com citibanksgdvpapiuat1qa.investcloud.com
31 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Frame ID: 7839AB7ABB97F02AA5939A7308442757
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

User Login

Page URL History Show full URLs

  1. http://citibanksgdvpapiuat1qa.investcloud.com/ HTTP 301
    https://citibanksgdvpapiuat1qa.investcloud.com/ HTTP 302
    https://citibanksgdvpapiuat1qa.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
    https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Page Statistics

31
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

2750 kB
Transfer

8976 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://citibanksgdvpapiuat1qa.investcloud.com/ HTTP 301
    https://citibanksgdvpapiuat1qa.investcloud.com/ HTTP 302
    https://citibanksgdvpapiuat1qa.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
    https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request CitiHKLogin_WF_App.aspx
citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/
Redirect Chain
  • http://citibanksgdvpapiuat1qa.investcloud.com/
  • https://citibanksgdvpapiuat1qa.investcloud.com/
  • https://citibanksgdvpapiuat1qa.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f
  • https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001a2db126c0d8384554e1f3154348218f26d067ad5812a27d3702c3073af397
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
77661a9ce81ad15b-BUF
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Thu, 08 Dec 2022 14:13:51 GMT
expires
-1
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
77661a98aba9d15b-BUF
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Thu, 08 Dec 2022 14:13:50 GMT
location
/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
HomePage_CitiHKLogin.WF.App_IX62DE0D2789A6F82FE068AE8E3745D09D.css
citibanksgdvpapiuat1qa.investcloud.com/styles/96F022FA752A8B606E69C0BEAAF0CDC6/ 		1 MB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/styles/96F022FA752A8B606E69C0BEAAF0CDC6/HomePage_CitiHKLogin.WF.App_IX62DE0D2789A6F82FE068AE8E3745D09D.css
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3438858063347d8ffaacea611ace77ba2aebc3ea1fbb9e75dff665a50392eb0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Tue, 20 Sep 2022 07:32:29 GMT
server
cloudflare
etag
W/"805c4e23c3ccd81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=15552000
cf-ray
77661aa49ebdd15b-BUF
expires
Tue, 06 Jun 2023 14:13:53 GMT
V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/ 		276 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
etag
W/"628d7c22c3ccd81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=15552000
cf-ray
77661aa49ebed15b-BUF
expires
Tue, 06 Jun 2023 14:13:52 GMT
V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/ 		3 MB
920 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
etag
W/"b5299922c3ccd81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=15552000
cf-ray
77661aa49ec3d15b-BUF
expires
Tue, 06 Jun 2023 14:13:52 GMT
HomePage_CitiHKLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/ 		2 MB
425 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/HomePage_CitiHKLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
etag
W/"623cac22c3ccd81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=15552000
cf-ray
77661aa49ec4d15b-BUF
expires
Tue, 06 Jun 2023 14:13:53 GMT
HomePage_CitiHKLogin_WF_App_iXing_IX833E62AE1FA78606E4C38222A2C5E533.js
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/ 		1 MB
333 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/HomePage_CitiHKLogin_WF_App_iXing_IX833E62AE1FA78606E4C38222A2C5E533.js
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18a3007b9b914c42e3927aacd3d5b36ccaac7c3ede6a9e94d3b5175c3ac2c2d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Tue, 20 Sep 2022 07:32:28 GMT
server
cloudflare
etag
W/"bbd5623c3ccd81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=15552000
cf-ray
77661aa49ec5d15b-BUF
expires
Tue, 06 Jun 2023 14:13:52 GMT
HomePage_CitiHKLogin_WF_App_Generated_IX18C60D7B29171474A3BED04DA7FA0849.js
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/ 		36 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/HomePage_CitiHKLogin_WF_App_Generated_IX18C60D7B29171474A3BED04DA7FA0849.js
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2e38d9b81d709b212c7badcfa12b06cafd46a8b260b874123a5c39f1c223af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Tue, 20 Sep 2022 07:32:28 GMT
server
cloudflare
etag
W/"75c11223c3ccd81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=15552000
cf-ray
77661ab23c41d15b-BUF
expires
Tue, 06 Jun 2023 14:13:54 GMT
CITI-Interstate-Regular.ttf
citibanksgdvpapiuat1qa.investcloud.com/Fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/Fonts/CITI-Interstate-Regular.ttf
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/styles/96F022FA752A8B606E69C0BEAAF0CDC6/HomePage_CitiHKLogin.WF.App_IX62DE0D2789A6F82FE068AE8E3745D09D.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce21af65069079d3e0ef033d37d4240876f927f461b98a0600f9f4153106e677
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citibanksgdvpapiuat1qa.investcloud.com/styles/96F022FA752A8B606E69C0BEAAF0CDC6/HomePage_CitiHKLogin.WF.App_IX62DE0D2789A6F82FE068AE8E3745D09D.css
Origin
https://citibanksgdvpapiuat1qa.investcloud.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-length
38672
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 19 Sep 2022 09:27:54 GMT
server
cloudflare
etag
"71ede18accd81:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
77661ab949dbd15b-BUF
expires
Thu, 08 Dec 2022 18:13:56 GMT
CitiHKLogin_WF_App-ApplicationMapper_IX860EB2AE28B0BBEF9508B38F424C8502.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-ApplicationMapper_IX860EB2AE28B0BBEF9508B38F424C8502.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8299b46c119c179b65abcefb528afb4194796039c2d425fc3d99a249bceee0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"711ca22c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a17d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiHKLogin_WF_App-CommandListService_IXA3F8A9A10071F174AAA1CB53A17626FD.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		502 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-CommandListService_IXA3F8A9A10071F174AAA1CB53A17626FD.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a93bc4ec08c5c3c4befcc455ac1c8eb6551e65c5079c634733eb427df75de3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"95431122c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a1bd15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiHKLogin_WF_App-LocaleFieldFormats_IXD242CA4C238D54ABF1B57BC2D1D9297C.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		53 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-LocaleFieldFormats_IXD242CA4C238D54ABF1B57BC2D1D9297C.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad290591b202c122c9126def46da89c7865cc6c150922489fbcf775f8c8ab9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"107f2b22c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a1cd15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiHKLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		116 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"3781622c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a1ed15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiHKLogin_WF_App-WorkFlowApplicationTree_IXBC75394345D01AF0A572D9FFBEC80F6F.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		573 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-WorkFlowApplicationTree_IXBC75394345D01AF0A572D9FFBEC80F6F.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb86bdc1d6ea8f9eebaaa58ee2b65786077fc756489688c095b3be55c26cfa38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"3e6cf921c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a20d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiHKLogin_WF_App-WorkFlow_IX89DA61790CD3B6211276DA0C33ED4D59.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		2 KB
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-WorkFlow_IX89DA61790CD3B6211276DA0C33ED4D59.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65447a9169d0e8f76cb025aa380f371cf32d03f0e97a90b4f90daf6fd339ed45
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"1873522c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a22d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiSGAPI_IXE3F391F48C4F60FDC41199D86A6139C0.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiSGAPI_IXE3F391F48C4F60FDC41199D86A6139C0.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a3b4b6e727e964256be9bb05ef18e53dea45f4c37a442181b8b620beeaa8a61
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Thu, 08 Dec 2022 14:13:51 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"b1d0ea4bfbd91:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a23d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiSGAPI-ApplicationMapper_IX1E29BB9A7421C35C423B8D376E7A4798.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiSGAPI-ApplicationMapper_IX1E29BB9A7421C35C423B8D376E7A4798.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e1f70e4067edddf92298918eae51185dfdd0eddc6dd87f7287e39dad70d069d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"f77ec22c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a25d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiSGAPI-CommandListService_IXCFEF7FA61C3A794C0C3B29925FB32BC7.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		730 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiSGAPI-CommandListService_IXCFEF7FA61C3A794C0C3B29925FB32BC7.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c50fa0a3d333cec8ac2a48c43c2f2c5ab0b944a3d55a262dbcf01073a24be58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"95431122c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a26d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiSGAPI-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		116 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiSGAPI-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"3781622c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab97a29d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiSGAPI-WorkFlowApplicationTree_IX66A53EBFF49B32645B28C2244D573886.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		456 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiSGAPI-WorkFlowApplicationTree_IX66A53EBFF49B32645B28C2244D573886.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
669f92efd41e690c8feb163706f9e5a497bdd30c15e80e4077a1d640f6e8a7bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:26 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"3593022c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab98a30d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiSGAPI-WorkFlow_IX773F1CD3A7650404370329A3DB2E2631.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiSGAPI-WorkFlow_IX773F1CD3A7650404370329A3DB2E2631.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37914e2571232084374031bd0e8c4b9aea7af0861d69215c14e2e26022e5acf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"bba43222c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab98a31d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiSGAPI-637992847467488035-locale-en-US.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiSGAPI-637992847467488035-locale-en-US.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c76a09a2b00b0a6d3dda551a11a058bdc25aa750e5d231a901480b4d558af7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"361b2922c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab98a33d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
CitiHKLogin_WF_App-637992847467488035-locale-en-US.json
citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-637992847467488035-locale-en-US.json
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e629273ae9b4f5b945e037ab906141f2373fe4c035c6fe50a42abb73bfca384
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-XSRF-TOKEN
A8F8211292785445F4CF761419081AD7
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 20 Sep 2022 07:32:27 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"57b92622c3ccd81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
77661ab98a34d15b-BUF
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ecd.ashx
citibanksgdvpapiuat1qa.investcloud.com/iXingPages/ 		84 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e24abe68558d9b85ad26168a5dc962cc8f3517b5c0efdab15cfcc4083a0b31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

IC-Culture
en-US
X-XSRF-TOKEN
A8F8211292785445F4CF761419081AD7
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With
XMLHttpRequest

Response headers

date
Thu, 08 Dec 2022 14:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
77661ab98a38d15b-BUF
content-length
84
x-ua-compatible
IE=Edge
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 02:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 02:19:45 GMT
css
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Dec 2022 14:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 14:13:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Dec 2022 14:13:55 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://citibanksgdvpapiuat1qa.investcloud.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 11:05:45 GMT
x-content-type-options
nosniff
age
270490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 11:05:45 GMT
Ecd.ashx
citibanksgdvpapiuat1qa.investcloud.com/iXingPages/ 		0
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/iXingPages/Ecd.ashx?IX_EXTAUTH=Y
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

IC-Culture
en-US
X-XSRF-TOKEN
A8F8211292785445F4CF761419081AD7
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/xml, text/xml, */*; q=0.01
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With
XMLHttpRequest

Response headers

date
Thu, 08 Dec 2022 14:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
cf-ray
77661ac37b9ed15b-BUF
content-length
0
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ilg.ashx
citibanksgdvpapiuat1qa.investcloud.com/Membership/ExtPages/ 		2 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/ExtPages/ilg.ashx?IX_MN=Y
Requested by
Host: citibanksgdvpapiuat1qa.investcloud.com
URL: https://citibanksgdvpapiuat1qa.investcloud.com/scripts/jig/96F022FA752A8B606E69C0BEAAF0CDC6/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

IC-Culture
en-US
X-XSRF-TOKEN
A8F8211292785445F4CF761419081AD7
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With
XMLHttpRequest

Response headers

date
Thu, 08 Dec 2022 14:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
77661ac3bbc8d15b-BUF
content-length
2
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
Citiback_logo.png
citibanksgdvpapiuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/Citiback_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163ca8ec31d1ac7c8d7c1431f7449f38409e5f1bff272bb90485bdd59789e248
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 19 Sep 2022 09:26:51 GMT
server
cloudflare
etag
W/"1150ef39ccd81:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=15552000
cf-ray
77661ac3fbe4d15b-BUF
expires
Tue, 06 Jun 2023 14:13:57 GMT
citi-priority-horizontal@2x.png
citibanksgdvpapiuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/citi-priority-horizontal@2x.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58abdf232a9749d30deebb115ef0e84d3e269ee157d22fedb29e99142b070bd5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 19 Sep 2022 09:26:50 GMT
server
cloudflare
etag
W/"11c7e5f29ccd81:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=15552000
cf-ray
77661ac44c04d15b-BUF
expires
Tue, 06 Jun 2023 14:13:57 GMT
photo_hk_1@2x.png
citibanksgdvpapiuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 		594 KB
594 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citibanksgdvpapiuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/photo_hk_1@2x.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfb1078db04390d417fad62c750a984077ac25c16717c07516b72dcc7105f60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citibanksgdvpapiuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 14:13:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 19 Sep 2022 09:26:50 GMT
server
cloudflare
etag
W/"e18beaf29ccd81:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=15552000
cf-ray
77661ac44c05d15b-BUF
expires
Tue, 06 Jun 2023 14:13:58 GMT

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| WF_CONFIG_FILES string| uniqueTranslationId object| WebFontConfig object| IX_Theme function| IX_GetCookieValue function| IX_IsHTTPS function| IX_GetSecureFlag function| IX_SetCookieValue function| $ function| jQuery object| angular object| iXing number| IX_TimeoutStart boolean| IX_UserAuthenticated object| jstz object| cookieconsent function| JSZip function| numeral function| Sugar function| Cldr function| Globalize object| DevExpress function| _ function| moment function| P object| Modernizr function| GridStackUI function| isValidIEVersion function| RocketPageFlip boolean| ie10plus object| CircularJSON function| IX_setAria string| DROP_DOWN_EDITOR_CLASS string| TEXTEDITOR_CLEAR_BUTTON_CLASS string| TEXTEDITOR_CLEAR_ICON_CLASS string| TEXTEDITOR_ICON_CLASS object| Highcharts function| Hammer function| Big object| skrollr function| postscribe function| iFrameResize function| GetAntiForgeryToken function| UpdateAntiForgeryToken function| btoau function| atobu function| isBrowserIE11 function| isBrowserIELessThan10 function| isBrowserEdge function| isBrowserIE function| IX_isMobile function| IX_DeleteCookie function| IX_DeleteMFACookies function| IX_OnBeginCallback function| IX_OnEndCallback function| IX_ConfirmMessage function| IX_OpenPopupAndBecomeUser function| IX_SetRememberUsernameCookieValue function| IX_GetUsernameFromCookieValue function| IX_SetUsernameFromCookieValue function| generateUUID function| IX_TriggerSSO function| IX_getMessageText function| IX_getCommandFromMessageList function| IX_ConvertDSListToDXFormat function| IX_SetEcdRequestContext function| IX_GetEcdDataAndResolvePromise function| IX_GetMFADataAndResolvePromise function| IX_GetListDataAndResolvePromise function| IX_LogRequest function| IX_EcdRequest function| IX_MFARequest function| IX_PerformPrimeCacheRequests function| IX_getQueryStringParameter function| IX_RedirectToReturnURL function| IX_Ajax function| IX_GetMFADeviceRef function| IX_UpdateDisclaimer function| IX_PerformLogin function| IX_centerElement function| IX_centerElementVertically function| IX_ExtendjQuerySelectors function| IX_getDisplayCustomAlertInfo function| IX_getDisplayCustomSessionTimeOutAlertInfo function| IX_GetModalService function| IX_ShowCustomAlert function| IX_enhanceAlert function| IX_alert2 function| IX_findColumnPosition function| IX_urlify function| IX_replacePropertiesInComponent function| IX_customVerticalScrollBars boolean| IX_redirectingCurrently undefined| IXWarningTimeForCountdownStartTime function| IX_SetTimeZone function| IX_ShouldWeCheckTimeout function| IX_CheckForTimeoutAlert function| IX_alertUserOfImpendingTimeout function| IX_SetAlertInterval function| IX_checkForTimeoutInterval function| IX_resetSession function| IX_userIsActuallyLoggedOut function| triggerSessionKeepAliveEvent function| triggerSignOutEvent function| triggerSessionTimeoutEvent function| redirectUserForLogout function| IX_setTimerFromSeconds function| IX_startCountdownTimer function| IX_ResetPendingSessionExtensionRequests function| _IX_MakeServerSideCall function| IX_GetThrottledInitiateServerSideCall function| _IX_IntitiateServerSideCallThrottled function| IX_IntitiateServerSideCall function| IX_reloadServerSessionWithIframe function| IX_SetLoadingPanelAriaAttributes number| IX_checkCSRFCookieInterval string| IX_initCSRFToken boolean| IX_initAuthTokenSet function| IX_checkIfHttpCookieDefined function| IX_checkCSRFCookieChange function| IX_IsIPhone function| IX_fallbackImagePath function| IX_emailifyAsLink function| IX_maxWidth function| IC_Alert function| getChromeBrowserVersion function| IX_WdigetMenuItemClick function| CLIX_cbpWidgetMenu_EndCallback object| KEYS function| IX_SetValueInList function| IX_RunListAppAutoSelect function| IX_SetDropDownDisplayValue function| IX_RemoveUnnecesaryAriaTextFromDropDown function| IX_DropDownOnFocusIn function| IX_SetContextForOnComponentClick function| IX_Signout function| IX_CreateCustomDataSourceForMenu function| IX_GetODCHandler function| IX_GetECDHandler function| IX_GetEcdDataAndResolvePromiseNonList function| IX_CreateCustomDataSource function| IX_CreateDataSource function| IX_SetDataIn function| IX_GetResult function| IX_ProcessSingletonResponseData function| IX_CallSimpleOp function| IX_FlatApplicationProperties function| IX_FlattenObjectsForApplication function| IX_GetChaceKeyForECDG function| IX_SetECDContext function| IX_GetContextFromRouteParams function| IX_GetDataFromUrlContext function| IX_MapValueInContext function| IX_SetValueInContext function| IX_SetRunOnceInstructionForRedirectWithWorkflow function| IX_ProcessV4Redirect function| IX_ConvertSelectedRowsToDSFormat function| IX_SetCustomRowsToExportToExcel object| IX_LocalStorage function| IX_SetAppAsInitialized function| IX_IsAppInitialized function| IX_IterateArrayAndFormatValues function| IX_LoadOrRefreshChart function| IX_InitializeChart function| IX_GetFormattedField function| IX_GetUnFormattedField function| IX_ConditionalFormatApplyFormat_PivotedGrid function| IX_ConditionalFormatApplyFormat_jQueryElement function| IX_ConditionalFormatApplyFormat function| IX_AddToScopeObjRawDataArrayFromDSFormat function| IX_IC_SetChartColors function| IX_DataGroupingHelper function| IX_IC_GetChartGroup function| IX_CreateGroupLabelColorMap function| IX_ShowCommonLoadingPanel function| IX_HideCommonLoadingPanel function| IX_SetAriaAttributes function| IX_PopUpOnShownAddClass function| IX_Log function| IX_InBecomeUserMode function| IX_ToggleDisabledButtons function| IX_GetAndRunValidationGroupRules function| IX_IsValidationGroupValid function| IX_SetGoogleMapAutocompletForInput function| IX_SetSocialSharingButtons function| IX_GetDxRowDomData function| IX_ExecuteButtonInAppScope function| IX_OnShownModalDialogSetUpADA function| IX_OnHiddenModalDialogSetUpADA function| IX_UpdateAppWrapperHTMLAttributes function| IX_AnnounceText function| IX_setFocusToElementByClassName function| IX_AddBodyAttributesDefinedByMobileApplication function| IX_BindAnnounceTextToLoadngState function| IX_SetAdaHeaderMarkup function| IX_resizePopupBasedOnViewport function| IX_isSafari function| IX_isIOS function| IX_publishOnStaticLinksEvent function| IX_isAndroid function| IX_isWebView function| IX_ApplyDeviceStyles function| IX_RebindButtonKeyPressEventHandler function| IX_ApplyInputAppADAFixes function| IX_GetFieldValueForTest function| IX_FixAlternatingRows function| IX_GetThemeProperty function| IX_GetThemePropertyValue1 function| IX_GetThemePropertyValue2 function| IX_IsThemePropertyValue1Falsey boolean| True boolean| False object| string function| IX_ConditionalFormatExecuteRules function| IX_ConditionalRedirectExecuteRules function| IX_Update_Disabled_State_For_Validation_Group_Buttons function| IX_getReplacementValueIfNeeded function| IX_canvasLock function| IX_canvasUnlock function| IX_addApplicationToCanvas function| IX_SetScopeVariable function| IX_refreshCanvas function| IX_loadCanvas function| IX_CanvasPrint function| IX_canvasClone function| IX_CanvasDelete function| IX_TidyUpCanvas function| IX_IC_NormalizeDonutChartMultiGroupLegendConfig function| IX_IC_UpdateChartMultiGroupData function| IX_ConvertMultiGroupToArrayAndSort function| AdaTableLinkCommon function| IX_GetTableIdForFile function| IX_DeleteFile function| IX_ClearFile object| $translateProvider object| customTab object| IX_LocalStorageContainer object| IX_DEBUG_SETTINGS object| jQuery111103936611765316447 object| System function| Recorder function| IX_ShowCustomSessionTimeOutPopup object| WebFont object| icMenuDefaultItems

10 Cookies

Domain/Path Name / Value
citibanksgdvpapiuat1qa.investcloud.com/ Name: ASP.NET_SessionId
Value: vnlq5khaviyaouwb3apcbc20
citibanksgdvpapiuat1qa.investcloud.com/ Name: IXCulture
Value: en-US
citibanksgdvpapiuat1qa.investcloud.com/ Name: IXSBaseUtcOffset
Value: 480
citibanksgdvpapiuat1qa.investcloud.com/ Name: XSRF-TOKEN
Value: A8F8211292785445F4CF761419081AD7
citibanksgdvpapiuat1qa.investcloud.com/ Name: IXTMO
Value: 3600000
citibanksgdvpapiuat1qa.investcloud.com/ Name: IXTimezone
Value: Etc/UTC
citibanksgdvpapiuat1qa.investcloud.com/ Name: IXLastActivityTime
Value: Thu Dec 08 2022 14:13:54 GMT+0000 (GMT)
citibanksgdvpapiuat1qa.investcloud.com/ Name: IXAnalyticsConsent
Value: allow
citibanksgdvpapiuat1qa.investcloud.com/ Name: AWSALB
Value: ND5HJ36K8SgY6drCS7trRzFZiBYMiOG4fbakosPUn7M0VTsKrz+2kRN+KjJQLKEpX7OqHB7Q93TOZXLAli4tk0sGSwPUME7vv2+1LM16OKK+u2IdqXWE/ohaeAjQ
citibanksgdvpapiuat1qa.investcloud.com/ Name: AWSALBCORS
Value: ND5HJ36K8SgY6drCS7trRzFZiBYMiOG4fbakosPUn7M0VTsKrz+2kRN+KjJQLKEpX7OqHB7Q93TOZXLAli4tk0sGSwPUME7vv2+1LM16OKK+u2IdqXWE/ohaeAjQ

1 Console Messages

Source Level URL
Text
network error URL: https://citibanksgdvpapiuat1qa.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citibanksgdvpapiuat1qa.investcloud.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700::6811:b76b
2606:4700::6811:b86b
2607:f8b0:4006:806::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:821::200a
001a2db126c0d8384554e1f3154348218f26d067ad5812a27d3702c3073af397
0c50fa0a3d333cec8ac2a48c43c2f2c5ab0b944a3d55a262dbcf01073a24be58
163ca8ec31d1ac7c8d7c1431f7449f38409e5f1bff272bb90485bdd59789e248
18a3007b9b914c42e3927aacd3d5b36ccaac7c3ede6a9e94d3b5175c3ac2c2d6
1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158
22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c
37914e2571232084374031bd0e8c4b9aea7af0861d69215c14e2e26022e5acf3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
58abdf232a9749d30deebb115ef0e84d3e269ee157d22fedb29e99142b070bd5
5a93bc4ec08c5c3c4befcc455ac1c8eb6551e65c5079c634733eb427df75de3a
5c8299b46c119c179b65abcefb528afb4194796039c2d425fc3d99a249bceee0
5dfb1078db04390d417fad62c750a984077ac25c16717c07516b72dcc7105f60
62c76a09a2b00b0a6d3dda551a11a058bdc25aa750e5d231a901480b4d558af7
65447a9169d0e8f76cb025aa380f371cf32d03f0e97a90b4f90daf6fd339ed45
669f92efd41e690c8feb163706f9e5a497bdd30c15e80e4077a1d640f6e8a7bd
69e24abe68558d9b85ad26168a5dc962cc8f3517b5c0efdab15cfcc4083a0b31
7a3b4b6e727e964256be9bb05ef18e53dea45f4c37a442181b8b620beeaa8a61
7ad290591b202c122c9126def46da89c7865cc6c150922489fbcf775f8c8ab9c
7e629273ae9b4f5b945e037ab906141f2373fe4c035c6fe50a42abb73bfca384
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8e1f70e4067edddf92298918eae51185dfdd0eddc6dd87f7287e39dad70d069d
b3438858063347d8ffaacea611ace77ba2aebc3ea1fbb9e75dff665a50392eb0
ca2e38d9b81d709b212c7badcfa12b06cafd46a8b260b874123a5c39f1c223af
ce21af65069079d3e0ef033d37d4240876f927f461b98a0600f9f4153106e677
df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb86bdc1d6ea8f9eebaaa58ee2b65786077fc756489688c095b3be55c26cfa38