sit7.online.citi.com Open in urlscan Pro
104.70.85.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sit7.online.citi.com/
Effective URL:
https://sit7.online.citi.com/US/login.do
Submission: On March 04 via automatic, source certstream-suspicious (March 4th 2021, 8:26:01 am UTC)

Summary HTTP 197 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 22 domains to perform 197 HTTP transactions. The main IP is 104.70.85.47, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is sit7.online.citi.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on December 9th 2020. Valid for: a year.

This is the only time sit7.online.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 74	104.70.85.47 104.70.85.47	16625 (AKAMAI-AS) (AKAMAI-AS)
18	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
6	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.79.157.69 23.79.157.69	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	52.31.176.223 52.31.176.223	16509 (AMAZON-02) (AMAZON-02)
23	91.235.133.67 91.235.133.67	30286 (THM) (THM)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	108.128.13.248 108.128.13.248	16509 (AMAZON-02) (AMAZON-02)
3	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
1 1	34.253.145.149 34.253.145.149	16509 (AMAZON-02) (AMAZON-02)
1	104.111.224.160 104.111.224.160	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2	52.212.193.208 52.212.193.208	16509 (AMAZON-02) (AMAZON-02)
1	52.141.218.213 52.141.218.213	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	35.244.245.222 35.244.245.222	15169 (GOOGLE) (GOOGLE)
1	13.32.24.45 13.32.24.45	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	13.32.24.59 13.32.24.59	16509 (AMAZON-02) (AMAZON-02)
4	192.193.179.250 192.193.179.250	25883 (CITIGROUP) (CITIGROUP)
2	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
2	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1 1	199.38.167.128 199.38.167.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	104.70.84.163 104.70.84.163	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.113.175 151.101.113.175	54113 (FASTLY) (FASTLY)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
197	33

74 104.70.85.47 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-85-47.deploy.static.akamaitechnologies.com

sit7.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.79.157.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-157-69.deploy.static.akamaitechnologies.com

sit.api.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dit.api.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.31.176.223 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 91.235.133.67 (United States)

ASN30286 (THM, US)

content22.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.13.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

citi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

metrics1.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.145.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.224.160 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-160.deploy.static.akamaitechnologies.com

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)

20766699p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.193.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com

citicorpcreditservic.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.141.218.213 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

contents3.00110.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.245.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.245.244.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.24.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-45.fra56.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

20822230p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.24.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-59.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.193.179.250 (United States)

ASN25883 (CITIGROUP, US)

uat.report.nacustomerexperience.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.150.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.134.131 (United States)

ASN30286 (THM, US)

89oebq5klfzgmlqdh4cyzsuv2vzejs65xhhzl44j39b3503369943f07am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89oebq5klbn4cxvhcz5hysrdzuwxt654tdk2kotide4ebd2cb6460762am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p-preprd.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.70.84.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-84-163.deploy.static.akamaitechnologies.com

www.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
117	citi.com 1 redirects sit7.online.citi.com online.citi.com sit.api.citi.com content22.online.citi.com metrics1.citi.com contents3.00110.citi.com uat.report.nacustomerexperience.citi.com www.citi.com dit.api.citi.com	3 MB
18	ensighten.com nexus.ensighten.com	501 KB
9	google.com cse.google.com www.google.com	105 KB
8	googletagmanager.com www.googletagmanager.com	309 KB
6	online-metrix.net h.online-metrix.net 89oebq5klfzgmlqdh4cyzsuv2vzejs65xhhzl44j39b3503369943f07am1.e.aa.online-metrix.net 89oebq5klbn4cxvhcz5hysrdzuwxt654tdk2kotide4ebd2cb6460762am1.e.aa.online-metrix.net	28 KB
5	google.de www.google.de	540 B
5	doubleclick.net googleads.g.doubleclick.net	6 KB
5	demdex.net 1 redirects dpm.demdex.net citi.demdex.net	7 KB
4	rfihub.com 2 redirects 20766699p.rfihub.com p.rfihub.com 20822230p.rfihub.com p-preprd.rfihub.com	3 KB
3	medallia.com resources.digital-cloud-citi.medallia.com	73 KB
2	kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	6 KB
2	omtrdc.net citicorpcreditservic.tt.omtrdc.net	2 KB
2	bluekai.com stags.bluekai.com Failed	676 B
2	youtube.com www.youtube.com	39 KB
2	rlcdn.com di.rlcdn.com api.rlcdn.com Failed sr.rlcdn.com	132 B
1	googleadservices.com www.googleadservices.com	12 KB
1	rezync.com live.rezync.com	21 B
1	pbbl.co cdn.pbbl.co
1	bkrtx.com tags.bkrtx.com	16 KB
1	rfihub.net c1.rfihub.net	6 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
0	Failed function sub() { [native code] }. Failed
197	22

	Domain	Requested by
74	sit7.online.citi.com	1 redirects sit7.online.citi.com
23	content22.online.citi.com	sit7.online.citi.com content22.online.citi.com
18	nexus.ensighten.com	sit7.online.citi.com nexus.ensighten.com
8	www.google.com	cse.google.com
8	www.googletagmanager.com	nexus.ensighten.com www.googletagmanager.com
6	online.citi.com	sit7.online.citi.com
5	www.google.de
5	googleads.g.doubleclick.net	www.googleadservices.com
4	h.online-metrix.net	content22.online.citi.com
4	uat.report.nacustomerexperience.citi.com	sit7.online.citi.com
4	dpm.demdex.net	1 redirects sit7.online.citi.com
4	sit.api.citi.com	sit7.online.citi.com
3	resources.digital-cloud-citi.medallia.com	nexus.ensighten.com resources.digital-cloud-citi.medallia.com
3	metrics1.citi.com	sit7.online.citi.com
2	citicorpcreditservic.tt.omtrdc.net	sit7.online.citi.com
2	stags.bluekai.com	sit7.online.citi.com tags.bkrtx.com
2	www.youtube.com	sit7.online.citi.com www.youtube.com
1	udc-neb.kampyle.com
1	nebula-cdn.kampyle.com	resources.digital-cloud-citi.medallia.com
1	dit.api.citi.com	sit7.online.citi.com
1	89oebq5klbn4cxvhcz5hysrdzuwxt654tdk2kotide4ebd2cb6460762am1.e.aa.online-metrix.net
1	www.citi.com
1	p-preprd.rfihub.com	1 redirects
1	89oebq5klfzgmlqdh4cyzsuv2vzejs65xhhzl44j39b3503369943f07am1.e.aa.online-metrix.net
1	www.googleadservices.com	www.googletagmanager.com
1	live.rezync.com
1	20822230p.rfihub.com	1 redirects
1	p.rfihub.com	c1.rfihub.net
1	cdn.pbbl.co	nexus.ensighten.com
1	sr.rlcdn.com	nexus.ensighten.com
1	contents3.00110.citi.com	sit7.online.citi.com
1	20766699p.rfihub.com	c1.rfihub.net
1	tags.bkrtx.com	nexus.ensighten.com
1	c1.rfihub.net	nexus.ensighten.com
1	cm.everesttech.net	1 redirects
1	citi.demdex.net	nexus.ensighten.com
1	cse.google.com	sit7.online.citi.com
1	di.rlcdn.com	sit7.online.citi.com
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	content22.online.citi.com
0	api.rlcdn.com Failed	sit7.online.citi.com
197	40

This site contains links to these domains. Also see Links.

Domain
sit02.creditcards.citi.com
www.citi.com
www.citicards.com
marketinsights.citi.com
citigoldprivateclient.citi.com
banking.citi.com
online.citi.com
banking.citibank.com
www.lifeandmoney.citi.com
www.thefemalequotient.com
www.citigroup.com
jobs.citi.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
play.google.com
itunes.apple.com
www.facebook.com
www.twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
uat1.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-12-09` - `2022-01-07`	a year	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2020-03-13` - `2022-05-14`	2 years	crt.sh
sandbox.api.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-12-24` - `2021-11-06`	10 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
content22.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-14` - `2022-08-06`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
metrics1.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-02` - `2022-08-30`	2 years	crt.sh
*.rfihub.net DigiCert SHA2 Secure Server CA	`2020-04-01` - `2021-07-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
contents1.00110.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-08-10` - `2022-08-10`	2 years	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2020-10-21` - `2021-11-21`	a year	crt.sh
*.pbbl.co Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
uat.report.nacustomerexperience.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-03-31` - `2022-06-26`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2	`2019-09-13` - `2021-09-13`	2 years	crt.sh
www.citi.com DigiCert SHA2 Extended Validation Server CA	`2019-10-17` - `2022-01-01`	2 years	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
j.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.kampyle.com RapidSSL RSA CA 2018	`2020-02-11` - `2022-03-06`	2 years	crt.sh

This page contains 15 frames:

Primary Page: https://sit7.online.citi.com/US/login.do
Frame ID: F1BB1A2DE9FC291C814E978722B90763
Requests: 158 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: 83211B5E06685D84396B825768896075
Requests: 1 HTTP requests in this frame

Frame: https://20766699p.rfihub.com/ca.html?ver=9&ra=518&rb=648&ca=20766699&_o=17169175&_t=noncookiedusernamepassword&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=noncookiedusernamepassword&pe=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&pf=&ra=8226297444260333
Frame ID: EA2613899CCBE8632C288BB4950407AC
Requests: 1 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 5CF27AB956A3301A9D8363505C20F227
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/ca.html?ver=9&ra=114&rb=648&ca=&_o=17169175&_t=&pe=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&pf=&ra=7375122589223466
Frame ID: BE1633D11E41641CBC488635E15BEDE3
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jb=313524246a716d7d3d4e6b6e77782468716f3d4e6b6c7778266871623f4368706f6f672d30323a33
Frame ID: A804FD36FCD9884E324CF43B54BA1DBA
Requests: 12 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&phint=__bk_v%3D3.1.9&limit=10&r=78146650
Frame ID: 3503A6F0B88C295EDA658B77DD456F46
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&phint=__bk_v%3D3.1.9&limit=10&r=17912828
Frame ID: 4C196363B8F48B66D3EBF8F80103B384
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&jb=333f24266a716d77354c696e757a2668736f3f4c6b6e7578246a71603d4168726f6d652530303a31
Frame ID: F6DA8CFE0180F4874D7B7E59E0BA7627
Requests: 11 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1
Frame ID: 7F61EC9963B202478058AB8C6845D07D
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1
Frame ID: A3028912CA3C59AC4521633C96F0A74B
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1
Frame ID: AAC2FD48EA55F7ED1037CF87D365689A
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1
Frame ID: 11C43740C285698BAD1870EA87F70032
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1
Frame ID: 5CEC157B3ED1664D750C2CE4AAF58F0F
Requests: 2 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1
Frame ID: 6CE34228AB9A2007708AA7ABEB231521
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sit7.online.citi.com/ HTTP 302
https://sit7.online.citi.com/US/login.do Page URL

Detected technologies

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Page Statistics

197
Requests

97 %
HTTPS

17 %
IPv6

22
Domains

40
Subdomains

33
IPs

4
Countries

3709 kB
Transfer

10179 kB
Size

32
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://sit02.creditcards.citi.com/credit-cards/compare/view-all-credit-cards
Title: View All Credit Cards

Search URL Search Domain Scan URL

URL: https://sit02.creditcards.citi.com/credit-cards/compare/balance-transfer-credit-cards
Title: Balance Transfer Credit Cards

Search URL Search Domain Scan URL

URL: https://sit02.creditcards.citi.com/credit-cards/compare/0-percent-intro-apr-credit-cards
Title: 0% Intro APR Credit Cards

Search URL Search Domain Scan URL

URL: https://sit02.creditcards.citi.com/credit-cards/compare/rewards-credit-cards
Title: Rewards Credit Cards

Search URL Search Domain Scan URL

URL: https://sit02.creditcards.citi.com/credit-cards/compare/savings-and-cash-back-credit-cards
Title: Cash Back Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/travel-reward-credit-cards
Title: Travel Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/business-credit-cards
Title: Small Business Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/knowledge-center
Title: Citi® Credit Knowledge Center

Search URL Search Domain Scan URL

URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=Y
Title: Respond to Mail Offer

Search URL Search Domain Scan URL

URL: https://marketinsights.citi.com/
Title: Market Insights

Search URL Search Domain Scan URL

URL: https://citigoldprivateclient.citi.com/contact/
Title: Find a Wealth Team

Search URL Search Domain Scan URL

URL: https://banking.citi.com/cbol/high-yield/savings/default.htm?channel=onsite&Promo_ID=4CEWQH4ZENCHPC&intc=1~1~21~6~BANR~2~HYSA_MarkExp_APY~HP
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.citi.com/US/JRS/portal/template.do?ID=relationship_pricing_landing&intc=2~2~52~1~BANR~2~Q2CMI_2020_Hide~HP
Title: Mortgage Deals For New Hiding Spots

Search URL Search Domain Scan URL

URL: https://banking.citibank.com/cbol/checking/dual/700/offer/default.htm?Promo_ID=4HRZBDE95KCHPAintc=1~1~52~6~BANR~2~CHECK21_UT700~HP
Title: Earn Up To $700

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-diamond-preferred-credit-card&afc=106
Title: Low Intro APR Plus No Annual Fee

Search URL Search Domain Scan URL

URL: https://banking.citi.com/cbol/investment/cpwm/default.htm?intc=1~1~52~6~BANR~2~CPWM0820~M8

Search URL Search Domain Scan URL

URL: https://www.lifeandmoney.citi.com/money/well-being/how-to-do-financial-self-care

Search URL Search Domain Scan URL

URL: https://www.thefemalequotient.com/advancing-equality-calculator

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://jobs.citi.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citi
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/citi
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sit7.online.citi.com/ HTTP 302
https://sit7.online.citi.com/US/login.do Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1614846339158 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1614846339158

Request Chain 87

https://cm.everesttech.net/cm/dd?d_uuid=11475764857389237403510406069477127349 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YECZgwAAABteuQ_u

Request Chain 116

https://20822230p.rfihub.com/ca.html?rb=648&ca=20822230&ra=600690733&_o=17169175&_t=zx-cookie-match HTTP 302
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1870471593070615751

Request Chain 146

https://p-preprd.rfihub.com/uidm?_o=17169175&_u=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a&_sm=:R22534S@B348QgC24944S@B348QgC2232L2@B348QgS2233L2@B348QgS28259S1@B348QgS28266S1@B348QgS28267S1@B348QgS28227S1@B348QgS49119S@B348QgC49699S@B348QgC49700S@B348QgC49701S1@B348QgS49712S@B348QgC49749S@B348QgC49827S1@B348QgS11052c1@B348QgI1047T2@B348QgS49119S@B348QgC49699S@B348QgC49700S@B348QgC49712S@B348QgC49712S1@B348QgS49701S1@B348QgS&redirect=32 HTTP 302
https://www.citi.com/credit-cards/rfuidmatch/citi.action?XP_UID=SY-00GfVAAPNu3Mc=411

197 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login.do Show response
sit7.online.citi.com/US/
Redirect Chain

https://sit7.online.citi.com/
https://sit7.online.citi.com/US/login.do

194 KB
42 KB

320ms
319ms

Document
text/html

104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eef1e4f7b3a5947502324b706a179e748cf0683268413b6a2bd7397be04ef831

Request headers

:method: GET
:authority: sit7.online.citi.com
:scheme: https
:path: /US/login.do
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

jid: 210304032537011654000635 210304032537011654000635
x-ua-compatible: IE=edge IE=edge
cache-control: no-cache, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
x-akamai-citisite: GTDC
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-type: text/html; charset=ISO-8859-1
content-language: en-US
x-akamai-transformed: 9 - 0 pmb=mTOE,1
date: Thu, 04 Mar 2021 08:25:38 GMT
content-length: 42530
set-cookie: JSESSIONID=00008CfJrDeviuF4AEysRZbUIHC:us-mt-srv1; Path=/; Secure; HttpOnly CUUID=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a; Expires=Fri, 04-Mar-22 08:25:37 GMT; Path=/; Domain=.citi.com; Secure
x-robots-tag: noindex, nofollow

Redirect headers

location: https://sit7.online.citi.com/US/login.do
content-length: 224
content-type: text/html; charset=iso-8859-1
date: Thu, 04 Mar 2021 08:25:37 GMT
x-robots-tag: noindex, nofollow

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
sit7.online.citi.com/assets/scripts/global/ 902 B
1020 B 502ms
500ms Script
application/javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5ae1828de9d5340aa3522a6cf119301d2d32ed4023b19cf61ba8ded78629bda0

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
content-length: 668
x-ion-hop: Test
expires: Thu, 04 Mar 2021 08:25:38 GMT

GET
H2 200 tagging.js Show response
sit7.online.citi.com/CBOL/taggingTransformation/ 59 KB
12 KB 99ms
97ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/CBOL/taggingTransformation/tagging.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 519bbb8e7df4bd50b748660ebf487f1b22d566c34a296480e0f78df31fb185e2

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 16:39:08 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 11998
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 main.css
sit7.online.citi.com/GFC/branding/responsivebranding/css/ 46 KB
7 KB 110ms
108ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/main.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bd3ccc27cf9be600088075633085caa59ffdc6226dd98603eee03baee986d7d

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 09:55:15 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 7313
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 ddl.min.css
sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ 624 KB
69 KB 128ms
126ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 15:29:32 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 69731
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 jfpm.autocomplete.off.js Show response
sit7.online.citi.com/JFP/js/modules/ 1 KB
628 B 41ms
41ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 344
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 main_branding.css
sit7.online.citi.com/GFC/branding/responsivebranding/css/ 281 KB
44 KB 151ms
150ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/main_branding.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d9a1385e761ebc3a676d1ff155c795a8de0a7a7362d2be94eaaa1341017b37c

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 09:22:48 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 44739
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 branding_header_v2.css
sit7.online.citi.com/GFC/branding/responsivebranding/css/ 119 KB
15 KB 183ms
181ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59ec24de7d479369476229778ce105bd9b403f5f387aa38bfaa0c645cea78030

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 07:48:56 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 14997
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 branding_footer_v2.css
sit7.online.citi.com/GFC/branding/responsivebranding/css/ 15 KB
4 KB 227ms
226ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ff3e44b8a02077f7d83573b11ad348092aa5ff4bc63f389fd888f53e0e7559f

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 10:03:08 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 3621
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 vendor.js Show response
sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ 204 KB
64 KB 248ms
246ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/vendor.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 03c736ca1c90e26743865ed80c9766f84ca237b0dc572fab630737aaef70d171

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:29 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 64910
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/citi/na_stage/ 279 KB
92 KB 120ms
51ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 76c43444f20b759172e0893077c6bd5afeaed367088e38601ffaa6144f31303d

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 02:31:49 GMT
server: nginx
etag: W/"60404695-45b57"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 homePage.min.css
sit7.online.citi.com/loginpage/styles/ 24 KB
5 KB 227ms
226ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/loginpage/styles/homePage.min.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e035b79ab90f8c8ce0c5d34ae36fd666e84353307bdbf06ca62fdff8e77691dd

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 21:49:14 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 5046
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 jquery.tmpl.js Show response
sit7.online.citi.com/JFP/js/jquery/plugins/ 6 KB
3 KB 253ms
252ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JFP/js/jquery/plugins/jquery.tmpl.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:31 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 2905
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 fp.min.js Show response
sit7.online.citi.com/JSO/js/ 15 KB
5 KB 42ms
42ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JSO/js/fp.min.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:31 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 4322
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 451 463166.gif
di.rlcdn.com/ 0
66 B 118ms
54ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/463166.gif?partner_uid=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 bcsid.js Show response
sit7.online.citi.com/passivebio/ 947 B
711 B 42ms
42ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/passivebio/bcsid.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 427
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 BiocatchATO_Test.js Show response
sit7.online.citi.com/passivebio/ 338 KB
88 KB 44ms
44ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/passivebio/BiocatchATO_Test.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: afdc09ccfcdfa0f5acb1fa5fd430756474569d5be23f168ef2fe98a5155bc954

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 89209
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 pl-profile.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 678 B
922 B 80ms
74ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/pl-profile.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 96a25378d5d5fed38414a3d798eddc8367ebb206b45b125c837b9bab43c8799d

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Tue, 21 Jul 2020 15:27:27 GMT
x-akamai-citisite: GTDC
etag: "2a0-2a6-5aaf542bdd5c0"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 678

GET
H2 200 atmbranchloc.svg
sit7.online.citi.com/GFC/branding/img/redesigned/ 2 KB
1 KB 238ms
233ms Image
image/svg+xml 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/atmbranchloc.svg
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
content-type: image/svg+xml
last-modified: Wed, 29 Jul 2020 05:29:17 GMT
x-akamai-citisite: GTDC
etag: "2a8-6d8-5ab8dd642e540"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 758

GET
H2 200 lang.svg
sit7.online.citi.com/GFC/branding/img/redesigned/ 3 KB
2 KB 238ms
233ms Image
image/svg+xml 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/lang.svg
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e37a02e78fe6cf2e9359c395b6c677688c4d4ea5f8f7d4cd79ae03824daa44d6

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
content-type: image/svg+xml
last-modified: Tue, 04 Aug 2020 06:59:05 GMT
x-akamai-citisite: GTDC
etag: "2aa-dcf-5ac07ca758040"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1434

GET
H2 200 cc-know.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 547 B
791 B 105ms
100ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/cc-know.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e8296753489472722a900b40958f4cb93b5efa530499287debe37fdaac97cdb

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Fri, 17 Jul 2020 09:29:34 GMT
x-akamai-citisite: GTDC
etag: "2c2-223-5aa9fcb7c5b80"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 547

GET
H2 200 cc-mail.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 713 B
957 B 120ms
115ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/cc-mail.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 351566f41ad89bb03b7855b58661b377836aebe50db166052eaa17f17e156799

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Fri, 03 Jul 2020 10:19:28 GMT
x-akamai-citisite: GTDC
etag: "2be-2c9-5a986dc29ec00"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 713

GET
H2 200 banking-savings.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 917 B
1 KB 142ms
138ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/banking-savings.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 87578cd8ec6b565afd5be1b9a00845ca3dcb8024d64f2d96e4ce00bb07c94902

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 06 Jul 2020 06:45:19 GMT
x-akamai-citisite: GTDC
etag: "2b2-395-5a9c037d3ddc0"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 917

GET
H2 200 mort-calculator.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 374 B
618 B 143ms
138ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/mort-calculator.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77aae11467c6e42598b9c17f8a34f9ffb08c3acedd22db327fabf5b1becd24a2

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 06 Jul 2020 07:56:13 GMT
x-akamai-citisite: GTDC
etag: "2a4-176-5a9c13562c140"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 374

GET
H2 200 mort-home.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 515 B
759 B 174ms
170ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/mort-home.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 474a06e61c5ff0b6def6e5619529e0664e6fa2d9904ba6f796e4e1032c2ab3c3

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 06 Jul 2020 07:56:26 GMT
x-akamai-citisite: GTDC
etag: "2a1-203-5a9c136291e80"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 515

GET
H2 200 Investing-FP.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 399 B
644 B 188ms
184ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/Investing-FP.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 31a7d0a6362cd6d8fcbb3200740a252be4fc633363cc71021fb18faf4470eb5c

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 06 Jul 2020 08:52:29 GMT
x-akamai-citisite: GTDC
etag: "2c5-18f-5a9c1fe9c6d40"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 399

GET
H2 200 Investing-MI.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 822 B
1 KB 202ms
197ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/Investing-MI.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 643030db71af1915a7c02ec3589b64d1b826cb8c8c97e0f7b80d70e0c830726b

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 06 Jul 2020 08:52:58 GMT
x-akamai-citisite: GTDC
etag: "2b7-336-5a9c20056ee80"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 822

GET
H2 200 Investing-II.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 894 B
1 KB 202ms
198ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/Investing-II.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0a06ba70b7556d61f872bd1ca50148094683ed1ba026a78164563d3c63db0c0

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 06 Jul 2020 08:52:35 GMT
x-akamai-citisite: GTDC
etag: "29e-37e-5a9c1fef7fac0"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 894

GET
H2 200 atmbranch.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 697 B
941 B 236ms
232ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/atmbranch.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 489ac0d5e6bb586f0144108a782f87e10aa6387fa5925c0f7b526142dbbf9987

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Thu, 02 Jul 2020 08:41:48 GMT
x-akamai-citisite: GTDC
etag: "2ba-2b9-5a971610a0b00"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 697

GET
H2 200 WM-conce.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 819 B
1 KB 237ms
233ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/WM-conce.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e866b41975af77f752d3feae581391b018128ad2cb495e783349ca49cb94c38

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 06 Jul 2020 09:28:15 GMT
x-akamai-citisite: GTDC
etag: "2a7-333-5a9c27e85c9c0"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 819

GET
H2 200 navigationMobile.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 137 B
381 B 270ms
266ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/navigationMobile.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9704bca992680b1698b6c364e5fd7fd20991aa230c700f3378765fdf99a8b27d

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Tue, 21 Jul 2020 10:47:19 GMT
x-akamai-citisite: GTDC
etag: "2ad-89-5aaf158e81bc0"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 137

GET
H2 200 closeMobile.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 327 B
571 B 270ms
266ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/closeMobile.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 87e414e65461d63f3c18fdec21dc973fbb3b04db9269aa2fa9f2b1e9fb4d58f0

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Tue, 21 Jul 2020 10:47:19 GMT
x-akamai-citisite: GTDC
etag: "2c6-147-5aaf158e81bc0"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 327

GET
H2 200 cbol-smartSearch.css
sit7.online.citi.com/NCCS/smartSearch/css/ 8 KB
1 KB 44ms
44ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/NCCS/smartSearch/css/cbol-smartSearch.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:34 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 899
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 search.png
online.citi.com/GFC/branding/img/redesigned/ 540 B
1 KB 174ms
96ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/search.png

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e1cdd8699d632d98047b60975c127bde93707685555e0894c2087105e26298ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Sun, 12 Jul 2020 13:52:29 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 540
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 atmbranchlink.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 888 B
1 KB 296ms
293ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/atmbranchlink.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 424b0508d87aeff62bf98099b98490558de97db21d02343fd4b0e46252a74d58

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Sun, 26 Jul 2020 08:00:17 GMT
x-akamai-citisite: GTDC
etag: "2a2-378-5ab5398c16640"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 888

GET
H2 200 icon_globe_med-grey.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 1 KB
2 KB 309ms
306ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/icon_globe_med-grey.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9ea3e5b79df3924376af98d3639b49ef970ef77063203b3ef3abaa84daca88a

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Thu, 02 Jul 2020 08:42:08 GMT
x-akamai-citisite: GTDC
etag: "2bb-514-5a971623b3800"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 1300

GET
H2 200 citiHomePage.min.js Show response
sit7.online.citi.com/loginpage/scripts/ 15 KB
4 KB 44ms
43ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/loginpage/scripts/citiHomePage.min.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Sun, 17 May 2020 22:01:38 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 4255
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 rsa.js Show response
sit7.online.citi.com/CBOL/sec/debcaract/js/ 36 KB
11 KB 45ms
44ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/CBOL/sec/debcaract/js/rsa.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:29 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 10616
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 TMXProfiling.js Show response
sit7.online.citi.com/TMX/ 1 KB
830 B 72ms
72ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/TMX/TMXProfiling.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:34 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 546
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 peworkflow.min.js Show response
sit7.online.citi.com/personalization/ 5 KB
2 KB 71ms
71ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/personalization/peworkflow.min.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 15:29:33 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 1806
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 social-media_facebook@2x.png
online.citi.com/GFC/branding/responsivebranding/img/ 329 B
819 B 174ms
96ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/social-media_facebook@2x.png

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

9fa97f780f20b95ac6a2baeed3961d39ec6086e3417eb59cd294e4e528187b7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 329
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 social-media_twitter@2x.png
online.citi.com/GFC/branding/responsivebranding/img/ 840 B
1 KB 174ms
96ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/social-media_twitter@2x.png

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

5d343d5e2bc616fe04642af586793b51ba2291a6c9616ee92e4246bde9fa72a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 840
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 social-media_youtube@2x.png
online.citi.com/GFC/branding/responsivebranding/img/ 808 B
1 KB 216ms
138ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/social-media_youtube@2x.png

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f43f86e82f4cf6b5ddf863fbb8cd9bafb53790bd2016a7b2b36d51ad96fb32b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 808
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Citi_FooterLogo.png
online.citi.com/GFC/branding/responsivebranding/img/ 27 KB
28 KB 196ms
119ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/Citi_FooterLogo.png

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Wed, 20 May 2020 04:39:29 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 28149
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Citi_FooterLogo_Mobile.png
online.citi.com/GFC/branding/responsivebranding/img/ 11 KB
12 KB 216ms
138ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/Citi_FooterLogo_Mobile.png

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Wed, 20 May 2020 04:39:29 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 11562
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 oo_engine.min.js Show response
sit7.online.citi.com/GFC/branding/olab/js/ 42 KB
12 KB 41ms
41ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GFC/branding/olab/js/oo_engine.min.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 11704
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 navBarRedesign.js Show response
sit7.online.citi.com/GFC/branding/responsivebranding/js/ 258 KB
29 KB 45ms
45ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/js/navBarRedesign.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0d29c908f05194fd0c4b2f8a3e6aefc76f9252333426ff1c9337f530d964460

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 02:55:21 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 29188
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 ddl.min.js Show response
sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ 64 KB
18 KB 42ms
42ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ddl.min.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:29 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 17670
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 main.js Show response
sit7.online.citi.com/GFC/branding/responsivebranding/js/ 33 KB
8 KB 41ms
41ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/js/main.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c65cdc8fed4d04ccebbd8a065b8a6e16a6503060507c5140cb60350b0c2f480

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 7957
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 citilive-search.js Show response
sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/ 2 KB
1 KB 40ms
40ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:35 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 1073
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 cbol-smartSearch-inject.js Show response
sit7.online.citi.com/NCCS/smartSearch/js/ 13 KB
3 KB 47ms
47ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/NCCS/smartSearch/js/cbol-smartSearch-inject.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c770e459d9988f611c466be1c6a650c3247f8521b536c1c2897c390f7f25e5bb

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Sun, 17 May 2020 22:01:38 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 3030
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 cobrowse_overlay.css
sit7.online.citi.com/GPS/portal/css/ 7 KB
2 KB 41ms
41ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/GPS/portal/css/cobrowse_overlay.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:34 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 1597
expires: Thu, 04 Mar 2021 14:25:38 GMT

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
sit7.online.citi.com/assets/scripts/global/ 194 KB
110 KB 270ms
270ms Script
application/javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1ec30677af9db31e1863e98c66f908fee08200ac28b78df45333bb129159d325

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:38 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=9000
x-robots-tag: noindex, nofollow
x-ion-hop: Test
expires: Thu, 04 Mar 2021 10:55:38 GMT

OPTIONS
H/1.1 200
OK tagging_transformation.json
sit.api.citi.com/gcgapi/uat3/public/v1/staticcms/USGCB/en_US/appid/ Frame 0
0 908ms
699ms Preflight 23.79.157.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit.api.citi.com/gcgapi/uat3/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation.json
Protocol: HTTP/1.1
Server: 23.79.157.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-157-69.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: appversion,client_id
Origin: https://sit7.online.citi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Backside-Transport: FAIL FAIL
Access-Control-Allow-Methods: GET,POST,PUT,DELETE
Access-Control-Allow-Origin: https://sit7.online.citi.com
Access-Control-Allow-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Access-Control-Expose-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Access-Control-Allow-Credentials: true
Content-Length: 0
Date: Thu, 04 Mar 2021 08:25:39 GMT
Connection: keep-alive

GET
H/1.1 200
OK tagging_transformation.json Show response
sit.api.citi.com/gcgapi/uat3/public/v1/staticcms/USGCB/en_US/appid/ 865 KB
137 KB 1604ms
1603ms XHR
application/json 23.79.157.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sit.api.citi.com/gcgapi/uat3/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation.json

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.157.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-157-69.deploy.static.akamaitechnologies.com

Software

Resource Hash

16787122b206304e8b831938fbae5d7dc3c7f32fc161b30d61c750202665e6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

appVersion: CBOLV1.0.0
Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
client_id: 6a755087-ac37-4847-99a2-110c8da4f6b6

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Route-Target: DEFAULT:DEFAULT
Access-Control-Allow-Origin: https://sit7.online.citi.com
Transfer-Encoding: chunked
X-RateLimit-Remaining: name=rate-limit-1,9;
X-Global-Transaction-ID: 0864e7bb60409984348c6fd1
Connection: keep-alive, Transfer-Encoding
Vary: Accept-Encoding
X-Xss-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
X-Akamai-CITISITE: gtdc
X-Frame-Options: DENY
Dclocation: GT1DMSUAT3
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD,GET,POST,PUT,DELETE
Content-Type: application/json
X-Backside-Transport: OK OK,OK OK,OK OK
X-Vcap-Request-Id: 10abc9ef-4479-4f23-53de-5bccdb510f2a
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID,action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: name=rate-limit-1,10;
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Date: Thu, 04 Mar 2021 08:25:41 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1614846339158
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1614846339158

363 B
1 KB

62ms
62ms

XHR
application/json

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1614846339158

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7d278ee603f0d3fa219bd54d16f75dfb178ab649da55620a182465dff9b528be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-04815651d.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: ZN1+d7BbRcM=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sit7.online.citi.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 300
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://sit7.online.citi.com
X-TID: sXh5gSP2QS0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1614846339158
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET identity
api.rlcdn.com/api/ 0
0

GET
BLOB 200
OK 536debbd-0864-4f95-9ee4-1e0301d173e0
https://sit7.online.citi.com/ 138 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sit7.online.citi.com/536debbd-0864-4f95-9ee4-1e0301d173e0
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5168b3d0c8f929a1b8c4c1b4e4ebac60ee0e1ecfd759aeb4be4c2b15e3fc097

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 140879
Content-Type: application/javascript

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_stage/ 2 KB
888 B 48ms
47ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/serverComponent.php?r=659.5430930199458&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_stage/code/&publishedOn=Thu%20Mar%2004%2002:31:48%20GMT%202021&ClientID=1129&PageID=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 06c8e6e2a64fdb1d1f320bcbe3572ff01de87aab52a846eeb9ee3e14adce5a29

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Thu, 04 Mar 2021 08:25:38 GMT

GET
H2 200 citilogoredesign.png
sit7.online.citi.com/GFC/branding/img/redesigned/ 2 KB
2 KB 285ms
285ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/redesigned/citilogoredesign.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

Referer: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Thu, 02 Jul 2020 07:18:33 GMT
x-akamai-citisite: GTDC
etag: "29f-707-5a97037506440"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 1799

GET
H2 200 Interstate-Light.woff
sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ 74 KB
74 KB 285ms
284ms Font
application/octet-stream 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/Interstate-Light.woff
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Request headers

Origin: https://sit7.online.citi.com
Referer: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:29 GMT
x-akamai-citisite: GTDC
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: https://sit7.online.citi.com
x-robots-tag: noindex, nofollow
content-type: text/plain
content-length: 75483

GET
H2 200 Interstate-Regular.ttf
sit7.online.citi.com/JFP/fonts/ 150 KB
78 KB 297ms
297ms Font
application/octet-stream 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JFP/fonts/Interstate-Regular.ttf
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c891ffec93e4e682a8621d0e632f8d918d75857dfb0983cb357a032933fad03

Request headers

Origin: https://sit7.online.citi.com
Referer: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:31 GMT
x-akamai-citisite: GTDC
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: https://sit7.online.citi.com
x-robots-tag: noindex, nofollow
content-type: text/plain
content-length: 79753

GET
H2 200 Interstate-Bold.woff
sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ 70 KB
71 KB 309ms
309ms Font
application/octet-stream 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/Interstate-Bold.woff
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Request headers

Origin: https://sit7.online.citi.com
Referer: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:29 GMT
x-akamai-citisite: GTDC
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: https://sit7.online.citi.com
x-robots-tag: noindex, nofollow
content-type: text/plain
content-length: 71859

GET
H/1.1 200
OK tags.js Show response
content22.online.citi.com/fp/ 45 KB
10 KB 146ms
36ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&allow_reprofile=1

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9d3aa7fc2b3bea5561d463ddcdd503e321292abebcc99b9f3ae5dd8d0170a0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bkintg.js Show response
sit7.online.citi.com/personalization/ 6 KB
2 KB 240ms
240ms XHR
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/personalization/bkintg.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0687c7a91cacee8aea130fc1b7c12cbad408699e8ec5a7a66512d1b6a33e5fe8

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://sit7.online.citi.com/US/login.do
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 15:29:33 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 2002
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H2 200 aosRFServerIntg.js Show response
sit7.online.citi.com/personalization/ 52 KB
11 KB 265ms
265ms XHR
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/personalization/aosRFServerIntg.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a78443f1f5691e2c845e82e0242ef0c8f79435b044cd4dc661255deb2a461ff9

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://sit7.online.citi.com/US/login.do
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 21:49:14 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 10925
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H2 200 cmstmplintg.js Show response
sit7.online.citi.com/personalization/ 55 KB
13 KB 278ms
278ms XHR
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/personalization/cmstmplintg.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f3d2f2e810910ac029e0f75f668edf61ea26e79ef17768cdf651868b9689953f

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://sit7.online.citi.com/US/login.do
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 21:49:14 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 12949
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H2 200 1106464b92c342a3c2fa0b71543bda48.js Show response
nexus.ensighten.com/citi/na_stage/code/ 989 B
1 KB 35ms
35ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/1106464b92c342a3c2fa0b71543bda48.js?conditionId0=4849963
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 275cf9d336d8a29dd3a8cc8bc22761e96bfdd81c75a24bc5f48e10bfcc54d4fb

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Mon, 28 Dec 2020 17:49:03 GMT
server: nginx
etag: "5fea1a8f-3dd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 989

GET
H2 200 551a186e39db1b7fff1c82cc37bc39c4.js Show response
nexus.ensighten.com/citi/na_stage/code/ 10 KB
3 KB 35ms
34ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/551a186e39db1b7fff1c82cc37bc39c4.js?conditionId0=4897099
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2722b6e0ea82875c13432513874ecb4dc1171e8fd5423553c13c2cc16ff5dca0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 22 Jan 2021 17:45:52 GMT
server: nginx
etag: W/"600b0f50-286b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 daf17cf3adb07b9f460815b5237591c5.js Show response
nexus.ensighten.com/citi/na_stage/code/ 2 KB
960 B 35ms
34ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/daf17cf3adb07b9f460815b5237591c5.js?conditionId0=4837456
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 600263e9bde3fb2c66b5ccb8c59efd8bcb9224b5e2481aa3a336d7843803e8f6

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 17:49:03 GMT
server: nginx
etag: W/"5fea1a8f-887"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 70adc734c8b3da7da303531724169841.js Show response
nexus.ensighten.com/citi/na_stage/code/ 2 KB
862 B 35ms
34ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/70adc734c8b3da7da303531724169841.js?conditionId0=480881
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e65ab34ce9fc581b33eb9da02d0c3b0e5c24506a5431044ec02a48e102a0af02

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 20:27:17 GMT
server: nginx
etag: W/"5fcfe1a5-631"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 d4735fd843d57a69f9e83da44aed18d7.js Show response
nexus.ensighten.com/citi/na_stage/code/ 278 B
460 B 43ms
41ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/d4735fd843d57a69f9e83da44aed18d7.js?conditionId0=494377
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c4d822793b2eab5f9bf345ce530487844b1aeaca83f5fd906f2e9987f6842028

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
last-modified: Fri, 03 May 2019 18:11:56 GMT
server: nginx
etag: "5ccc846c-116"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 278

GET
H2 200 010a61bd11530d0183365eab7eec6f1b.js Show response
nexus.ensighten.com/citi/na_stage/code/ 132 KB
29 KB 41ms
38ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/010a61bd11530d0183365eab7eec6f1b.js?conditionId0=421908
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 932597ba6e20cca2f5f7bd469093e0fc953326de31c953a8bbfa00d898d2538c

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 00:10:23 GMT
server: nginx
etag: W/"603d826f-2115c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 484737ef6349218a71f55e13e6140e90.js Show response
nexus.ensighten.com/citi/na_stage/code/ 1 KB
737 B 43ms
40ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/484737ef6349218a71f55e13e6140e90.js?conditionId0=4827153
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 776f124f8ec3fd1257c3a3cf5a999fb84ba7ab610a60dfdb4dfce6460524c817

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 22 Jan 2021 17:45:52 GMT
server: nginx
etag: W/"600b0f50-412"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 350406220e142a9c587a2d1b25c924c7.js Show response
nexus.ensighten.com/citi/na_stage/code/ 113 KB
32 KB 48ms
45ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/350406220e142a9c587a2d1b25c924c7.js?conditionId0=4894570&conditionId1=486757
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d8af02d8e0bc07516a75fd0eb08089c90057583f3458436df938beb7b588b19a

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 16:54:13 GMT
server: nginx
etag: W/"601ad535-1c534"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 ce2d9be81bf1aa4e2428e784c430c9fb.js Show response
nexus.ensighten.com/citi/na_stage/code/ 18 KB
5 KB 50ms
48ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/ce2d9be81bf1aa4e2428e784c430c9fb.js?conditionId0=467299
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cceae287a1c4bbbd773d99ea601dbac6ab28f5607795c83b8e50675ea1c5a985

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 16:54:13 GMT
server: nginx
etag: W/"601ad535-47af"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 ef4fb68342441d20f3bd5ddf0d3960cf.js Show response
nexus.ensighten.com/citi/na_stage/code/ 12 KB
4 KB 50ms
48ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2780cafe6147607eae59e29013666c4bd593a3a6605abc0afb2d1e5c51eb6f52

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 20:27:17 GMT
server: nginx
etag: W/"5fcfe1a5-302f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 66ef20b673e69fa3dc9034eda23fddcf.js Show response
nexus.ensighten.com/citi/na_stage/code/ 356 KB
110 KB 67ms
65ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/66ef20b673e69fa3dc9034eda23fddcf.js?conditionId0=3013337
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f2b79bba24ea617060ee8f7491d0cf167d999d158a0b1e7b8ecb535fe1381335

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 02:31:49 GMT
server: nginx
etag: W/"60404695-5915c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 cse.js Show response
cse.google.com/cse/ 10 KB
4 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

8b2a020761356045ce2ac324d66b14c4e691f5e76c59ebc5520d59f53eb8cf52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3466
x-xss-protection: 0
expires: Thu, 04 Mar 2021 08:25:39 GMT

GET
H2 200 close.svg
sit7.online.citi.com/loginpage/images/icons/svgs/ 1 KB
911 B 282ms
282ms Image
image/svg+xml 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/loginpage/images/icons/svgs/close.svg
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17

Request headers

Referer: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
content-type: image/svg+xml
last-modified: Wed, 22 Apr 2020 19:06:31 GMT
x-akamai-citisite: GTDC
etag: "4851-5e3-5a3e5d4779bc0"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 641

GET
H2 200 iframe_api Show response
www.youtube.com/ 810 B
829 B 26ms
25ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ddl.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d960062424eec119eaf55c137f7dad6e793ae42360e0b5ed9f7d23f00801865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 04 Mar 2021 08:25:39 GMT

GET
H2 200 citilive-search-responsive.css
sit7.online.citi.com/JEA/CitiSearch/nexus-platform/css/ 62 KB
12 KB 180ms
178ms Stylesheet
text/css 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/css/citilive-search-responsive.css
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6f3649e19993fee191ac81abe9c6c74f6714d9fd19ccd3a0cce2f31835018e10

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 15:29:32 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: text/css
content-length: 12101
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H2 200 citilive-search-library.js Show response
sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/ 179 KB
61 KB 180ms
179ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-library.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:35 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 61658
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H2 200 citilive-search-service.js Show response
sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/ 9 KB
3 KB 207ms
206ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-service.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 19:06:35 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 2415
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H2 200 citi-search-tmpl.js Show response
sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/ 1 MB
732 KB 208ms
207ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citi-search-tmpl.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6805138392fa08fa31ac1baf1f3f5d33a869b50c607498578c17302418d683d

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 15:39:52 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 747483
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H2 200 citilive-search-controller.js Show response
sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/ 127 KB
25 KB 212ms
211ms Script
application/x-javascript 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-controller.js
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3be7fd7455d114e237d74857dd9cb3fe051c143d0b3755db09b8b3825149a766

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 15:39:52 GMT
x-akamai-citisite: GTDC
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cache-control: max-age=21600
content-type: application/x-javascript
content-length: 25012
expires: Thu, 04 Mar 2021 14:25:39 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
citi.demdex.net/ Frame 8321 7 KB
3 KB 206ms
50ms Document
text/html 108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: citi.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=11475764857389237403510406069477127349
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:33 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=11475764857389237403510406069477127349;Path=/;Domain=.demdex.net;Expires=Tue, 31-Aug-2021 08:25:39 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: ooOZIhtCTFU=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics1.citi.com/ 89 B
678 B 184ms
42ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&mid=04544682984465693434113173498121489686&ts=1614846339488

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

78369340f61dba01a703df4169ba86c8f6bc5e9b482e184f4aec09be0dc946f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-jckgh
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://sit7.online.citi.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 89
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YECZgwAAABteuQ_u
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=11475764857389237403510406069477127349
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YECZgwAAABteuQ_u

42 B
915 B

53ms
52ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YECZgwAAABteuQ_u

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0ad596ef7.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: eZh2KFbzRc4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YECZgwAAABteuQ_u
Date: Thu, 04 Mar 2021 08:25:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 113ms
32ms Script
application/x-javascript 104.111.224.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/code/551a186e39db1b7fff1c82cc37bc39c4.js?conditionId0=4897099
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.224.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-160.deploy.static.akamaitechnologies.com
Software: Jetty(9.0.6.v20130930) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 08:25:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 02:10:21 GMT
Server: Jetty(9.0.6.v20130930)
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 6162
Expires: Thu, 04 Mar 2021 09:25:39 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 33ms
32ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=Dependency%20with%20id%20660441is%20missing&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=-1&did=-1&errorName=DependencyNotAvailableException
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 04 Mar 2021 08:25:38 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 33ms
32ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%22ReferenceError%3A%20cookiepref%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20trigger%3A%20ccpa_cookiepref%2C%20ID%3A64079.%20Using%20bottom%20of%20body%20trigger.&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 04 Mar 2021 08:25:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae79282747efe21a8db21672581dfd84b96d8b2e98b91c48e5c768e318df9144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39430
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:39 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 116ms
49ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/code/ce2d9be81bf1aa4e2428e784c430c9fb.js?conditionId0=467299

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 19:39:43 GMT
Server: nginx/1.15.8
ETag: W/"601858ff-cae3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Thu, 04 Mar 2021 08:25:39 GMT
Connection: keep-alive
Content-Length: 16039
Expires: Thu, 11 Mar 2021 08:25:39 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 32ms
32ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%22ReferenceError%3A%20cookiepref%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20ccpa_cookiepref%2C%20ID%3A64079.&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_stage&rid=3441960&did=542251&errorName=DataDefinitionException
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 04 Mar 2021 08:25:38 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 275 KB
90 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 75946
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92401
x-xss-protection: 0
expires: Thu, 03 Mar 2022 11:19:53 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 75946
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Thu, 03 Mar 2022 11:19:53 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 940
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Thu, 04 Mar 2021 08:59:59 GMT

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/ 106 KB
38 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0096bdfd5ee9660448f45c4dbe4060d184c4e0bd353b01a8f27a8ae3180b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 04:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 15545
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38396
x-xss-protection: 0
expires: Fri, 04 Mar 2022 04:06:34 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 75ms
59ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d694aab0183f56fc66c5df9b1ae24ebd1991704eb61f3842fccc286e0aff700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39504
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:39 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 70ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4aac2297af8f3437059ca17af8c8e894d99c836ef71784ee81bd7bd28911e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39506
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:39 GMT

GET 19469
stags.bluekai.com/site/ 0
0

GET
H/1.1 200
OK Cookie set ca.html Show response
20766699p.rfihub.com/ Frame EA26 118 B
733 B 175ms
42ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20766699p.rfihub.com/ca.html?ver=9&ra=518&rb=648&ca=20766699&_o=17169175&_t=noncookiedusernamepassword&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=noncookiedusernamepassword&pe=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&pf=&ra=8226297444260333
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash: c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76

Request headers

Host: 20766699p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNWV4jU0MzSxMDEzNra0MDEBACYp6U40AAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 29 Mar 2022 08:25:39 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNUFAIZ9qP0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 363 B
1 KB 60ms
52ms XHR
application/json 52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=04544682984465693434113173498121489686&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%0130204CC1AFCDF90E-600002862FAA9D1D&ts=1614846339696

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

fe3b58fc9b8e89f24e3ace02820624adcb500e0da1b50ee337e41d27cc20c61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-0347877c0.edge-irl1.demdex.com 5.80.6.20210202104731 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: hgUwWlD4TWc=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sit7.online.citi.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 301
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 json Show response
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ 537 B
1 KB 293ms
189ms XHR
application/json 52.212.193.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/json?mbox=target-global-mbox&mboxSession=2496758f821f4203992db6a3e00db1b9&mboxPC=&mboxPage=ee555423e10c4aeca1318b9dd8f7d036&mboxRid=fa4200268f78480b99ad6cce99a00e30&mboxVersion=1.7.0&mboxCount=1&mboxTime=1614849939192&mboxHost=sit7.online.citi.com&mboxURL=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&at_property=129e61c9-d623-bc58-9086-f7078690364e&pageDef=jUSCBOL_Loginpage_Uncookied&customPageName=Non%20Cookied%20Username%20Password%20&customPageLanguage=english&customLOB=&customEventList=none&customLoginStatus=not%20logged%20in&isCitipriority_SS=undefined&hasCreditCard_SS=undefined&hasChecking_SS=undefined&hasSavings_SS=undefined&userSegmentType_SS=undefined&isPaperlessEnabled_SS=undefined&productId_SS=undefined&isSingleCardSPF_SS=undefined&numberOfCreditCards=undefined&hasCCSID_SS=undefined&mbox3rdPartyId=undefined&availableFlexLoanOffer_SS=undefined&viewCitiFlexPayOffer_SS=undefined&cinValuePropCode_SS=undefined&governingState=null&hasSBOB=undefined&isBusinessCust=undefined&isBusinessOnly=undefined&citiProducts=&bankProdSourceCode=undefined&isSPFMigrated_ECM=&isThankYouEnrolledInCC_ECM=&PID_ECM=&hasCD_ECM=&hasChecking_ECM=&RetailMOB_ECM=&hasCreditCard_ECM=&hasMortgage_ECM=&hasSavings_ECM=&isBrokerage_ECM=&isCitiBlue_ECM=&isCitigold_ECM=&isIPB_ECM=&isPaperless_ECM=&OldestCheckingMOB_ECM=&isBusinessCust_ECM=&isBusinessOnly_ECM=&isRELOnly_ECM=&isCitiPriority_ECM=&CheckingPackage_ECM=&balancetransferAppStatus_SS=undefined&pageLanguage=english&pageLang=en&loginStatus=not%20logged%20in&mboxMCSDID=13C92BE8809E3C91-73C4E8E33D206F6C&vst.trk=metrics.citi.com&vst.trks=metrics1.citi.com&mboxMCGVID=04544682984465693434113173498121489686&mboxMCAVID=30204CC1AFCDF90E-600002862FAA9D1D&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d793fba2934b67cf10ce46068cc9e7e178a5c66f6a6e3e6c31f9d66fc382e2f

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:40 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin: https://sit7.online.citi.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: fa4200268f78480b99ad6cce99a00e30

GET
H2 200 json Show response
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ 537 B
1 KB 291ms
189ms XHR
application/json 52.212.193.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/json?mbox=target-global-mbox&mboxSession=2496758f821f4203992db6a3e00db1b9&mboxPC=&mboxPage=ee555423e10c4aeca1318b9dd8f7d036&mboxRid=1cea43edba1f4433b0df02fa088d3909&mboxVersion=1.7.0&mboxCount=2&mboxTime=1614849939469&mboxHost=sit7.online.citi.com&mboxURL=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&at_property=129e61c9-d623-bc58-9086-f7078690364e&pageDef=jUSCBOL_Loginpage_Uncookied&customPageName=Non%20Cookied%20Username%20Password%20&customPageLanguage=english&customLOB=&customEventList=none&customLoginStatus=not%20logged%20in&isCitipriority_SS=undefined&hasCreditCard_SS=undefined&hasChecking_SS=undefined&hasSavings_SS=undefined&userSegmentType_SS=undefined&isPaperlessEnabled_SS=undefined&productId_SS=undefined&isSingleCardSPF_SS=undefined&numberOfCreditCards=undefined&hasCCSID_SS=undefined&mbox3rdPartyId=undefined&availableFlexLoanOffer_SS=undefined&viewCitiFlexPayOffer_SS=undefined&cinValuePropCode_SS=undefined&governingState=null&hasSBOB=undefined&isBusinessCust=undefined&isBusinessOnly=undefined&citiProducts=&bankProdSourceCode=undefined&isSPFMigrated_ECM=&isThankYouEnrolledInCC_ECM=&PID_ECM=&hasCD_ECM=&hasChecking_ECM=&RetailMOB_ECM=&hasCreditCard_ECM=&hasMortgage_ECM=&hasSavings_ECM=&isBrokerage_ECM=&isCitiBlue_ECM=&isCitigold_ECM=&isIPB_ECM=&isPaperless_ECM=&OldestCheckingMOB_ECM=&isBusinessCust_ECM=&isBusinessOnly_ECM=&isRELOnly_ECM=&isCitiPriority_ECM=&CheckingPackage_ECM=&balancetransferAppStatus_SS=undefined&pageLanguage=english&pageLang=en&loginStatus=not%20logged%20in&mboxMCSDID=0A1DCB836D96707A-611FC30BC5355CB7&vst.trk=metrics.citi.com&vst.trks=metrics1.citi.com&mboxMCGVID=04544682984465693434113173498121489686&mboxMCAVID=30204CC1AFCDF90E-600002862FAA9D1D&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d793fba2934b67cf10ce46068cc9e7e178a5c66f6a6e3e6c31f9d66fc382e2f

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:40 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin: https://sit7.online.citi.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 1cea43edba1f4433b0df02fa088d3909

GET
H/1.1 200
OK cr.png Show response
contents3.00110.citi.com/api/v1/ 4 B
402 B 575ms
159ms XHR
application/json 52.141.218.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedrictest&snum=1614846339759-sjn0000936-6a4c5eb8-9689-458a-8789-39f1390fee4f&muid=1614846339227-A6651F3C-CA46-4ECE-8FE6-E5E8245BFD6F
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.141.218.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:40 GMT
Server: nginx
tail-id: 06ec9070-570d-4bd9-8ed7-eadb4c162bc3
X-Kong-Proxy-Latency: 0
Content-Type: application/json
access-control-allow-origin: https://sit7.online.citi.com
X-Kong-Upstream-Latency: 1
cache-control: no-cache, no-store
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 4

OPTIONS
H/1.1 200
OK banner
sit.api.citi.com/gcgapi/uat1/api/v1/marketing/offers/ Frame 0
0 279ms
210ms Preflight 23.79.157.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit.api.citi.com/gcgapi/uat1/api/v1/marketing/offers/banner
Protocol: HTTP/1.1
Server: 23.79.157.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-157-69.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: client_id,content-type,countrycode,scope
Origin: https://sit7.online.citi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Backside-Transport: FAIL FAIL
Access-Control-Allow-Methods: GET,POST,PUT,DELETE
Access-Control-Allow-Origin: https://sit7.online.citi.com
Access-Control-Allow-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Access-Control-Expose-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Access-Control-Allow-Credentials: true
Content-Length: 0
Date: Thu, 04 Mar 2021 08:25:40 GMT
Connection: keep-alive

POST
H2 200 BKDmpUpdate.action Show response
sit7.online.citi.com/US/DMP/ 3 KB
2 KB 179ms
178ms XHR
text/html 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/US/DMP/BKDmpUpdate.action?JFP_TOKEN=OU8QFBY1
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 96da0123b20dbb462de8c21f88530a8f14d5922f1ebf4c28d7fea0942d33f14b

Request headers

Accept: */*
Referer: https://sit7.online.citi.com/US/login.do
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:40 GMT
content-encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cid: us-mt-srv1, us-mt-srv1
x-ua-compatible: IE=edge, IE=edge
pragma: no-cache
x-akamai-citisite: GTDC
jid: 210304032540011654000638, 210304032540011654000638
vary: Accept-Encoding
content-language: en-US
content-type: text/html;charset=ISO-8859-1
cache-control: no-cache, must-revalidate, proxy-revalidate, no-store
content-length: 1107
x-robots-tag: noindex, nofollow
x-akamai-transformed: 9 - 0 pmb=mTOE,1
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK banner Show response
sit.api.citi.com/gcgapi/uat1/api/v1/marketing/offers/ 11 KB
7 KB 1369ms
1369ms XHR
application/json 23.79.157.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sit.api.citi.com/gcgapi/uat1/api/v1/marketing/offers/banner

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.157.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-157-69.deploy.static.akamaitechnologies.com

Software

Resource Hash

9251335ea33e43a9f14743ab6bb8c589b024477bcbb1e6bd15be7ec8e55852bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
scope: VISITOR
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sit7.online.citi.com/
countryCode: US
client_id: ee00de8c-7e4a-4ab4-8b63-3a08b03c6d01

Response headers

Sid: 1651afd1-e04d-4d5a-a373-415794a7f505:GT1DMSUAT1
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Nonce: 6469358024387925
Access-Control-Allow-Origin: https://sit7.online.citi.com
X-RateLimit-Remaining: name=rate-limit,0;
X-Global-Transaction-ID: 0864e7bb60409984100f2bdd
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD,GET,POST,PUT,DELETE
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3349
X-Xss-Protection: 1; mode=block
Uuid: fceb5761-9a3c-4266-add0-3076773c4edf
Pragma: no-cache
X-Akamai-CITISITE: gtdc
X-Frame-Options: DENY
Date: Thu, 04 Mar 2021 08:25:41 GMT
X-Route-Target: DEFAULT:DEFAULT
Access-Control-Max-Age: 2147483647
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Type: application/json
X-Backside-Transport: OK OK,OK OK
X-Vcap-Request-Id: 92a68904-38d8-472d-73db-db504e44920f
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Scope: VISITOR
X-RateLimit-Limit: name=rate-limit,1;
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,environmentId,customerType,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,categoryCode,screenId,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,accessToken,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,Otpid,dap-clientId,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,x-ts-client-version,x-apigw-api-id,CITI_AWS,consumerappname,appVersion,fprNgaFlow,flowType,cookiereceived,cookiename,cookieexpected,kore-token,mfaDisable
Dclocation: GT1DMSUAT1
Expires: -1

POST
H2 200 TMXProfile.jws Show response
sit7.online.citi.com/US/REST/ManageTMXProfile/ 264 B
592 B 171ms
170ms XHR
application/json 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/US/REST/ManageTMXProfile/TMXProfile.jws
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c908f461af3c6a8e9a8416ac0534d56482c03f01db2fe5f5c0426b05a809535b

Request headers

Accept: */*
Referer: https://sit7.online.citi.com/US/login.do
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cid: us-mt-srv1
x-akamai-citisite: GTDC
jid: 210304032540011654000638
vary: Accept-Encoding
content-language: en-US
content-type: application/json
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, must-revalidate, proxy-revalidate, no-store
x-robots-tag: noindex, nofollow
content-length: 233
x-ua-compatible: IE=edge

GET
H/1.1 200
OK tags.js Show response
content22.online.citi.com/fp/ 45 KB
10 KB 98ms
35ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&allow_reprofile=1

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/TMX/TMXProfiling.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9b81f1e7a02ddb91470bd2f68d08f0fb03e1bddc70883f1990ab5ad0cd9174d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 2 KB
1 KB 753ms
690ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/code/1106464b92c342a3c2fa0b71543bda48.js?conditionId0=4849963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06c6e69f31e6f429441315a1f013b1cce3187f00a3c727e7f5426a21e1c37025

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BPMxkv92Vgjy5C7cZjUocJfUOybEGdNt
content-encoding: gzip
etag: "5e5e1f0d23bbc5933ea5038c8a75f5b9"
age: 0
via: 1.1 varnish
x-cache: HIT
content-length: 674
x-amz-id-2: NGoDAAFVC25zXrCvhYjOkZD+FcwfiUISDgTST5seJA2gcnjW6DdDxuBAEi4O03zTrlDtgSJs51o=
x-served-by: cache-cph20642-CPH
last-modified: Thu, 25 Feb 2021 16:35:55 GMT
server: AmazonS3
x-timer: S1614846342.644146,VS0,VE672
date: Thu, 04 Mar 2021 08:25:42 GMT
vary: Accept-Encoding
x-amz-request-id: FE1192491FD6C3DD
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame 5CF2 0
66 B 258ms
165ms Document
text/plain 35.244.245.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/code/551a186e39db1b7fff1c82cc37bc39c4.js?conditionId0=4897099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.245.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.245.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sr.rlcdn.com
:scheme: https
:path: /425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sit7.online.citi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

date: Thu, 04 Mar 2021 08:25:41 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0d0bb68facdf5cae41f8c08a24b952d2e63bc72857a2233cfadeae4e75d48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39431
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:41 GMT

GET
H2 403 1560.js
cdn.pbbl.co/r/ 0
0 120ms
31ms Script
text/html 13.32.24.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/1560.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/code/551a186e39db1b7fff1c82cc37bc39c4.js?conditionId0=4897099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.24.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-24-45.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK Cookie set ca.html Show response
p.rfihub.com/ Frame BE16 118 B
733 B 148ms
40ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://p.rfihub.com/ca.html?ver=9&ra=114&rb=648&ca=&_o=17169175&_t=&pe=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&pf=&ra=7375122589223466
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash: c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76

Request headers

Host: p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNWV4jU0MzSxMDEzNra0MDEBACYp6U40AAAA; ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNUFAIZ9qP0lAAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNWV4jU0MzSxMDEzNra0MDEBACYp6U40AAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 29 Mar 2022 08:25:41 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNUFAIZ9qP0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

GET
H2

200

sync
live.rezync.com/
Redirect Chain

https://20822230p.rfihub.com/ca.html?rb=648&ca=20822230&ra=600690733&_o=17169175&_t=zx-cookie-match
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1870471593070615751

21 B
21 B

254ms
176ms

Image
application/javascript

13.32.24.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1870471593070615751
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.24.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-24-59.fra56.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
server: lighttpd/1.4.33
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 21
x-amz-cf-id: C9hZSojd8lvhY9qRBNuvfJ3w4F4UOpEZ5GbYcVb6uBbE0-wQ09xp2g==

Redirect headers

Location: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=d0ae33fb718b14c742c9cdf1dea83556&k=citi-prod-acct-pixel-3465&zmpID=citi-prod-acct&cid=1870471593070615751
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK cls_report Show response
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ 0
653 B 936ms
152ms XHR
text/plain 192.193.179.250
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?_cls_s=db0fa279-ac4c-4b15-a4c8-e1648145009f%3A0&_cls_v=077b40c8-b12d-471a-8c93-9d2b56b90c57

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.250 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains;
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: https://sit7.online.citi.com
access-control-allow-credentials: true
Connection: close
Content-Length: 0

GET
H/1.1 200
OK check.js;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B Show response
content22.online.citi.com/fp/ Frame A804 177 KB
45 KB 104ms
42ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jb=313524246a716d7d3d4e6b6e77782468716f3d4e6b6c7778266871623f4368706f6f672d30323a33

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f590b75b4b3a0d9130956fd09e16707aa83682913b620466a4180d572e01d73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 39b3503369943f07
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame A804 81 B
475 B 95ms
31ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&ck=0&m=1

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame A804 81 B
475 B 95ms
31ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 63068 Show response
stags.bluekai.com/site/ Frame 3503 71 B
338 B 248ms
188ms Document
text/html 92.123.150.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&phint=__bk_v%3D3.1.9&limit=10&r=78146650
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.150.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 44ee
Date: Thu, 04 Mar 2021 08:25:41 GMT
Connection: keep-alive
X-N: S

GET
DATA 200
OK truncated
/ 420 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 852bbf67c9988f8ed7e43118f914e581efb96fa4eb6d06eaf626672df92ce5fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 63068 Show response
stags.bluekai.com/site/ Frame 4C19 71 B
338 B 237ms
177ms Document
text/html 92.123.150.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&phint=__bk_v%3D3.1.9&limit=10&r=17912828
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.150.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 2f1b
Date: Thu, 04 Mar 2021 08:25:41 GMT
Connection: keep-alive
X-N: S

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a8bd777188932d2b2df487391af9407e3be9950db0f8b320afc62ff2a9accac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39461
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 32 KB
12 KB 55ms
55ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-916451471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

0fadbe1e06ca947cfe99260be96d47e427e047adb36abc1569b6650969de845c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12508
x-xss-protection: 0
server: cafe
etag: 14827443887830809553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Mar 2021 08:25:41 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

869fef14e7892b88913f53a769724bbef6ed1407fd06f921438d45a385cc4ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39460
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:41 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c23f2687d2f144dad7f5b5d0329c9a03b579c48bed171a8cf351a7667e0a9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39457
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:41 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8905e4f047710f1cf7f6e41017e31a44d5d83f8129d2e88812a6d4f82ff95f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39463
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 08:25:41 GMT

GET
H/1.1 200
OK check.js;CIS3SID=780030B7BF081357B79D204E480974E5 Show response
content22.online.citi.com/fp/ Frame F6DA 177 KB
45 KB 43ms
43ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&jb=333f24266a716d77354c696e757a2668736f3f4c6b6e7578246a71603d4168726f6d652530303a31

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3ff6ff39c24f3b22c2d2e22410bbac1e2370d489b4524ba454a8a2eaead3ad02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: de4ebd2cb6460762
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame F6DA 81 B
474 B 32ms
31ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&ck=0&m=1

Requested by

Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame F6DA 81 B
474 B 32ms
31ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1614846341750&cv=9&fst=1614846341750&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47566f08570cbfb4621e8eb6251ee4022d88d59b7b27fa501a0af71cdcd874ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1614846341752&cv=9&fst=1614846341752&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9814bc9c716eebeeb14bb20dfac370adea1544fe3a14813c1b4e81ab733bd502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1614846341756&cv=9&fst=1614846341756&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72fcc33b4e327db90c76e46d60f3ab682227388fe4ad1c3d772e9d740e280518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1614846341759&cv=9&fst=1614846341759&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8caac886ff7b7a11b2f1c19e6a66fcc376ff7a35dd5419a0b47a417e2820412a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1614846341761&cv=9&fst=1614846341761&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

086ae2b1cda93f64aece5e93388d24744f5d6178116b255ae1ccefea704b4768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame A804 81 B
536 B 95ms
31ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jb=313524246a716d7d3d4e6b6e77782468716f3d4e6b6c7778266871623f4368706f6f672d30323a33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/39b3503369943f0777bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a
Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 08:25:41 GMT
Last-Modified: Thu, 04 Mar 2021 08:25:41 GMT
Server: Apache
Etag: 2406b868904642dca67b1c88fa7875ed
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sit7.online.citi.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Tue, 03 Mar 2026 08:25:41 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B Show response
content22.online.citi.com/fp/ Frame 7F61 48 KB
12 KB 35ms
35ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4d78ebcf45698e13044f8fd2e4981639a3bef4d0d17035afc4c1e8b233860f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: content22.online.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CUUID=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a; Cf3YT7m=AJ-lV_x3AQAAsHGYJRp1lDEXx0ApkbZdt6Mg7iYNhDsNRDJuaf62iqKbot2V|1|0|ac7b0c347ceb28af2d21af8f47b54caa0c5c0bf9; check=true; bcsid=477B9D47B60A79A892AE17FA7E448E81; bmuid=1614846339227-A6651F3C-CA46-4ECE-8FE6-E5E8245BFD6F; cdContextId=2; second_tmx_sessionid=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a; experience=Uncookied; AKMTLTSID=4F77B391B127E0BFE3294FE4C8076F35; thx_guid=177712d032f54bfb9d6f7bca82ecf83b; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; _cls_v=077b40c8-b12d-471a-8c93-9d2b56b90c57; _cls_s=db0fa279-ac4c-4b15-a4c8-e1648145009f:0; _gcl_au=1.1.1754966344.1614846340; s_vi=[CS]v1|30204CC1AFCDF90E-600002862FAA9D1D[CE]; s_ecid=MCMID%7C04544682984465693434113173498121489686; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C18691%7CMCMID%7C04544682984465693434113173498121489686%7CMCAAMLH-1615451139%7C6%7CMCAAMB-1615451139%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614853539s%7CNONE%7CMCAID%7C30204CC1AFCDF90E-600002862FAA9D1D%7CMCSYNCSOP%7C411-18698%7CvVersion%7C3.1.2; cdSNum=1614846339759-sjn0000936-6a4c5eb8-9689-458a-8789-39f1390fee4f; BKDMP=; mbox=session#2496758f821f4203992db6a3e00db1b9#1614848201|PC#2496758f821f4203992db6a3e00db1b9.37_0#1678091141; mboxEdgeCluster=37; tmx_sessionid=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8; tmx_digitalApptype=PC_BROWSER
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Date: Thu, 04 Mar 2021 08:25:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 200
OK sid_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B Show response
h.online-metrix.net/fp/ Frame A302 55 KB
13 KB 109ms
35ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

b277be0a6606428f3c9ed2a75cf601a6331bf1859181f344c000da31ac543b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Date: Thu, 04 Mar 2021 08:25:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame A804 0
387 B 32ms
31ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jd=373a24246a646c353436246a64683f373032633432633136613432343639346365603a6b633536333e30613931386326686674663d32323230343a3436

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame A804 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B Show response
content22.online.citi.com/fp/ Frame AAC2 48 KB
12 KB 36ms
35ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

39d0d1d58b9139df75e7643ad60e4e0ad3b595336009b085a27cfc8af5264d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: content22.online.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CUUID=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a; Cf3YT7m=AJ-lV_x3AQAAsHGYJRp1lDEXx0ApkbZdt6Mg7iYNhDsNRDJuaf62iqKbot2V|1|0|ac7b0c347ceb28af2d21af8f47b54caa0c5c0bf9; check=true; bcsid=477B9D47B60A79A892AE17FA7E448E81; bmuid=1614846339227-A6651F3C-CA46-4ECE-8FE6-E5E8245BFD6F; cdContextId=2; second_tmx_sessionid=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a; experience=Uncookied; AKMTLTSID=4F77B391B127E0BFE3294FE4C8076F35; thx_guid=177712d032f54bfb9d6f7bca82ecf83b; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; _cls_v=077b40c8-b12d-471a-8c93-9d2b56b90c57; _cls_s=db0fa279-ac4c-4b15-a4c8-e1648145009f:0; _gcl_au=1.1.1754966344.1614846340; s_vi=[CS]v1|30204CC1AFCDF90E-600002862FAA9D1D[CE]; s_ecid=MCMID%7C04544682984465693434113173498121489686; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C18691%7CMCMID%7C04544682984465693434113173498121489686%7CMCAAMLH-1615451139%7C6%7CMCAAMB-1615451139%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614853539s%7CNONE%7CMCAID%7C30204CC1AFCDF90E-600002862FAA9D1D%7CMCSYNCSOP%7C411-18698%7CvVersion%7C3.1.2; cdSNum=1614846339759-sjn0000936-6a4c5eb8-9689-458a-8789-39f1390fee4f; BKDMP=; mbox=session#2496758f821f4203992db6a3e00db1b9#1614848201|PC#2496758f821f4203992db6a3e00db1b9.37_0#1678091141; mboxEdgeCluster=37; tmx_sessionid=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8; tmx_digitalApptype=PC_BROWSER
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame A804 0
218 B 33ms
33ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&ja=3431322426613f3e3024783d343024643f313632327a333230322461643d313430327a39303232267b7a793d3070302666707235312e393638302c313032302c333432322c333038302e333632302e333030302e333432302c333030322c302e3024716b663f30342e6e683d687c74707125334925304e253a46736976352e6f6c6e6b6c652c6161746b2c636d6d27304455532730446e6f676b6c2e666f2666723f24606a3f673038343734643b63373b37363b36326d656a353337643461313b64636132642462736d3f4c6b6e777a246a73603f416a726f6f67253030383126687167773f4e69667778266e60633d33362666646f35382e747a643f4775726d7267273244406d726e6b6e246d63766a723d363232316431613062676330306534616b3734323030306164313d35343231666c343730383934316434676161303666613936636e62663532313131333b366124723f726c75656b6e5d666c63736a5c6e636e716529726c7567616e5f75696e6c6f757b5f65656469635d706c637b67705e646364736723706e75656b6c5f61666d60675f6161706f6061745c66636e7b6723726c7d65696e5f797569616b74616d675666696c736523726c75656b6c5d736a6d6b6b756376675e64636e736523726e7767696c5d7267616c726c637b6d705c646164716521706475676b6e5f7e6c61577064617965705c66616e716723706e776f696c5d646776636e74725e64636e716521726e7565696e5d73746557746b67776d705e666164736523706c7d676b665f626176615c64616c7167246778313f6b38366434356435343b6362313563313463303265306439336664353b3a36326369353035613c632661636435323238303830&jb=33373b246c733f456f786b6c6e61273044352e32273032284d6361696c746f716827314a273032496676656c253a304d6363253a304d5b253a305825303231305d33365d352b273a304372706e655567604b69762730443533352c333425323228494a5c4f4e27324b2732306c616b652732304f6561636f21253230416a726f6f672730463a3126302c363132332c343325323251636461726b2732443533352e3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5klfzgmlqdh4cyzsuv2vzejs65xhhzl44j39b3503369943f07am1.e.aa.online-metrix.net/fp/ Frame A804 81 B
438 B 111ms
31ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5klfzgmlqdh4cyzsuv2vzejs65xhhzl44j39b3503369943f07am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 offers.jws Show response
sit7.online.citi.com/US/REST/personalization/uncookied/ 6 KB
2 KB 183ms
182ms XHR
text/plain 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sit7.online.citi.com/US/REST/personalization/uncookied/offers.jws
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a10db873a9e01a6102fd8ca34167699f78829ed06f445fc035584883e2261bd0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sit7.online.citi.com/US/login.do
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
content-encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
cid: us-mt-srv1
x-akamai-citisite: GTDC
jid: 210304032540011654000638
vary: Accept-Encoding
content-language: en-US
content-type: text/plain;charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, must-revalidate, proxy-revalidate, no-store
x-robots-tag: noindex, nofollow
content-length: 1909
x-ua-compatible: IE=edge

GET
H/1.1

200
OK

citi.action
www.citi.com/credit-cards/rfuidmatch/
Redirect Chain

https://p-preprd.rfihub.com/uidm?_o=17169175&_u=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a&_sm=:R22534S@B348QgC24944S@B348QgC2232L2@B348QgS2233L2@B348QgS28259S1@B348QgS28266S1@B348QgS28267S1@B348QgS28227...
https://www.citi.com/credit-cards/rfuidmatch/citi.action?XP_UID=SY-00GfVAAPNu3Mc=411

0
904 B

610ms
539ms

Image
text/html

104.70.84.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.citi.com/credit-cards/rfuidmatch/citi.action?XP_UID=SY-00GfVAAPNu3Mc=411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.84.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-163.deploy.static.akamaitechnologies.com
Software: / Servlet/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 08:25:43 GMT
X-Akamai-CITISITE: SWDC
X-Powered-By: Servlet/3.0
Content-Language: en-US
P3P: policyref="/w3c/p3p.xml"\,CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: no-cache="set-cookie, set-cookie2"
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=edge, IE=edge
Connection: keep-alive
Content-Type: text/html
Content-Length: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location: https://www.citi.com/credit-cards/rfuidmatch/citi.action?XP_UID=SY-00GfVAAPNu3Mc=411
Cache-Control: no-cache
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 66ef20b673e69fa3dc9034eda23fddcf.js Show response
nexus.ensighten.com/citi/na_stage/code/ Frame A804 356 KB
110 KB 35ms
35ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/66ef20b673e69fa3dc9034eda23fddcf.js?conditionId0=3013337
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/code/66ef20b673e69fa3dc9034eda23fddcf.js?conditionId0=3013337
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f2b79bba24ea617060ee8f7491d0cf167d999d158a0b1e7b8ecb535fe1381335

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 02:31:49 GMT
server: nginx
etag: W/"60404695-5915c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 66ef20b673e69fa3dc9034eda23fddcf.js Show response
nexus.ensighten.com/citi/na_stage/code/ Frame F6DA 356 KB
110 KB 43ms
43ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_stage/code/66ef20b673e69fa3dc9034eda23fddcf.js?conditionId0=3013337
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_stage/code/66ef20b673e69fa3dc9034eda23fddcf.js?conditionId0=3013337
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f2b79bba24ea617060ee8f7491d0cf167d999d158a0b1e7b8ecb535fe1381335

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 02:31:49 GMT
server: nginx
etag: W/"60404695-5915c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK clear.png Show response
content22.online.citi.com/fp/ Frame F6DA 81 B
535 B 32ms
31ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&jb=333f24266a716d77354c696e757a2668736f3f4c6b6e7578246a71603d4168726f6d652530303a31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/de4ebd2cb6460762192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8
Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Last-Modified: Thu, 04 Mar 2021 08:25:42 GMT
Server: Apache
Etag: 4608e3d3c55642578fa0b1f3bcd6aa41
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://sit7.online.citi.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Tue, 03 Mar 2026 08:25:42 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5 Show response
content22.online.citi.com/fp/ Frame 11C4 48 KB
12 KB 96ms
96ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8a95ca789963c22b07be4098ecbd3e50788f5395faf0ad1321d609edc0ea7ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: content22.online.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CUUID=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a; Cf3YT7m=AJ-lV_x3AQAAsHGYJRp1lDEXx0ApkbZdt6Mg7iYNhDsNRDJuaf62iqKbot2V|1|0|ac7b0c347ceb28af2d21af8f47b54caa0c5c0bf9; check=true; bcsid=477B9D47B60A79A892AE17FA7E448E81; bmuid=1614846339227-A6651F3C-CA46-4ECE-8FE6-E5E8245BFD6F; cdContextId=2; second_tmx_sessionid=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a; experience=Uncookied; AKMTLTSID=4F77B391B127E0BFE3294FE4C8076F35; thx_guid=177712d032f54bfb9d6f7bca82ecf83b; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; _cls_v=077b40c8-b12d-471a-8c93-9d2b56b90c57; _cls_s=db0fa279-ac4c-4b15-a4c8-e1648145009f:0; _gcl_au=1.1.1754966344.1614846340; s_vi=[CS]v1|30204CC1AFCDF90E-600002862FAA9D1D[CE]; s_ecid=MCMID%7C04544682984465693434113173498121489686; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C18691%7CMCMID%7C04544682984465693434113173498121489686%7CMCAAMLH-1615451139%7C6%7CMCAAMB-1615451139%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614853539s%7CNONE%7CMCAID%7C30204CC1AFCDF90E-600002862FAA9D1D%7CMCSYNCSOP%7C411-18698%7CvVersion%7C3.1.2; cdSNum=1614846339759-sjn0000936-6a4c5eb8-9689-458a-8789-39f1390fee4f; BKDMP=; mbox=session#2496758f821f4203992db6a3e00db1b9#1614848201|PC#2496758f821f4203992db6a3e00db1b9.37_0#1678091141; mboxEdgeCluster=37; tmx_sessionid=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8; tmx_digitalApptype=PC_BROWSER
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 200
OK sid_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5 Show response
h.online-metrix.net/fp/ Frame 5CEC 55 KB
13 KB 36ms
35ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

549d24ec833c78c684e55e878c2d76bcd44aa9f9c9bcd9ab585187b6a3ed3b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame F6DA 0
387 B 32ms
31ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&jd=353e24266a646c3f3c34266a666a3d37323261363261333663363236343b346165623863633736313630633b333261266866766e3f3032353a3436

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame F6DA 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5 Show response
content22.online.citi.com/fp/ Frame 6CE3 48 KB
12 KB 84ms
84ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a71d91b7846711060fd13cb1d21393be31b6600ba56373895b988478a342613e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: content22.online.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sit7.online.citi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CUUID=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a; Cf3YT7m=AJ-lV_x3AQAAsHGYJRp1lDEXx0ApkbZdt6Mg7iYNhDsNRDJuaf62iqKbot2V|1|0|ac7b0c347ceb28af2d21af8f47b54caa0c5c0bf9; check=true; bcsid=477B9D47B60A79A892AE17FA7E448E81; bmuid=1614846339227-A6651F3C-CA46-4ECE-8FE6-E5E8245BFD6F; cdContextId=2; second_tmx_sessionid=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a; experience=Uncookied; AKMTLTSID=4F77B391B127E0BFE3294FE4C8076F35; thx_guid=177712d032f54bfb9d6f7bca82ecf83b; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; _cls_v=077b40c8-b12d-471a-8c93-9d2b56b90c57; _cls_s=db0fa279-ac4c-4b15-a4c8-e1648145009f:0; _gcl_au=1.1.1754966344.1614846340; s_vi=[CS]v1|30204CC1AFCDF90E-600002862FAA9D1D[CE]; s_ecid=MCMID%7C04544682984465693434113173498121489686; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C18691%7CMCMID%7C04544682984465693434113173498121489686%7CMCAAMLH-1615451139%7C6%7CMCAAMB-1615451139%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614853539s%7CNONE%7CMCAID%7C30204CC1AFCDF90E-600002862FAA9D1D%7CMCSYNCSOP%7C411-18698%7CvVersion%7C3.1.2; cdSNum=1614846339759-sjn0000936-6a4c5eb8-9689-458a-8789-39f1390fee4f; BKDMP=; mbox=session#2496758f821f4203992db6a3e00db1b9#1614848201|PC#2496758f821f4203992db6a3e00db1b9.37_0#1678091141; mboxEdgeCluster=37; tmx_sessionid=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8; tmx_digitalApptype=PC_BROWSER
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sit7.online.citi.com/

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
content22.online.citi.com/fp/ Frame F6DA 0
218 B 85ms
84ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&ja=363b322626613f3438267a3d363226643d3134303278313232302463663f31363030783130303224737a7b3f327a32266670703d332c393430302e3130303024313e32302c333032382c313630322c333230322c333630302e313032302e302c30267363663d3036266e6a3f6a7676707125314127324e273246716976372e676e646b6e652c616b7c692e636f6f25304655512530466c6f65696c2c646d2664723d26686a3d3a6135363b64673567396763366633613c61626630376030353166313262636024687b6f3d4c696c757a266a71623f4368726d6d672732323833266a736f773d4e6b6e777a246c6a613d3336246e666d353a267478643f45757a6f786725324440677a6c696e266f617668723f3432303364336330606561303265366363373632323830636633373734323164643635303a3134336434656169323c6663393663646a6437323333333339366326723d706c77676b6c5f646c6173685e66636c716721726e77656b6c5f75696c646d777b5d6d656669635f7064617167725e64636e7b6521706c77676b6e5f63646d62655f6363706d6263745e66616c736721726e75656b6c5d737769616b76696f655664616c716523706c7d67616c5f736a6d6163776176655c66636c736721726c75676b6e5d7065636c706c617965705e64636c716723726e77676b6e5d766e6357726c617b65705e66696c7b6721706e7765616e5f646574616e76725c66636c736523706e77676b6e5f7376675f7469677565705c64636e716523706e756569665d6a6174615c666164736d246578313f61303466343766373439636033356133346132326732663931666637333a34326161353237633661266163663d303038323030&jb=313d3b266c733f4f677a696c6c63253046352c30273230284f61616b6e766f73682533422732324b6e76676e2730324d63632732324f5b2732305a25303031385f39365f352b2730384170706c675767624b6b742732463531372c3136273230284b48544f4c2730432730326e6b6965273232476763636d29253030416872676d6d2732463a312c382e343130312e34312530305161666170692730463733372e3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 08:25:42 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
89oebq5klbn4cxvhcz5hysrdzuwxt654tdk2kotide4ebd2cb6460762am1.e.aa.online-metrix.net/fp/ Frame F6DA 81 B
438 B 109ms
31ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://89oebq5klbn4cxvhcz5hysrdzuwxt654tdk2kotide4ebd2cb6460762am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
66 B 56ms
56ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1614846341752&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=2840295581&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1614846341752&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=2840295581&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
66 B 58ms
58ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1614846341750&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=4109915640&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/916451471/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/916451471/?random=1614846341750&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=4109915640&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
66 B 62ms
61ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1614846341756&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=3581030908&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/644574043/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/644574043/?random=1614846341756&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=3581030908&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
318 B 29ms
27ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1614846341759&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=3447129795&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/830907969/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830907969/?random=1614846341759&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=3447129795&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
66 B 28ms
28ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1614846341761&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=3830347605&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/960621875/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960621875/?random=1614846341761&cv=9&fst=1614844800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=3830347605&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 s22295548976842 Show response
metrics1.citi.com/b/ss/citiuscombdev/1/JS-2.9.0/ 43 B
469 B 129ms
43ms XHR
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics1.citi.com/b/ss/citiuscombdev/1/JS-2.9.0/s22295548976842

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 05 Mar 2021 08:25:42 GMT
server: jag
xserver: anedge-5955cb7dcf-gqjpz
etag: 3467856114364940288-4621616899013063502
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://sit7.online.citi.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Wed, 03 Mar 2021 08:25:42 GMT

OPTIONS
H/1.1 200
OK metrics
dit.api.citi.com/gcgapi/uat3/public/v1/digital/reporting/ Frame 0
0 333ms
241ms Preflight 23.79.157.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dit.api.citi.com/gcgapi/uat3/public/v1/digital/reporting/metrics
Protocol: HTTP/1.1
Server: 23.79.157.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-157-69.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: channelid,client_id,content-type,countrycode,scope
Origin: https://sit7.online.citi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Backside-Transport: FAIL FAIL
Access-Control-Allow-Methods: GET,POST,PUT,DELETE
Access-Control-Allow-Origin: https://sit7.online.citi.com
Access-Control-Allow-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,customerType,blackbox,devicePrint,deviceTokenCookie,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,screenId,categoryCode,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,environmentId,sid,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,Uuid,appVersion,consumerappname,fprNgaFlow,devicemodelname,kore-token
Access-Control-Expose-Headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,customerType,blackbox,devicePrint,deviceTokenCookie,appId,AMWResponse,TMXSessionId,action,challengeType,tenantName,consumerOrg,screenId,categoryCode,locationId,digitalApplicationType,familyIndicator,TMXDigitalApplicationType,RequestUrl,RequestContext,RequestMethod,BioCatchSessionId,tenantId,frameworkVersion,computed,accept-compression-kyc,idseventdata_product,idseventdata_version,idseventdata_csi,deviceId,subscriberId,CitiProfOnly,environmentId,sid,serviceVersion,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,Dclocation,Uuid,appVersion,consumerappname,fprNgaFlow,devicemodelname,kore-token
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 0
Vary: Accept-Encoding
Date: Thu, 04 Mar 2021 08:25:42 GMT
Connection: keep-alive

GET
H2 200 HP8764_H2.jpg
sit7.online.citi.com/JRS/banners/hero_background/ 196 KB
196 KB 464ms
464ms Image
image/jpeg 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/JRS/banners/hero_background/HP8764_H2.jpg
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6f76589585a8e6aa963b9d8383c6369dee410c68ef8fbef5df7abef4b6ce5fa1

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Thu, 08 Oct 2020 21:56:16 GMT
x-akamai-citisite: GTDC
etag: "2534f-30f1b-5b12fe6b8c000"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/jpeg
content-length: 200475

GET
H2 200 arrow-btn-next-blue-sm-bold.svg
sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 918 B
770 B 173ms
173ms Image
image/svg+xml 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-blue-sm-bold.svg
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67

Request headers

Referer: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
content-encoding: gzip
content-type: image/svg+xml
last-modified: Wed, 22 Apr 2020 19:06:29 GMT
x-akamai-citisite: GTDC
etag: "180c4b-396-5a3e5d4591740"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 499

GET
H2 200 HP_Hero_LazyLoad.jpg
sit7.online.citi.com/JRS/banners/modules/ 10 KB
10 KB 93ms
93ms Image
image/jpeg 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/JRS/banners/modules/HP_Hero_LazyLoad.jpg
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/US/login.do
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b5b99c97960d130c44fad1acc54bba0644286e0fd6d3899e3027392ab7de9cc8

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 22 Apr 2020 19:06:32 GMT
x-akamai-citisite: GTDC
etag: "248e4-2683-5a3e5d486de00"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/jpeg
content-length: 9859

POST metrics
dit.api.citi.com/gcgapi/uat3/public/v1/digital/reporting/ 0
0

GET
H2 200 HP_Hero_LazyLoad_1120x630.jpg
sit7.online.citi.com/JRS/banners/modules/ 12 KB
12 KB 96ms
95ms Image
image/jpeg 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/JRS/banners/modules/HP_Hero_LazyLoad_1120x630.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e18c28c95bea1af6b2187c6a35eb651dccabfb2212e529b6edd4a2e2f4c39ea8

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 22 Apr 2020 19:06:32 GMT
x-akamai-citisite: GTDC
etag: "248de-3075-5a3e5d486de00"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/jpeg
content-length: 12405

GET
H2 200 CMI_HidingSpots_3-Up_Image.jpg
sit7.online.citi.com/JRS/banners/modules/ 97 KB
97 KB 514ms
512ms Image
image/jpeg 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/JRS/banners/modules/CMI_HidingSpots_3-Up_Image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cd86be0645b0f2ba2f6a9eb8e8324a01cb93ef12726f1b46140c6af89164d726

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 22 Apr 2020 19:06:32 GMT
x-akamai-citisite: GTDC
etag: "2493a-1827f-5a3e5d486de00"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/jpeg
content-length: 98943

GET
H2 200 3-Up_M1M7_Photo.jpg
sit7.online.citi.com/JRS/banners/modules/ 95 KB
95 KB 111ms
109ms Image
image/jpeg 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/JRS/banners/modules/3-Up_M1M7_Photo.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14c86696e46dc18eb89cb0d32055bd16b9a9f06da0fcbc0af3481fb0aa2c2cfe

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 09 Dec 2020 18:30:29 GMT
x-akamai-citisite: GTDC
etag: "253ad-17bd3-5b60c40f1bb40"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/jpeg
content-length: 97235

GET
H2 200 8150_M.jpg
sit7.online.citi.com/JRS/banners/modules/ 72 KB
72 KB 521ms
520ms Image
image/jpeg 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/JRS/banners/modules/8150_M.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ac5765dee0ca74b3ffb169f12880229be905b412bdcc9c87649b3040f5aa688a

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Mon, 03 Aug 2020 19:28:57 GMT
x-akamai-citisite: GTDC
etag: "24925-11f5f-5abfe26599040"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/jpeg
content-length: 73567

GET
H2 200 8147_M.jpg
sit7.online.citi.com/JRS/banners/modules/ 63 KB
63 KB 518ms
517ms Image
image/jpeg 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/JRS/banners/modules/8147_M.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f268dcdb7e59e888bf611ab61e2235cb56ca24dc5e5bfd1dcb1cba3c5e56441e

Request headers

Referer: https://sit7.online.citi.com/US/login.do
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 22 Jul 2020 14:21:47 GMT
x-akamai-citisite: GTDC
etag: "24881-fba2-5ab0875bd94c0"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/jpeg
content-length: 64418

GET
H2 200 s23161686587499
metrics1.citi.com/b/ss/citinadev/1/JS-2.0.0/ 43 B
367 B 46ms
45ms Image
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics1.citi.com/b/ss/citinadev/1/JS-2.0.0/s23161686587499?AQB=1&ndh=1&pf=1&t=4%2F2%2F2021%209%3A25%3A42%204%20-60&fid=7DEB359CF387D700-3190A955B5A7FC92&ce=UTF-8&pageName=Non%20Cookied%20Username%20Password&g=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&c.&visitStart=1&.c&cc=USD&ch=CBOL&c1=Public&h1=CBOL%2FPublic%2FSignOn%2F%2F&c2=SignOn&l3=1%3AHYSA_MarkExp_APY%7C5%3ACPWM_0820_M8%7C6%3ABlue_FinancialSelfCare%7C7%3AGENDERPAYBAN%7C2%3A3up%3AQ2CMI_2020_Hide%7C3%3A3up%3ACHECK21_UT700%7C4%3A3up%3Adiam_citicomREDPE_aug2016%7C&c8=pre-login%20Sign%20on%20page&c9=US&v9=f81124822a0645978f36eee90bc85676%7CPRD%7CB178_01%7CI000&c11=english&c25=%5BCS%5Dv1%7C30204CC1AFCDF90E-600002862FAA9D1D%5BCE%5D&c26=success%7C66809592&c27=f81124822a0645978f36eee90bc85676%7CPRD%7CB178_01%7CI000&c37=na_stage&v38=Non%20Cookied%20Username%20Password&v42=en_US_USPTL&v52=HYSA_MarkExp_APY%7C1%7Chero-one%2CQ2CMI_2020_Hide%7C2%7Cmod-two%2CCHECK21_UT700%7C3%7Cmod-two%2Cdiam_citicomREDPE_aug2016%7C4%7Cmod-two%2CCPWM_0820_M8%7C5%7Cmod-seven%2CBlue_FinancialSelfCare%7C6%7Cmod-one%2CGENDERPAYBAN%7C7%7Cmod-three%7EN&c59=jUSCBOL_Loginpage_Uncookied&c61=20&v62=0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a&c63=https%3A%2F%2Fsit7.online.citi.com%2FUS%2Flogin.do&c64=3%3A25AM&v64=3%3A25AM&c65=Thursday&v65=Thursday&c66=Thursday%7C3%3A25AM&v67=New&v68=1&c69=not%20logged%20in&c73=373773%2C622672%2C578278%2C624610%2C358910%2C552021%2C354602%2C490004%2C677895%2C494437%2C652314%2C385436%2C522572%2C663315%2C495374%2C666421%2C663313%2C632449%2C588511%2C515853%2C495377%2C495375%2C490141%2C663310%2C495376%2C522574%2C551962%2C670807%2C626438%2C573017%2C593700%2C522576%2C584566%2C582775%2C562734%2C531459%2C593103%2C600937%2C507276%2C639140%2C542251%2C555592%2C359214%2C486892%2C571630%2C551970%2C572750%2C572752%2C569456%2C388219%2C633148%2C662152%2C565689%2C609396%2C606935%2C669327%2C578262%2C669322%2C512346%2C669381%2C578343%2C521100%2C510670%2C609397%2C623461%2C620980%2C508299%2C534325%2C359218%2C528144%2C423185%2C369351%2C488122&v73=medium%7C1600&v78=Yes&v79=50667fa3-046a-427a-b894-c6167b1b6246&v85=I000&v87=sit7.online.citi.com&v96=sv%7Cbos%3A1%7Cdsa%3A1%7Cax%3A1%7Cdsr%3A1%7Crf%3A1%7Ccms%3A1&v114=183_3_0%20citi.com%20Homepage-Offers-Banners%20Displayed&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 05 Mar 2021 08:25:42 GMT
server: jag
xserver: anedge-5955cb7dcf-8n4c8
etag: 3467856114507841536-4621742622932116877
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 03 Mar 2021 08:25:42 GMT

GET
H2 200 generic1614270954678.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 346 KB
69 KB 692ms
692ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1614270954678.js
Requested by: Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d03f730d2626ef6622db57daa7faf7ee70e61c5bef2352a9960d9a3dc16d5b3

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: a1yBNwX2LULVlmSlNrxemmqA728Lvspk
content-encoding: gzip
etag: "c12c16802c0865a237fd74ec1b35dcfc"
age: 0
via: 1.1 varnish
x-cache: HIT
content-length: 70890
x-amz-id-2: pDoOS84EBC6Ahq6cPYjXItaXUC3ite/ya6L8j0Cy1BGRjw/AVR19Jerwt6050gLukMwKmVytgLw=
x-served-by: cache-cph20642-CPH
last-modified: Thu, 25 Feb 2021 16:35:55 GMT
server: AmazonS3
x-timer: S1614846343.532888,VS0,VE670
date: Thu, 04 Mar 2021 08:25:43 GMT
vary: Accept-Encoding
x-amz-request-id: 594A658A04CFB5A0
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 204
204 clear1.png;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B
content22.online.citi.com/fp/ Frame A804 0
386 B 36ms
35ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jf=36333424736b6657726c663d7664705d367a317356654e5a7237524d5673715126716b6c5d6663746d3f3136313c38343433343a2671616457747970673f7765603867616471632e736b665f69657b3f3130353b313233333034323730613834343a616d3166323238333036303032613a36343063673b643833303132353033363032323036636d663432383335323132313931673a6365356635373631613b613a326c3537616331613961376a61363b34383839333e386e39323761333935353367303561333c35646063313832313030353461306632653766343a6534336331336e663231316c333934633136646430313f33366c636939333937616330603b35633766247b69665d736b673f31323435323030333030673437666535613635323e63613262693662643769643432313731366439626a6632383a333835606161333932323d656330626439313336306331343b66316632303232363161616133393a643a376e673836363a37366461323164356a336c39316131366561606330336536333935333362643135353134663531646434376661333626736b66703f38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=780030B7BF081357B79D204E480974E5
content22.online.citi.com/fp/ Frame F6DA 0
386 B 37ms
36ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear1.png;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&jf=34393626736b665d7a6e643d7466725d4b315874534c314b30494a6a62403358267369645d646376653f333433363a3434333632247361665f747b70673d776d62326763647163247b69645f6b67793f33303739313031333236323532633836343863653164323030333234323a30613a36363861653b66303332313237303b343a323030363734396662626463353a33383a663733323930613561613634643763343666623b37336430613b673a636430613837366a61343367626164653c6669676233646763303134316437323b303936333b3466326665313538603930613063666731313b383b3636606431343764316233636c606438323632636539623b60303233247161645f7369653d3130343630303230316734613133373135616630356730333330373a633664376267343a6134663a36386230383036633a316a6334373060363b6135333333653b333030303264323030323237626162616636393066616437313b373b663464393430373835383830363135313264393c636b6331643a64603b35643961373737653231343565303266643524736b66723d30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Citi-Branding-Sprite.png
sit7.online.citi.com/GFC/branding/img/ 5 KB
5 KB 89ms
88ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/img/Citi-Branding-Sprite.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609

Request headers

Referer: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
etag: "329-1358-5a3e5d4685980"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 4952

GET
H2 200 googlePlay_2px.png
sit7.online.citi.com/GFC/branding/responsivebranding/img/ 9 KB
9 KB 89ms
88ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/img/googlePlay_2px.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c4287f94e9dc9cda82125a6f528b0d4dcd8c2e9ee26b899c4481490312b146a

Request headers

Referer: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
etag: "212-2427-5a3e5d4685980"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 9255

GET
H2 200 appStore_2px.png
sit7.online.citi.com/GFC/branding/responsivebranding/img/ 8 KB
8 KB 94ms
93ms Image
image/png 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/img/appStore_2px.png
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e1950e9fecaa7d00944c88becb315026208890e3d9ffe2545504105e181ad47

Request headers

Referer: https://sit7.online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
last-modified: Wed, 22 Apr 2020 19:06:30 GMT
x-akamai-citisite: GTDC
etag: "210-2050-5a3e5d4685980"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
x-robots-tag: noindex, nofollow
accept-ranges: bytes
content-type: image/png
content-length: 8272

GET
H2 200 arrow-btn-next-white-sm-bold.svg
sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 918 B
767 B 215ms
215ms Image
image/svg+xml 104.70.85.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sit7.online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-white-sm-bold.svg
Requested by: Host: sit7.online.citi.com
URL: https://sit7.online.citi.com/loginpage/styles/homePage.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.70.85.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-85-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f918cd256712c03a1b88007176cabf623cc63740e919d35a217c18dc7ebe607

Request headers

Referer: https://sit7.online.citi.com/loginpage/styles/homePage.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:25:42 GMT
content-encoding: gzip
content-type: image/svg+xml
last-modified: Wed, 22 Apr 2020 19:06:29 GMT
x-akamai-citisite: GTDC
etag: "180c50-396-5a3e5d4591740"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 496

GET
H/1.1 204
204 clear1.png;CIS3SID=6B8EBC0080D7875F92ADAD188EFDF125
h.online-metrix.net/fp/ Frame A302 0
386 B 35ms
35ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=6B8EBC0080D7875F92ADAD188EFDF125?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jf=36333424736b6657726c663d7664705d6a6669335571314c544b6c47355a765526716b6c5d6663746d3f3136313c38343433343a2671616457747970673f7765603867616471632e736b665f69657b3f3130353b313233333034323730613834343a616d3166323238333036303032613a36343063673b6438333031323530333630323230363b3a61336330373766633536323334313030653436333b3864303563633834333b393a616665333037663b65326966613e633031376536326366613a63666131336e6332663863623a323033633336613763616637313434353b6634323f346761306a633861363d62666162653f643a6e396a33313366373333643b60346564247b69665d736b673f31323435323030333030613136613330363667673d6464323731343333353a31336066646b3164393439666436603063363b3066323366663f666066363a61303a3734383b373a6332303230323231656132333b6d3560606238373439623134363b36336931316e343f653530343637333b643464653666696531643636313a306765376035603236333633356126736b66703f39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=B2D81CAA42362016ABB33DA65CB8004B?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame A804 0
387 B 32ms
32ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jac=1&je=33333a2426726f357967712660617671763d7b206e6774656c2038312c30302e227176697677712232206368617a67696c67227526637d64603d663966633039603530336633633e62646361346632323365633b3136373832616135323731343267603a6035633630333938343035626766303c37636c373f31

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=0E230DC32FB9221E7401E62D871FFA8D
h.online-metrix.net/fp/ Frame 5CEC 0
386 B 48ms
37ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=0E230DC32FB9221E7401E62D871FFA8D?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&jf=34393626736b665d7a6e643d7466725d6f3958414b733064507744326d756339267369645d646376653f333433363a3434333632247361665f747b70673d776d62326763647163247b69645f6b67793f33303739313031333236323532633836343863653164323030333234323a30613a36363861653b66303332313237303b343a3230303630313a3962363137633365343764633462646163673732363864343138316032643435356361643133643b63303563343e37356660663466643e62696337333063606a63653036306134316132633630393760383732366162343261623631393267653730663037363963633a6467663b316630303935626438346937303164247161645f7369653d3130343630303230363362363062326166373161613064363663343a3b31613b3032656763333331643437353264386638646e646335303b323e6139653234303b6232673863336530303232306663353063303934373237663660363b303767363232346364303e37366432643335303930316632383b3a313a66653631676667353563363230383161383424736b66723d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=780030B7BF081357B79D204E480974E5?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame F6DA 0
387 B 32ms
32ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8&nonce=de4ebd2cb6460762&pageid=1&jac=1&je=313f3426267567607a74635f657a7467726e636c5d69703d3a322c3330302e32302e32333726756b6d3f7567607076635d696c74677266636c5f6f646c7326786d357b65732460637c73743d7b206c6776656e2238312e30322c20717463747573223a2261686370676b6c65207f246177646a3d64396c633039603730316639613e60666163346438303165633b333635383063613530373336306762306237613638313b38363a356067643236356166373531

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content22.online.citi.com/fp/ Frame A804 0
387 B 32ms
31ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a&nonce=39b3503369943f07&pageid=1&jac=1&je=373a24247767607a74615d657a7467706c616c5d6b723f38322c3330302e32322e30313d24756b6d35756562727c635f6b6e746d726c696c576d646e71

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 08:25:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 104ms
32ms Script
application/javascript 151.101.113.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1614270954678.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 0
via: 1.1 varnish
x-cache: HIT
x-amz-request-id: AFC82D53332A02CA
x-amz-id-2: W6rukdJDPzB+MuEphf1dAb6RuUgeswcum3f9clWP8WzztxGh/VeUtairNR+dW0fFvHHkDlpuYpY=
x-served-by: cache-hhn4064-HHN
accept-ranges: bytes
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1614846343.350897,VS0,VE0
date: Thu, 04 Mar 2021 08:25:43 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 5197
x-cache-hits: 6298

GET
H2 200 1586350506667_CTA_Feedback(final).png
resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/ 2 KB
2 KB 706ms
706ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/1586350506667_CTA_Feedback(final).png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: idMqebtwObEX2qqk_ay171vmXd3OX_D2
content-encoding: gzip
etag: "e6ed675f115fb1568bb1aabc00aa3f30"
age: 0
via: 1.1 varnish
x-cache: MISS
content-length: 2219
x-amz-id-2: wEZFJUPJPblaAlRn61P2V5bNNdTHRZpphpWrO41VUqr4TtyQgebHFpB/WqB0/RfHHOqmfvdh6nc=
x-served-by: cache-cph20642-CPH
last-modified: Wed, 08 Apr 2020 12:55:17 GMT
server: AmazonS3
x-timer: S1614846343.298628,VS0,VE687
date: Thu, 04 Mar 2021 08:25:43 GMT
vary: Accept-Encoding
x-amz-request-id: A8E93555FD09B6B0
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: image/png
x-cache-hits: 0

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
317 B 241ms
150ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYxNDg0NjM0MzM3MCIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDEsInVzZXJfaWQiOiAiMTc3ZmM1N2I4YzgxM2MtMGM3MGVkMTg1ZGUyM2UtMWIzOTYyNTYtMWQ0YzAwLTE3N2ZjNTdiOGM5YTU0IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLWNpdGkiLCJhY2NvdW50SWQiOiA0OSwidXJsIjogImh0dHBzOi8vc2l0Ny5vbmxpbmUuY2l0aS5jb20vVVMvbG9naW4uZG8iLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiOTc1YS04ZTc2LWEyYzctMmQxYS0zOTFjLTRkYzYtNzA3MS03NTkwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2MTQ4NDYzNDMyNjciLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMzgyNSwia2FtcHlsZV92ZXJzaW9uIjogIjIuMzYuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuMzYuMSIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTYxNDg0NjM0MzI3MywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-blue-x2gc
date: Thu, 04 Mar 2021 08:25:43 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

POST
H/1.1 200
OK cls_report Show response
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ 7 KB
1 KB 786ms
328ms XHR
application/json 192.193.179.250
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?clsjsv=6.3.120B175&_cls_s=db0fa279-ac4c-4b15-a4c8-e1648145009f:0&_cls_v=077b40c8-b12d-471a-8c93-9d2b56b90c57&pid=52fa191a-d824-4eb4-9575-217622bb95a5&sn=1&cfg&aid=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.250 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

9919d19f3a7d94db13f36c9b4e0e4fe0eb3c0b9b622221a5a7389e0996e3d1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 04 Mar 2021 08:25:52 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: https://sit7.online.citi.com
access-control-allow-credentials: true
Connection: close
content-length: 852

POST
H/1.1 200
OK cls_report Show response
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ 7 KB
1 KB 796ms
338ms XHR
application/json 192.193.179.250
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.250 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

4c7d31f9170d7378bd7c871c70214ab4c352f1a6608f9c6ef7d7fb670d7c0fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 04 Mar 2021 08:25:53 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: https://sit7.online.citi.com
access-control-allow-credentials: true
Connection: close
content-length: 847

POST
H/1.1 200
OK cls_report Show response
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ 7 KB
1 KB 612ms
153ms XHR
application/json 192.193.179.250
CITIGROUP

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.179.250 , United States, ASN25883 (CITIGROUP, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

9919d19f3a7d94db13f36c9b4e0e4fe0eb3c0b9b622221a5a7389e0996e3d1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sit7.online.citi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 04 Mar 2021 08:25:54 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: GTDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: https://sit7.online.citi.com
access-control-allow-credentials: true
Connection: close
content-length: 852

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity?pid=1&rt=idl

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/19469?ret=json

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: dit.api.citi.com
URL: https://dit.api.citi.com/gcgapi/uat3/public/v1/digital/reporting/metrics

Verdicts & Comments Add Verdict or Comment

533 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNUFAIZ9qP0lAAAA
.rfihub.com/	1970-01-20 01:55:42	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDYwNzAzNDU3NRTiM9T18yvySvcPDwzxzNWV4jU0MzSxMDEzNra0MDEBACYp6U40AAAA
.demdex.net/	1970-01-19 20:53:18	Name: demdex Value: 11475764857389237403510406069477127349
.citi.com/	1969-12-31 23:59:59	Name: tmx_digitalApptype Value: PC_BROWSER
.citi.com/	1969-12-31 23:59:59	Name: tmx_sessionid Value: 192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8
sit7.online.citi.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000R4LVLQ160pAPxIFgh06981M:us-mt-srv1
.sit7.online.citi.com/	1970-01-19 20:53:18	Name: popSplit Value: 55
.citi.com/	1970-01-20 10:05:18	Name: s_ecid Value: MCMID%7C04544682984465693434113173498121489686
.citi.com/	1970-01-20 10:05:18	Name: s_vi Value: [CS]v1\|30204CC1AFCDF90E-600002862FAA9D1D[CE]
.citi.com/	1970-01-20 10:05:18	Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C18691%7CMCMID%7C04544682984465693434113173498121489686%7CMCAAMLH-1615451139%7C6%7CMCAAMB-1615451139%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614853539s%7CNONE%7CMCAID%7C30204CC1AFCDF90E-600002862FAA9D1D%7CMCSYNCSOP%7C411-18698%7CvVersion%7C3.1.2
.citi.com/	1969-12-31 23:59:59	Name: experience Value: Uncookied
sit7.online.citi.com/	1970-01-19 16:34:08	Name: 7018 Value: 0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a
sit7.online.citi.com/	1970-01-19 16:34:08	Name: 7830 Value: error
.citi.com/	1969-12-31 23:59:59	Name: AKMTLTSID Value: 4F77B391B127E0BFE3294FE4C8076F35
.citi.com/	1969-12-31 23:59:59	Name: BKDMP Value:
.citi.com/	1970-01-20 10:08:11	Name: mbox Value: session#2496758f821f4203992db6a3e00db1b9#1614848201\|PC#2496758f821f4203992db6a3e00db1b9.37_0#1678091141
.citi.com/	1970-01-19 16:34:27	Name: cdSNum Value: 1614846339759-sjn0000936-6a4c5eb8-9689-458a-8789-39f1390fee4f
.citi.com/	1970-01-19 16:34:08	Name: mboxEdgeCluster Value: 37
sit7.online.citi.com/	1970-01-19 18:43:42	Name: 64072 Value:
.citi.com/	1969-12-31 23:59:59	Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1
.sit7.online.citi.com/	1969-12-31 23:59:59	Name: AOSDMPRF Value:
.citi.com/	1970-01-19 18:43:42	Name: _gcl_au Value: 1.1.1754966344.1614846340
.citi.com/	1969-12-31 23:59:59	Name: check Value: true
.citi.com/	1969-12-31 23:59:59	Name: second_tmx_sessionid Value: 77bbe77842c4cebc7eecfc2e4bbef0a2dcf8bf7d8b1e09aab019428d9a1a235a
.citi.com/	1969-12-31 23:59:59	Name: _cls_s Value: db0fa279-ac4c-4b15-a4c8-e1648145009f:0
.citi.com/	1969-12-31 23:59:59	Name: bcsid Value: 477B9D47B60A79A892AE17FA7E448E81
sit7.online.citi.com/	1970-01-20 01:19:42	Name: count Value: 1
.citi.com/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.citi.com/	1970-01-21 12:22:06	Name: _cls_v Value: 077b40c8-b12d-471a-8c93-9d2b56b90c57
.citi.com/	1970-01-20 01:20:03	Name: Cf3YT7m Value: AJ-lV_x3AQAAsHGYJRp1lDEXx0ApkbZdt6Mg7iYNhDsNRDJuaf62iqKbot2V\|1\|0\|ac7b0c347ceb28af2d21af8f47b54caa0c5c0bf9
.citi.com/	1970-01-20 01:19:42	Name: CUUID Value: 0c1bfa7c-cd42-48b5-8a9c-8e6e1ba1634a
.citi.com/	1970-01-20 01:19:42	Name: bmuid Value: 1614846339227-A6651F3C-CA46-4ECE-8FE6-E5E8245BFD6F

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://sit7.online.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AMC0JPx3AQAARzRZVQtWpmRk8N2BlJByPahVA5lnrZHIROme_OCdEZ55MJR6&X-soz9htCz--z=q(Line 1) Message:
console-api	log	URL: https://sit7.online.citi.com/CBOL/taggingTransformation/tagging.js(Line 300) Message: Started tagging.js core
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/Bootstrap.js(Line 330) Message: Loading at.js
console-api	log	URL: https://sit7.online.citi.com/passivebio/bcsid.js(Line 5) Message: Setting new bcsid Cookie
console-api	log	URL: https://sit7.online.citi.com/US/login.do(Line 2224) Message: tmx flag value in javascriptfalse
console-api	log	URL: https://sit7.online.citi.com/US/login.do(Line 2228) Message: rsa flagtrue
console-api	log	URL: https://sit7.online.citi.com/TMX/TMXProfiling.js(Line 4) Message: start tmxProfiling.js
console-api	log	URL: https://sit7.online.citi.com/US/login.do(Line 2278) Message: next_page_value in javascript is :: null
console-api	log	URL: https://sit7.online.citi.com/US/login.do(Line 2292) Message: isDCAFallback flag value is : false
console-api	log	URL: https://sit7.online.citi.com/GFC/branding/responsivebranding/js/navBarRedesign.js(Line 30) Message: jquery version1.9.1
console-api	log	URL: https://sit7.online.citi.com/TMX/TMXProfiling.js(Line 4) Message: start tmxProfiling.js
console-api	log	URL: https://sit7.online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js(Line 1) Message: >>>>>>>>>>>>>Smart Search init>>>>>>>>>>>>>>>>>>>>>> pageId: jUSCBOL_Loginpage_Uncookied userRole: VISITOR isLoggedIn: false language: en
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/66ef20b673e69fa3dc9034eda23fddcf.js?conditionId0=3013337(Line 677) Message: [object HTMLDivElement]
console-api	log	(Line 11) Message: test 12
console-api	log	URL: https://sit7.online.citi.com/US/login.do(Line 2869) Message: removed coexistance cookie
console-api	log	URL: https://sit7.online.citi.com/TMX/TMXProfiling.js(Line 6) Message: tmxProfiling js execute
console-api	log	URL: https://sit7.online.citi.com/TMX/TMXProfiling.js(Line 12) Message: successfalsePC_BROWSER192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea889oebq5khttps://content22.online.citi.com/fp/tags.js
console-api	log	URL: https://sit7.online.citi.com/TMX/TMXProfiling.js(Line 14) Message: tmxfallback
console-api	log	URL: https://sit7.online.citi.com/TMX/TMXProfiling.js(Line 16) Message: get everyparams89oebq5kPC_BROWSER192a02c68510060c4ec5254d7432a610a0adb5fb5bbff62dc1b47a96e0f1fea8
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 12) Message: BANNER VISIBLE 17
console-api	log	URL: https://sit7.online.citi.com/CBOL/taggingTransformation/tagging.js(Line 1453) Message: key external campaign tracking code is not available
console-api	log	URL: https://sit7.online.citi.com/CBOL/taggingTransformation/tagging.js(Line 1473) Message: key internal campaign tracking code is not available
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/010a61bd11530d0183365eab7eec6f1b.js?conditionId0=421908(Line 193) Message: site_events detected
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/010a61bd11530d0183365eab7eec6f1b.js?conditionId0=421908(Line 193) Message: product data detected
console-api	log	URL: https://sit7.online.citi.com/CBOL/taggingTransformation/tagging.js(Line 786) Message: Load data...[object Object]
console-api	log	URL: https://sit7.online.citi.com/CBOL/taggingTransformation/tagging.js(Line 789) Message: [object Object]
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 15) Message: 1:HYSA_MarkExp_APY-viewed:yes\|
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 15) Message: 5:CPWM_0820_M8-viewed:yes\|
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 15) Message: 6:Blue_FinancialSelfCare-viewed:no\|
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 15) Message: 7:GENDERPAYBAN-viewed:no\|
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 15) Message: 2:3up:Q2CMI_2020_Hide-viewed:yes\|
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 15) Message: 3:3up:CHECK21_UT700-viewed:yes\|
console-api	log	URL: https://nexus.ensighten.com/citi/na_stage/code/ef4fb68342441d20f3bd5ddf0d3960cf.js?conditionId0=462132(Line 15) Message: 4:3up:diam_citicomREDPE_aug2016-viewed:yes\|

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20766699p.rfihub.com
20822230p.rfihub.com
89oebq5klbn4cxvhcz5hysrdzuwxt654tdk2kotide4ebd2cb6460762am1.e.aa.online-metrix.net
89oebq5klfzgmlqdh4cyzsuv2vzejs65xhhzl44j39b3503369943f07am1.e.aa.online-metrix.net
api.rlcdn.com
c1.rfihub.net
cdn.pbbl.co
citi.demdex.net
citicorpcreditservic.tt.omtrdc.net
cm.everesttech.net
content22.online.citi.com
contents3.00110.citi.com
cse.google.com
di.rlcdn.com
dit.api.citi.com
dpm.demdex.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
h.online-metrix.net
live.rezync.com
metrics1.citi.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online.citi.com
p-preprd.rfihub.com
p.rfihub.com
resources.digital-cloud-citi.medallia.com
sit.api.citi.com
sit7.online.citi.com
sr.rlcdn.com
stags.bluekai.com
tags.bkrtx.com
uat.report.nacustomerexperience.citi.com
udc-neb.kampyle.com
www.citi.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
api.rlcdn.com
dit.api.citi.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
stags.bluekai.com
104.111.224.160
104.111.228.137
104.111.238.178
104.70.84.163
104.70.85.47
108.128.13.248
13.32.24.45
13.32.24.59
151.101.113.175
151.101.194.133
18.195.42.228
192.193.179.250
193.0.160.128
193.0.160.129
199.38.167.128
216.58.212.162
23.79.157.69
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
34.120.207.148
34.253.145.149
35.181.18.61
35.241.45.82
35.244.245.222
52.141.218.213
52.212.193.208
52.31.176.223
91.235.132.130
91.235.133.67
91.235.134.131
92.123.150.214
03c736ca1c90e26743865ed80c9766f84ca237b0dc572fab630737aaef70d171
0687c7a91cacee8aea130fc1b7c12cbad408699e8ec5a7a66512d1b6a33e5fe8
06c6e69f31e6f429441315a1f013b1cce3187f00a3c727e7f5426a21e1c37025
06c8e6e2a64fdb1d1f320bcbe3572ff01de87aab52a846eeb9ee3e14adce5a29
086ae2b1cda93f64aece5e93388d24744f5d6178116b255ae1ccefea704b4768
0bd3ccc27cf9be600088075633085caa59ffdc6226dd98603eee03baee986d7d
0fadbe1e06ca947cfe99260be96d47e427e047adb36abc1569b6650969de845c
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
14c86696e46dc18eb89cb0d32055bd16b9a9f06da0fcbc0af3481fb0aa2c2cfe
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
16787122b206304e8b831938fbae5d7dc3c7f32fc161b30d61c750202665e6d2
1d960062424eec119eaf55c137f7dad6e793ae42360e0b5ed9f7d23f00801865
1e8296753489472722a900b40958f4cb93b5efa530499287debe37fdaac97cdb
1ec30677af9db31e1863e98c66f908fee08200ac28b78df45333bb129159d325
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
1f43f86e82f4cf6b5ddf863fbb8cd9bafb53790bd2016a7b2b36d51ad96fb32b
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
2722b6e0ea82875c13432513874ecb4dc1171e8fd5423553c13c2cc16ff5dca0
275cf9d336d8a29dd3a8cc8bc22761e96bfdd81c75a24bc5f48e10bfcc54d4fb
2780cafe6147607eae59e29013666c4bd593a3a6605abc0afb2d1e5c51eb6f52
2c65cdc8fed4d04ccebbd8a065b8a6e16a6503060507c5140cb60350b0c2f480
2d694aab0183f56fc66c5df9b1ae24ebd1991704eb61f3842fccc286e0aff700
2e1950e9fecaa7d00944c88becb315026208890e3d9ffe2545504105e181ad47
31a7d0a6362cd6d8fcbb3200740a252be4fc633363cc71021fb18faf4470eb5c
351566f41ad89bb03b7855b58661b377836aebe50db166052eaa17f17e156799
39d0d1d58b9139df75e7643ad60e4e0ad3b595336009b085a27cfc8af5264d0d
3be7fd7455d114e237d74857dd9cb3fe051c143d0b3755db09b8b3825149a766
3c4287f94e9dc9cda82125a6f528b0d4dcd8c2e9ee26b899c4481490312b146a
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
3ff6ff39c24f3b22c2d2e22410bbac1e2370d489b4524ba454a8a2eaead3ad02
424b0508d87aeff62bf98099b98490558de97db21d02343fd4b0e46252a74d58
474a06e61c5ff0b6def6e5619529e0664e6fa2d9904ba6f796e4e1032c2ab3c3
47566f08570cbfb4621e8eb6251ee4022d88d59b7b27fa501a0af71cdcd874ad
489ac0d5e6bb586f0144108a782f87e10aa6387fa5925c0f7b526142dbbf9987
4aac2297af8f3437059ca17af8c8e894d99c836ef71784ee81bd7bd28911e1b0
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c7d31f9170d7378bd7c871c70214ab4c352f1a6608f9c6ef7d7fb670d7c0fe4
4d78ebcf45698e13044f8fd2e4981639a3bef4d0d17035afc4c1e8b233860f87
4f0096bdfd5ee9660448f45c4dbe4060d184c4e0bd353b01a8f27a8ae3180b09
4f918cd256712c03a1b88007176cabf623cc63740e919d35a217c18dc7ebe607
519bbb8e7df4bd50b748660ebf487f1b22d566c34a296480e0f78df31fb185e2
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
549d24ec833c78c684e55e878c2d76bcd44aa9f9c9bcd9ab585187b6a3ed3b5e
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
59ec24de7d479369476229778ce105bd9b403f5f387aa38bfaa0c645cea78030
5ae1828de9d5340aa3522a6cf119301d2d32ed4023b19cf61ba8ded78629bda0
5d343d5e2bc616fe04642af586793b51ba2291a6c9616ee92e4246bde9fa72a5
600263e9bde3fb2c66b5ccb8c59efd8bcb9224b5e2481aa3a336d7843803e8f6
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
643030db71af1915a7c02ec3589b64d1b826cb8c8c97e0f7b80d70e0c830726b
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee
6a8bd777188932d2b2df487391af9407e3be9950db0f8b320afc62ff2a9accac
6c23f2687d2f144dad7f5b5d0329c9a03b579c48bed171a8cf351a7667e0a9fa
6d03f730d2626ef6622db57daa7faf7ee70e61c5bef2352a9960d9a3dc16d5b3
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
6d9a1385e761ebc3a676d1ff155c795a8de0a7a7362d2be94eaaa1341017b37c
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
6e866b41975af77f752d3feae581391b018128ad2cb495e783349ca49cb94c38
6f3649e19993fee191ac81abe9c6c74f6714d9fd19ccd3a0cce2f31835018e10
6f76589585a8e6aa963b9d8383c6369dee410c68ef8fbef5df7abef4b6ce5fa1
72fcc33b4e327db90c76e46d60f3ab682227388fe4ad1c3d772e9d740e280518
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
76c43444f20b759172e0893077c6bd5afeaed367088e38601ffaa6144f31303d
776f124f8ec3fd1257c3a3cf5a999fb84ba7ab610a60dfdb4dfce6460524c817
77aae11467c6e42598b9c17f8a34f9ffb08c3acedd22db327fabf5b1becd24a2
78369340f61dba01a703df4169ba86c8f6bc5e9b482e184f4aec09be0dc946f8
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c891ffec93e4e682a8621d0e632f8d918d75857dfb0983cb357a032933fad03
7d278ee603f0d3fa219bd54d16f75dfb178ab649da55620a182465dff9b528be
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7ff3e44b8a02077f7d83573b11ad348092aa5ff4bc63f389fd888f53e0e7559f
852bbf67c9988f8ed7e43118f914e581efb96fa4eb6d06eaf626672df92ce5fe
869fef14e7892b88913f53a769724bbef6ed1407fd06f921438d45a385cc4ca0
87578cd8ec6b565afd5be1b9a00845ca3dcb8024d64f2d96e4ce00bb07c94902
87e414e65461d63f3c18fdec21dc973fbb3b04db9269aa2fa9f2b1e9fb4d58f0
8a95ca789963c22b07be4098ecbd3e50788f5395faf0ad1321d609edc0ea7ec9
8b2a020761356045ce2ac324d66b14c4e691f5e76c59ebc5520d59f53eb8cf52
8caac886ff7b7a11b2f1c19e6a66fcc376ff7a35dd5419a0b47a417e2820412a
8d793fba2934b67cf10ce46068cc9e7e178a5c66f6a6e3e6c31f9d66fc382e2f
9251335ea33e43a9f14743ab6bb8c589b024477bcbb1e6bd15be7ec8e55852bf
932597ba6e20cca2f5f7bd469093e0fc953326de31c953a8bbfa00d898d2538c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96a25378d5d5fed38414a3d798eddc8367ebb206b45b125c837b9bab43c8799d
96da0123b20dbb462de8c21f88530a8f14d5922f1ebf4c28d7fea0942d33f14b
9704bca992680b1698b6c364e5fd7fd20991aa230c700f3378765fdf99a8b27d
9814bc9c716eebeeb14bb20dfac370adea1544fe3a14813c1b4e81ab733bd502
9919d19f3a7d94db13f36c9b4e0e4fe0eb3c0b9b622221a5a7389e0996e3d1e5
9b81f1e7a02ddb91470bd2f68d08f0fb03e1bddc70883f1990ab5ad0cd9174d3
9d3aa7fc2b3bea5561d463ddcdd503e321292abebcc99b9f3ae5dd8d0170a0c1
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
9fa97f780f20b95ac6a2baeed3961d39ec6086e3417eb59cd294e4e528187b7b
a10db873a9e01a6102fd8ca34167699f78829ed06f445fc035584883e2261bd0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a71d91b7846711060fd13cb1d21393be31b6600ba56373895b988478a342613e
a78443f1f5691e2c845e82e0242ef0c8f79435b044cd4dc661255deb2a461ff9
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de
ac5765dee0ca74b3ffb169f12880229be905b412bdcc9c87649b3040f5aa688a
ae79282747efe21a8db21672581dfd84b96d8b2e98b91c48e5c768e318df9144
afdc09ccfcdfa0f5acb1fa5fd430756474569d5be23f168ef2fe98a5155bc954
b0d0bb68facdf5cae41f8c08a24b952d2e63bc72857a2233cfadeae4e75d48e5
b0d29c908f05194fd0c4b2f8a3e6aefc76f9252333426ff1c9337f530d964460
b277be0a6606428f3c9ed2a75cf601a6331bf1859181f344c000da31ac543b85
b5b99c97960d130c44fad1acc54bba0644286e0fd6d3899e3027392ab7de9cc8
b6805138392fa08fa31ac1baf1f3f5d33a869b50c607498578c17302418d683d
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
c4d822793b2eab5f9bf345ce530487844b1aeaca83f5fd906f2e9987f6842028
c770e459d9988f611c466be1c6a650c3247f8521b536c1c2897c390f7f25e5bb
c908f461af3c6a8e9a8416ac0534d56482c03f01db2fe5f5c0426b05a809535b
cceae287a1c4bbbd773d99ea601dbac6ab28f5607795c83b8e50675ea1c5a985
cd86be0645b0f2ba2f6a9eb8e8324a01cb93ef12726f1b46140c6af89164d726
d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a
d8af02d8e0bc07516a75fd0eb08089c90057583f3458436df938beb7b588b19a
dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e035b79ab90f8c8ce0c5d34ae36fd666e84353307bdbf06ca62fdff8e77691dd
e0a06ba70b7556d61f872bd1ca50148094683ed1ba026a78164563d3c63db0c0
e18c28c95bea1af6b2187c6a35eb651dccabfb2212e529b6edd4a2e2f4c39ea8
e1cdd8699d632d98047b60975c127bde93707685555e0894c2087105e26298ae
e37a02e78fe6cf2e9359c395b6c677688c4d4ea5f8f7d4cd79ae03824daa44d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5168b3d0c8f929a1b8c4c1b4e4ebac60ee0e1ecfd759aeb4be4c2b15e3fc097
e65ab34ce9fc581b33eb9da02d0c3b0e5c24506a5431044ec02a48e102a0af02
e8905e4f047710f1cf7f6e41017e31a44d5d83f8129d2e88812a6d4f82ff95f5
e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb
eef1e4f7b3a5947502324b706a179e748cf0683268413b6a2bd7397be04ef831
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f268dcdb7e59e888bf611ab61e2235cb56ca24dc5e5bfd1dcb1cba3c5e56441e
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470
f2b79bba24ea617060ee8f7491d0cf167d999d158a0b1e7b8ecb535fe1381335
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
f3d2f2e810910ac029e0f75f668edf61ea26e79ef17768cdf651868b9689953f
f590b75b4b3a0d9130956fd09e16707aa83682913b620466a4180d572e01d73c
f9ea3e5b79df3924376af98d3639b49ef970ef77063203b3ef3abaa84daca88a
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b
fe3b58fc9b8e89f24e3ace02820624adcb500e0da1b50ee337e41d27cc20c61b

sit7.online.citi.com Open in urlscan Pro 104.70.85.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

97 %HTTPS

17 %IPv6

22 Domains

40 Subdomains

33 IPs

4 Countries

3709 kBTransfer

10179 kBSize

32 Cookies

29 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sit7.online.citi.com Open in urlscan Pro
104.70.85.47 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

97 %
HTTPS

17 %
IPv6

22
Domains

40
Subdomains

33
IPs

4
Countries

3709 kB
Transfer

10179 kB
Size

32
Cookies

197 HTTP transactions
1 data transactions