www.citi.com Open in urlscan Pro
96.16.129.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dobrocred.com.br/cit/city.com/email.php
Effective URL:
https://www.citi.com/login
Submission: On April 18 via automatic, source openphish (April 18th 2022, 1:05:53 am UTC) — Scanned from DE

Summary HTTP 335 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 3 countries across 30 domains to perform 335 HTTP transactions. The main IP is 96.16.129.152, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.citi.com. The Cisco Umbrella rank of the primary domain is 29811.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 2nd 2021. Valid for: a year.

This is the only time www.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 87	216.172.172.133 216.172.172.133	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
32	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:224a:4c00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
3	2600:9000:231... 2600:9000:2315:e000:a:6cdf:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223f:5e00:1e:54f1:26c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:2250:6e00:13:ab57:d440:93a1	16509 (AMAZON-02) (AMAZON-02)
5	67.202.32.1 67.202.32.1	14618 (AMAZON-AES) (AMAZON-AES)
1 3	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 9	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	18.66.122.116 18.66.122.116	16509 (AMAZON-02) (AMAZON-02)
2	96.16.135.39 96.16.135.39	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:9200:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.29.167.104 52.29.167.104	16509 (AMAZON-02) (AMAZON-02)
24	91.235.133.67 91.235.133.67	30286 (THM) (THM)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.175 151.101.1.175	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 60	96.16.129.152 96.16.129.152	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.195.39.4 54.195.39.4	() ()
1 4	52.213.194.249 52.213.194.249	() ()
1	34.252.147.157 34.252.147.157	() ()
2	15.188.95.229 15.188.95.229	() ()
1 1	52.51.88.158 52.51.88.158	() ()
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	() ()
1	192.193.200.243 192.193.200.243	() ()
2	91.235.132.130 91.235.132.130	() ()
335	33

87 216.172.172.133 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 216-172-172-133.unifiedlayer.com

dobrocred.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:4c00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)

20766699p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2315:e000:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.a79ab95c1589a13f8a4cab612bc71f9f7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:5e00:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.b406929acabac9b095f124c81bdfcf57f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:6e00:13:ab57:d440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.c81358859121583b7adf2ace89cb39f44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.32.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-32-1.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-116.fra60.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:9200:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.167.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 91.235.133.67 (United States)

ASN30286 (THM, US)

content22.online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 96.16.129.152 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-129-152.deploy.static.akamaitechnologies.com

www.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.39.4 (None, )

ASN- ()

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.194.249 (None, ) 1 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.147.157 (None, )

ASN- ()

citi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (None, )

ASN- ()

metrics1.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.88.158 (None, ) 1 redirects

ASN- ()

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.193.200.243 (None, )

ASN- ()

prod.report.nacustomerexperience.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (None, )

ASN- ()

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	citi.com www.citi.com — Cisco Umbrella Rank: 29811 Failed online.citi.com — Cisco Umbrella Rank: 23648 contents3.00110.citi.com Failed content22.online.citi.com — Cisco Umbrella Rank: 37002 prod.report.nacustomerexperience.citi.com Failed metrics1.citi.com	3 MB
87	dobrocred.com.br 1 redirects dobrocred.com.br	3 MB
32	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2747	610 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	455 KB
11	google.com www.google.com — Cisco Umbrella Rank: 4	1 KB
9	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 234 bat.bing.com — Cisco Umbrella Rank: 378	25 KB
7	tvpixel.com p.tvpixel.com — Cisco Umbrella Rank: 1412 c.tvpixel.com — Cisco Umbrella Rank: 8461	64 KB
5	demdex.net 1 redirects dpm.demdex.net citi.demdex.net	7 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	5 KB
4	medallia.com resources.digital-cloud-citi.medallia.com — Cisco Umbrella Rank: 27279	177 KB
3	clarity.ms 1 redirects c.clarity.ms — Cisco Umbrella Rank: 637	917 B
3	c81358859121583b7adf2ace89cb39f44.com 1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 62184	4 KB
3	b406929acabac9b095f124c81bdfcf57f.com 1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 62530	4 KB
3	a79ab95c1589a13f8a4cab612bc71f9f7.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 60170	4 KB
2	online-metrix.net h.online-metrix.net 89oebq5kmfuf2kekxyvy2jfkil7nmq4bjvguklawc934bfe443513e67am1.e.aa.online-metrix.net Failed 89oebq5klgmlkgeszlsnzkmky665sry7uyqxaffi762d092569702bf2am1.e.aa.online-metrix.net Failed
2	iesnare.com mpsnare.iesnare.com	14 KB
2	agkn.com d.agkn.com — Cisco Umbrella Rank: 550	1 KB
2	rlcdn.com sr.rlcdn.com — Cisco Umbrella Rank: 11874	98 B
2	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 3102	32 KB
1	jquery.com code.jquery.com	30 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 3888 udc-neb.kampyle.com Failed	5 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 481	338 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	15 KB
1	pbbl.co cdn.pbbl.co — Cisco Umbrella Rank: 8963
1	rfihub.com 20766699p.rfihub.com — Cisco Umbrella Rank: 41043	705 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5429	6 KB
0	scorecardresearch.com Failed sb.scorecardresearch.com Failed
0	Failed function sub() { [native code] }. Failed
0	google.de Failed www.google.de Failed
335	30

	Domain	Requested by
87	dobrocred.com.br	1 redirects dobrocred.com.br
60	www.citi.com	dobrocred.com.br www.citi.com
32	nexus.ensighten.com	dobrocred.com.br www.citi.com nexus.ensighten.com
24	content22.online.citi.com	dobrocred.com.br www.citi.com content22.online.citi.com
12	www.googletagmanager.com	dobrocred.com.br www.googletagmanager.com nexus.ensighten.com
11	www.google.com	dobrocred.com.br
8	bat.bing.com	dobrocred.com.br bat.bing.com nexus.ensighten.com
5	p.tvpixel.com	dobrocred.com.br www.citi.com
4	dpm.demdex.net	1 redirects www.citi.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	resources.digital-cloud-citi.medallia.com	nexus.ensighten.com dobrocred.com.br resources.digital-cloud-citi.medallia.com
4	online.citi.com	dobrocred.com.br www.citi.com
3	c.clarity.ms	1 redirects dobrocred.com.br bat.bing.com
3	1.c81358859121583b7adf2ace89cb39f44.com	dobrocred.com.br 1.c81358859121583b7adf2ace89cb39f44.com www.citi.com
3	1.b406929acabac9b095f124c81bdfcf57f.com	dobrocred.com.br 1.b406929acabac9b095f124c81bdfcf57f.com www.citi.com
3	1.a79ab95c1589a13f8a4cab612bc71f9f7.com	dobrocred.com.br 1.a79ab95c1589a13f8a4cab612bc71f9f7.com www.citi.com
2	h.online-metrix.net	content22.online.citi.com
2	metrics1.citi.com	www.citi.com
2	mpsnare.iesnare.com	www.citi.com mpsnare.iesnare.com
2	d.agkn.com
2	c.tvpixel.com	dobrocred.com.br nexus.ensighten.com
2	sr.rlcdn.com	nexus.ensighten.com
2	tags.bkrtx.com	nexus.ensighten.com
1	code.jquery.com	www.citi.com
1	cm.everesttech.net	1 redirects
1	citi.demdex.net	nexus.ensighten.com
1	nebula-cdn.kampyle.com	resources.digital-cloud-citi.medallia.com
1	stags.bluekai.com	tags.bkrtx.com
1	www.googleadservices.com	dobrocred.com.br www.googletagmanager.com
1	prod.report.nacustomerexperience.citi.com	dobrocred.com.br www.citi.com
1	cdn.pbbl.co	nexus.ensighten.com
1	c.bing.com	1 redirects
1	20766699p.rfihub.com	dobrocred.com.br
1	c1.rfihub.net	nexus.ensighten.com
0	sb.scorecardresearch.com Failed
0	89oebq5klgmlkgeszlsnzkmky665sry7uyqxaffi762d092569702bf2am1.e.aa.online-metrix.net Failed
0	89oebq5kmfuf2kekxyvy2jfkil7nmq4bjvguklawc934bfe443513e67am1.e.aa.online-metrix.net Failed
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	content22.online.citi.com
0	www.google.de Failed
0	udc-neb.kampyle.com Failed
0	contents3.00110.citi.com Failed	dobrocred.com.br
335	41

This site contains no links.

Subject Issuer	Validity	Valid
*.dobrocred.com.br R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2020-03-13` - `2022-05-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-04` - `2023-04-04`	a year	crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-04-07`	a year	crt.sh
*.c81358859121583b7adf2ace89cb39f44.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-04-07`	a year	crt.sh
*.tvpixel.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2021-11-15` - `2022-10-20`	a year	crt.sh
*.pbbl.co Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
content22.online.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-14` - `2022-08-06`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-22` - `2023-03-26`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 01	`2022-02-08` - `2023-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.citi.com DigiCert SHA2 Extended Validation Server CA	`2021-11-02` - `2022-12-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 Extended Validation Server CA	`2021-04-27` - `2022-05-24`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
metrics1.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-07-02` - `2022-08-30`	2 years	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
prod.report.nacustomerexperience.citi.com DigiCert SHA2 Extended Validation Server CA	`2020-05-05` - `2022-07-04`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.citi.com/login
Frame ID: 2E3114BEC57F5A3792B20B4E946BBFB6
Requests: 277 HTTP requests in this frame

Frame: https://20766699p.rfihub.com/ca.html?ver=9&ra=1941&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&pf=&ra=34929124073103157
Frame ID: A8F50B247D64D705377C1F04514519BD
Requests: 1 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: F3F59BE41B31D80804F5E23225B0BB68
Requests: 2 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: 7AB65D3913F5E23A3C346A3CFFFA3FF5
Requests: 2 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: A083B789002125C4CCB7CD1AF0E79981
Requests: 2 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 084B00076208FA23E583ABA75C855259
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3226246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f416872676d65266a73623f436870676d65273030333230
Frame ID: 4981B1FFDBEBAB473D89DFAE76B49A8E
Requests: 4 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37302e2668716f773f4c616c77782468736f3d4c69667778266a7362753f4368706d6f6524687b623d4168726f6d65273232333030
Frame ID: 9670AD2F85820F9A9848124321C6DEB8
Requests: 4 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3730242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d4368706d6f6726687b623d4368726f6d67253230333032
Frame ID: 22E91DBEA237DC15A37179A30C530AA2
Requests: 4 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=bankappstatus&phint=productID&phint=__bk_t%3Dlet%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&phint=__bk_v%3D3.1.10&limit=10&r=9474060
Frame ID: F99B6B0CE38A8A9BF0CFF09D0A2F8D1D
Requests: 1 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: DAE9A783FB8F56FD6D984D9ECEAB46A8
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&jb=37322426627b6d773f7766666566696c65662668736f3d756c666d6e696e6d6c246a7b62753f776e6465646b6c6766266a73623f7766666564696e656c273232756c66656e616c6766
Frame ID: F6C553D9A61E51B6B786AD3C98FAAEF8
Requests: 10 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: BE717FA7B4DABE53EB09272228E2C3DD
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&jb=3532262e68736d773d4c6b6c75782668736d3f4c61667d7a266271627735436a726d6f67246a71603f416a72676d65253030393038
Frame ID: 178132FAE91A6ADEB7ADB62840E4CA67
Requests: 10 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/check.js;CIS3SID=21A913F011FAFA2B380A846DA515E787?org_id=89oebq5k&session_id=e5e5b48fff553aff5649b7a2c432d8a93ad7b57fb9b59e2e2601618966a3b565&nonce=e2b5f75a06da6b69&pageid=1&jb=35302626687367773f4e696e77782468736d3d446b6c757a246a716075354360706f6d67246a71603f4b6a72676d67253032313032
Frame ID: 39398DA27C6CF64E43E9B9DEC25E041A
Requests: 3 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1
Frame ID: A890BBFBD1A57C17981BF71561F9952E
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1
Frame ID: E49982EB34FF1A6855DBA695F1BE7A0E
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1
Frame ID: 4B276917456235BA512672678EFA06E4
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1
Frame ID: B0B36CD1D40A35DAEAFE5B1D6B38D64F
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1
Frame ID: 37538D93C110F3E38D689897BD781BD7
Requests: 1 HTTP requests in this frame

Frame: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1
Frame ID: D7BD5F8825A9652FA4C4FA8B78F961B1
Requests: 1 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 2309B5C6FFECEC3C38B2F3CDA1E5F824
Requests: 1 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: 60B423C850A23875A539E0D52811D48E
Requests: 1 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: 46196460980E90631787756C59D7F98A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking, Mortgages, Personal Loans, Investing | Citi.com

Page URL History Show full URLs

https://dobrocred.com.br/cit/city.com/email.php HTTP 302
https://dobrocred.com.br/cit/city.com/thanks.php Page URL
https://www.citi.com/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

335
Requests

84 %
HTTPS

30 %
IPv6

30
Domains

41
Subdomains

33
IPs

3
Countries

7905 kB
Transfer

23597 kB
Size

44
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dobrocred.com.br/cit/city.com/email.php HTTP 302
https://dobrocred.com.br/cit/city.com/thanks.php Page URL
https://www.citi.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://dobrocred.com.br/cit/city.com/email.php HTTP 302
https://dobrocred.com.br/cit/city.com/thanks.php

Request Chain 113

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=41AB281426764854B99E4EB6E274D8A8&RedC=c.clarity.ms&MXFR=0ACBF24A65A565722D67E3C061A56B00 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=41AB281426764854B99E4EB6E274D8A8&MUID=0EBBFDC090066974204AEC4A918D6834

Request Chain 195

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1650243951221 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1650243951221

Request Chain 227

https://cm.everesttech.net/cm/dd?d_uuid=87799943040237116651549801304755493667 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yly5bwAAAKFTIQQE

Request Chain 230

https://www.citi.com/gcgapi/prod/public/v1/prelogin/e2eConfig/client/cbol HTTP 301
https://www.citi.com/redirect/cbol404.htm

335 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

thanks.php Show response
dobrocred.com.br/cit/city.com/
Redirect Chain

https://dobrocred.com.br/cit/city.com/email.php
https://dobrocred.com.br/cit/city.com/thanks.php

304 KB
51 KB

155ms
155ms

Document
text/html

216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: aaf58b530fe940f9235a0eb0eedb3ece0050ceab2bd96db2dd767beb6f0b798b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 01:05:44 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 01:05:44 GMT
location: thanks.php
server: Apache
vary: Accept-Encoding

GET
H2 200 cool-2.1.15.min.js Show response
dobrocred.com.br/cit/city.com/img/ 14 KB
6 KB 240ms
237ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/cool-2.1.15.min.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6187

GET
H2 200 clarity.js Show response
dobrocred.com.br/cit/city.com/img/ 53 KB
23 KB 248ms
245ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/clarity.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 f.txt Show response
dobrocred.com.br/cit/city.com/img/ 39 KB
18 KB 135ms
135ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f.txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 tc.min.js Show response
dobrocred.com.br/cit/city.com/img/ 19 KB
8 KB 134ms
133ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/tc.min.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8064

GET
H2 200 js Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 135ms
128ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 7e035fe791d86c0346cacc50c10ab1cea6941f3dae04a87b7acc0e30ce6436d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 103051

GET
H2 200 js(1) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 286ms
278ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(1)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 008aaa0eebea326ea356339b06467c2eb5f98d4b76759ae45f6eb1f953db28ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 103051

GET
H2 200 js(2) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 286ms
277ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(2)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: b6f517c4279c052b89206db39d95274ef20699f4142aaa9e4339790d3228a64f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 103187

GET
H2 200 js(3) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 286ms
278ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(3)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 0e8665d56063213d42b3650b1325534735f0fefe09ee48a7f734f83b5e4bfdfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 103051

GET
H2 200 js(4) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 474ms
466ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(4)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 677cec65f2895fca126756615b8f96c2801078d2b59a98bab4aab3ee8a89d645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 103187

GET
H2 200 js(5) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 472ms
464ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(5)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: e76caa473d34a77670863ffd51ee0e59b44c4bdc6367aa0e8e698bf6b264919f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 103281

GET
H2 200 js(6) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 472ms
464ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(6)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: ac3211cc5864f812b2e7fe668137258fe2e2405cc42642d4fbcd07199f3c4028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 103187

GET
H2 200 js(7) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 295ms
286ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(7)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 4027f452062da70c1206681e4d1e3ad20d633d217bcd0f954f98e4ea7743c842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 103187

GET
H2 404 bat.js
dobrocred.com.br/cit/city.com/img/ 0
0 615ms
606ms Script
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/bat.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 dpm_pixel_min.js Show response
dobrocred.com.br/cit/city.com/img/ 103 KB
39 KB 473ms
464ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/dpm_pixel_min.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js(8) Show response
dobrocred.com.br/cit/city.com/img/ 101 KB
101 KB 297ms
288ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(8)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: efcb0e09a533713a54d617f43991909e46d6430c9c1531787ea15492a15b9e86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 103165

GET
H2 200 js(9) Show response
dobrocred.com.br/cit/city.com/img/ 91 KB
91 KB 285ms
276ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(9)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: c9c84a02bd7802730402506e08933a2bf019ce78600f266189b86a2d53c0bdd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 92863

GET
H2 200 js(10) Show response
dobrocred.com.br/cit/city.com/img/ 91 KB
91 KB 306ms
297ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(10)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: e83c9c5a686b6460be3df5f34ddbe456588d4f575083e74045a00c4ff2be7db0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 92863

GET
H2 200 js(11) Show response
dobrocred.com.br/cit/city.com/img/ 91 KB
91 KB 296ms
288ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(11)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 0264c5423e565a05bcc16d1abdfec999c4e92fd5ea90146251a8549cb93773f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 92863

GET
H2 200 js(12) Show response
dobrocred.com.br/cit/city.com/img/ 91 KB
91 KB 473ms
465ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(12)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 5a2aa8a1ce876434e8f0912c3be63026f79d0b0f24ea591e5379d9186fae451f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 92863

GET
H2 200 js(13) Show response
dobrocred.com.br/cit/city.com/img/ 91 KB
91 KB 465ms
457ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(13)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 8a13175818c1064520ce05abb77e35d1c88111dcf0cd991d5227a55ff196a7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 92841

GET
H2 200 js(14) Show response
dobrocred.com.br/cit/city.com/img/ 91 KB
91 KB 466ms
458ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/js(14)
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 02e871a789bf3801140ce6b9d8a205d308ca81bce448e87fb6bdd60ee98cafc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 92841

GET
H2 200 3fac67bbed26d3e121bb84cefe395515.js Show response
dobrocred.com.br/cit/city.com/img/ 4 KB
2 KB 470ms
462ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 8e31a20960f50a1c34f7ccb1cd9737ec.js Show response
dobrocred.com.br/cit/city.com/img/ 340 B
281 B 563ms
555ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 250

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
dobrocred.com.br/cit/city.com/img/ 396 KB
155 KB 559ms
551ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 d77cad342c2e126c752063748cd63d48.js Show response
dobrocred.com.br/cit/city.com/img/ 30 KB
10 KB 548ms
540ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/d77cad342c2e126c752063748cd63d48.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 21201ecc3c1f81d2725b4f6b81c4dfa208edabe6a023711d6b48933b7acabf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 10653

GET
H2 200 6c8ea0384518f24fa6367b97cbf3fd9d.js Show response
dobrocred.com.br/cit/city.com/img/ 128 KB
48 KB 612ms
605ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: dfb30742c209a6119b53853df43d609166ce3b72e09c0f6d7bafaac8a4f1bd00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 468b3e37a21c4198f4939c8aaca98066.js Show response
dobrocred.com.br/cit/city.com/img/ 1 KB
685 B 563ms
556ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/468b3e37a21c4198f4939c8aaca98066.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 653

GET
H2 200 51aba9f62787efbaa13e53a8d1ae3892.js Show response
dobrocred.com.br/cit/city.com/img/ 1 KB
688 B 562ms
554ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 656

GET
H2 200 9d552101ccdbc20ef239307e0ace1356.js Show response
dobrocred.com.br/cit/city.com/img/ 156 KB
51 KB 554ms
546ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 53c561089a7987d29afa32543f9d7585b9a4f565b0b6c54b703e802f2f52d386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 d74f82b561a6aa5d9247eaf72394131a.js Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
694 B 562ms
555ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/d74f82b561a6aa5d9247eaf72394131a.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 662

GET
H2 200 557566dc60916e3de69e006bef252459.js Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
799 B 548ms
541ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/557566dc60916e3de69e006bef252459.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 767

GET
H2 200 42d4d669434e7d621371bd59ca097dbf.js Show response
dobrocred.com.br/cit/city.com/img/ 5 KB
2 KB 566ms
559ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/42d4d669434e7d621371bd59ca097dbf.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2083

GET
H2 200 d90ce1a791ada193ee0ca4e9ce66632d.js Show response
dobrocred.com.br/cit/city.com/img/ 5 KB
2 KB 566ms
559ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1925

GET
H2 200 fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
dobrocred.com.br/cit/city.com/img/ 989 B
581 B 547ms
540ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 549

GET
H2 200 serverComponent.php Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
775 B 373ms
373ms Script
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/serverComponent.php
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 1a6193c0936ec29f4350799172f83ad78a95112799ea30c662e80f25b418361c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
dobrocred.com.br/cit/city.com/img/ 233 KB
133 KB 351ms
349ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 93a2bf9c16a92eea122a84d246579a50fb89c3b269c78c080588cee14129b2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tagging.min.js Show response
dobrocred.com.br/cit/city.com/img/ 44 KB
14 KB 350ms
348ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/tagging.min.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 3f383b43ed678109c3a4006112945b4381899317658913dcf1d061a55b47cab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 14443

GET
H2 200 banner.min.js Show response
dobrocred.com.br/cit/city.com/img/ 15 KB
6 KB 369ms
367ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/banner.min.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 66e0a4b3019f0e19c99a314095a7e13932cd8afcb82a236475abf3f8723ea69d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5944

GET
H2 200 Bootstrap.js Show response
dobrocred.com.br/cit/city.com/img/ 229 KB
88 KB 350ms
349ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: b4d7c52d0920ce3ce14dd5f198df3fb2e9bf39ff31e209a92cf146c86de4ce62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0

GET
H2 200 styles.a4a9307b7b034ca614a7.css
dobrocred.com.br/cit/city.com/img/ 1 MB
265 KB 369ms
368ms Stylesheet
text/css 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: c49f7ec632ced66bfd8ac1ed0cc98a6c8e583f7b36e1faccf190a04955d39c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 tags.js Show response
dobrocred.com.br/cit/city.com/img/ 80 KB
12 KB 567ms
561ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/tags.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: a1012b65a2ec44d9f1a2e3a11f74e644e505cb6544e3717b4442cb9aa73452b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 12059

GET
H2 200 1-es2015.e6099f56b51f44414444.js Show response
dobrocred.com.br/cit/city.com/img/ 746 KB
255 KB 369ms
368ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/1-es2015.e6099f56b51f44414444.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 6f56350d404b7363262ab1a2331f6ee082822c230c2dda9061439acb0ee2ea29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 404 logo.js
dobrocred.com.br/cit/city.com/img/ 0
0 499ms
499ms Script
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/logo.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 tags.js(1).download Show response
dobrocred.com.br/cit/city.com/img/ 80 KB
81 KB 547ms
540ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/tags.js(1).download
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: ecddeb2adfa02b823671f9e56787dd23cadfe86fa9042940d5fea9e38054c174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 82417

GET
H2 200 cedric.js Show response
dobrocred.com.br/cit/city.com/img/ 602 KB
206 KB 403ms
403ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/cedric.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tags.js(2).download Show response
dobrocred.com.br/cit/city.com/img/ 80 KB
81 KB 547ms
541ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/tags.js(2).download
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 7c61e941b642ce421086c40e8edd357d643de75763ebe83073d329f2693f6786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 82417

GET
H2 200 embed.js Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
749 B 274ms
272ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/embed.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 7ce1ab6d7d544d02fdbfd070df6d6290a630944648f78629bccf6b7c426254ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 717

GET
H2 200 16003743.js Show response
dobrocred.com.br/cit/city.com/img/ 0
28 B 558ms
551ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/16003743.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 0
content-type: application/javascript

GET
H2 200 16001692.js Show response
dobrocred.com.br/cit/city.com/img/ 685 B
467 B 560ms
554ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/16001692.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: fbfbcd5ac1839093e7f7fed9f57af9bdca51c799c591af25b624ebc421fdd052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 435

GET
H2 200 f(1).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 272ms
271ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(1).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 60efe6c61d482a9ad16c13a430e4f9b230d4a7667873a043327afadd372bef6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1037

GET
H2 200 f(2).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 272ms
270ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(2).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 0ed87b4fd56a4ea6f91e90ec9227281332adcb6d90c16871ddd93a8b0769fa24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1032

GET
H2 200 f(3).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 273ms
272ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(3).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 76fb126ee024dcf4a093ac4d3614448b9281355f1033a422fc929298e88fa877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1032

GET
H2 200 f(4).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 273ms
271ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(4).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 6bb0c1eaae6f6770f889c139ca441c1c21ab76ba7cd86cb28600955f3ee15302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1031

GET
H2 200 f(5).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 272ms
271ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(5).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 2c3e0f1421ec0c865caf07a6fee834c43eb456613a9d1aee3a3db0c463c9d340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1030

GET
H2 200 f(6).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 272ms
271ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(6).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 85272ec3d43640c29bdc41f4f2f7c2942b2f96d76254e8b2802006eab8bc44fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1031

GET
H2 200 f(7).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 273ms
272ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(7).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 441dbbcac58f504c76ab5ff91afa232a4f7734790a9fd2345cad297f00537aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1042

GET
H2 200 f(8).txt Show response
dobrocred.com.br/cit/city.com/img/ 2 KB
1 KB 271ms
271ms Script
text/plain 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/f(8).txt
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: ec92c710f2d67faf40a7c39947630493ffd75ca46a82cfadde25e8eb05e53bf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
content-length: 1032

GET
H2 200 citilogoredesign.png
dobrocred.com.br/cit/city.com/img/ 2 KB
2 KB 546ms
540ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/citilogoredesign.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 1799
content-type: image/png

GET
H2 200 050-location@2x.svg
dobrocred.com.br/cit/city.com/img/ 2 KB
2 KB 560ms
553ms Image
image/svg+xml 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/050-location@2x.svg
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 1752
content-type: image/svg+xml

GET
H2 200 icon_globe_med-grey@2x.svg
dobrocred.com.br/cit/city.com/img/ 3 KB
3 KB 545ms
539ms Image
image/svg+xml 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/icon_globe_med-grey@2x.svg
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 3523
content-type: image/svg+xml

GET
H2 200 phone.png
dobrocred.com.br/cit/city.com/img/ 10 KB
10 KB 547ms
541ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/phone.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 9873
content-type: image/png

GET
H2 200 qrsignon.png
dobrocred.com.br/cit/city.com/img/ 741 B
771 B 557ms
550ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/qrsignon.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 741
content-type: image/png

GET
H2 200 laptop-and-phone-pairing.png
dobrocred.com.br/cit/city.com/img/ 3 KB
3 KB 551ms
545ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/laptop-and-phone-pairing.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 3044
content-type: image/png

GET
H2 200 laptop-and-phone-success.png
dobrocred.com.br/cit/city.com/img/ 2 KB
3 KB 555ms
549ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/laptop-and-phone-success.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 2544
content-type: image/png

GET
H2 200 EqualHousing.png
dobrocred.com.br/cit/city.com/img/ 2 KB
2 KB 552ms
546ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/EqualHousing.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 1606
content-type: image/png

GET
H2 200 googlePlay@3x.png
dobrocred.com.br/cit/city.com/img/ 24 KB
25 KB 557ms
551ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/googlePlay@3x.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 25077
content-type: image/png

GET
H2 200 appStore@3x.png
dobrocred.com.br/cit/city.com/img/ 20 KB
20 KB 552ms
546ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/appStore@3x.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 20047
content-type: image/png

GET
H2 200 social-media_facebook@3x.png
dobrocred.com.br/cit/city.com/img/ 445 B
475 B 556ms
550ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/social-media_facebook@3x.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 445
content-type: image/png

GET
H2 200 social-media_twitter@3x.png
dobrocred.com.br/cit/city.com/img/ 1 KB
1 KB 557ms
551ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/social-media_twitter@3x.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: 5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:26 GMT
server: Apache
accept-ranges: bytes
content-length: 1277
content-type: image/png

GET
H2 200 social-media_youtube@3x.png
dobrocred.com.br/cit/city.com/img/ 1 KB
1 KB 558ms
553ms Image
image/png 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dobrocred.com.br/cit/city.com/img/social-media_youtube@3x.png
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
content-length: 1175
content-type: image/png

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
107 B 51ms
9ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 18 Apr 2022 01:05:44 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 1 KB
741 B 61ms
19ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1a58f7d24fa32c87690d31b5f46c8a02e760b9501d4582c4f2d475f174140b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 18 Apr 2022 01:05:44 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/916451471/ 42 B
108 B 53ms
22ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695231162/ 42 B
108 B 51ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/644574043/ 42 B
548 B 50ms
18ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/960621875/ 42 B
108 B 52ms
21ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/830907969/ 42 B
108 B 52ms
21ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975701947/ 42 B
108 B 52ms
21ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819500023/ 42 B
108 B 24ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/959299794/ 42 B
108 B 24ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 Interstate-Light.woff
dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 610ms
610ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/thanks.php
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
BLOB 200
OK 6f4402ef-c03d-466c-8dde-af567558287b
https://dobrocred.com.br/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dobrocred.com.br/6f4402ef-c03d-466c-8dde-af567558287b
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 165178

GET
H2 200 LSO_4959.jpg
online.citi.com/nga-lite-signon/ 171 KB
172 KB 141ms
54ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/nga-lite-signon/LSO_4959.jpg

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Mon, 11 Jan 2021 11:55:43 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 174933
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 404 Interstate-Bold.woff
dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 548ms
548ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/thanks.php
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Bold.woff
dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/ 0
0 549ms
549ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
nexus.ensighten.com/citi/na_prod/code/ 989 B
1 KB 9ms
7ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
last-modified: Tue, 14 May 2019 17:01:42 GMT
server: nginx
etag: "5cdaf476-3dd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 989

GET
H2 200 da6191c2b2959a15b37bb1f025a35ecd.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 9ms
7ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:19:28 GMT
server: nginx
etag: W/"621e63b0-12ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 557566dc60916e3de69e006bef252459.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
952 B 9ms
8ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:59:12 GMT
server: nginx
etag: W/"5d656160-887"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 f21cacf863be4d08be1919c31c663fb2.js Show response
nexus.ensighten.com/citi/na_prod/code/ 157 KB
34 KB 17ms
16ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/f21cacf863be4d08be1919c31c663fb2.js?conditionId0=421908
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2a606181ce3e676fd43d0ac59e85d5c54712206b5c0b0c601a4c2d1b805591b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 15:47:14 GMT
server: nginx
etag: W/"62447b82-275e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 51aba9f62787efbaa13e53a8d1ae3892.js Show response
nexus.ensighten.com/citi/na_prod/code/ 1 KB
838 B 22ms
21ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 17:19:01 GMT
server: nginx
etag: W/"612e6485-52a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 97f151a55ab83884e065fc2981f95b45.js Show response
nexus.ensighten.com/citi/na_prod/code/ 137 KB
38 KB 25ms
24ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/97f151a55ab83884e065fc2981f95b45.js?conditionId0=486757
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f9fbde0b84952eac454f8630061c044338c6de9804c9deceedd280138ef52dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:44:34 GMT
server: nginx
etag: W/"62586b92-22583"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 3208fd9f0f76f390e3b95afee618c0da.js Show response
nexus.ensighten.com/citi/na_prod/code/ 39 KB
8 KB 31ms
30ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/3208fd9f0f76f390e3b95afee618c0da.js?conditionId0=467299
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a78d98e1c595c4d981f9f915c3466e6a031c3d9bb5b75fc1f210516fe6c22263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:44:34 GMT
server: nginx
etag: W/"62586b92-9b61"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 7ms
7ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=citiData%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=3183206&did=542251&errorName=ReferenceError
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 18 Apr 2022 01:05:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
38 KB 89ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5846dcb105dd364250873dfae29adc3eeed9bf005585e1dd5872d593ec0f0b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38137
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 97ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd9882dfede3076583d89a9dae769051a4794fb34837c79176c10a9c9d48705a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38133
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:45 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 114ms
15ms Script
application/x-javascript 2600:9000:224a:4c00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/3208fd9f0f76f390e3b95afee618c0da.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 00:59:06 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 00:58:56 GMT
server: Jetty(9.3.29.v20201019)
age: 399
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-P1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: iD3ycAoben3Ymixeg1u8PdNAgVZJClmJtDhivibHxLimSg3e5ZP59Q==
expires: Mon, 18 Apr 2022 01:59:06 GMT

GET
H/1.1 200
OK ca.html Show response
20766699p.rfihub.com/ Frame A8F5 118 B
705 B 382ms
27ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20766699p.rfihub.com/ca.html?ver=9&ra=1941&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&pf=&ra=34929124073103157
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76

Request headers

Referer: https://dobrocred.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 118
Content-Type: text/html;charset=utf-8
Date: Mon, 18 Apr 2022 01:05:46 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 59ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c45d662ab1e42f9a6ad694125406cbe3781bf3bbba39f2f6736c70490eb96b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38154
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 67ms
40ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e72132b479fe2fc32b2ffcc2a8efa78ef1814d4492b610fd3f06a46fae54d6cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38152
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 76ms
49ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6415812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60f144acd0bb44ee700194d36ca6f90d0c66ba10aadbcd30238c76bc53bec6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38156
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:46 GMT

GET
H2 200 crossdomain.html Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame F3F5 221 B
537 B 98ms
11ms Document
text/html 2600:9000:2315:e000:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:e000:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://dobrocred.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34565
content-length: 221
content-type: text/html
date: Sun, 17 Apr 2022 15:29:42 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-id: vPBNC33ErPGMiXoN2a30uQuFvFd3ko0GsXP88JcC92Sk7b7lR6zMhQ==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 7AB6 221 B
544 B 104ms
8ms Document
text/html 2600:9000:223f:5e00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://dobrocred.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8
content-length: 221
content-type: text/html
date: Mon, 18 Apr 2022 01:05:39 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id: plSIN8VWIcbPFpwL6nTItZ0ECodywmv2b9-myWGUTCZWb7L3loL3FA==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame A083 221 B
534 B 91ms
10ms Document
text/html 2600:9000:2250:6e00:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://dobrocred.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79235
content-length: 221
content-type: text/html
date: Sun, 17 Apr 2022 03:05:12 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id: _lvdUCPeb21ZuiQsucEjC4a0EJ1OdOuw0-T8l1PeA-4wTo3F68thzw==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront

GET cr.png
contents3.00110.citi.com/api/v1/ 0
0

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 335ms
102ms Preflight 67.202.32.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.32.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-32-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dobrocred.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://dobrocred.com.br
access-control-max-age: 5
content-length: 0
date: Mon, 18 Apr 2022 01:05:46 GMT
server: nginx

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
329 B 284ms
95ms XHR
text/plain 67.202.32.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/dpm_pixel_min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.32.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-32-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dobrocred.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://dobrocred.com.br
date: Mon, 18 Apr 2022 01:05:47 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 404 Interstate-Bold.ttf
dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 332ms
330ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/thanks.php
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:46 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Light.ttf
dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 0
0 297ms
297ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/thanks.php
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:46 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Bold.ttf
dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/ 0
0 322ms
322ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:46 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=41AB281426764854B99E4EB6E274D8A8&RedC=c.clarity.ms&MXFR=0ACBF24A65A565722D67E3C061A56B00
https://c.clarity.ms/c.gif?CtsSyncId=41AB281426764854B99E4EB6E274D8A8&MUID=0EBBFDC090066974204AEC4A918D6834

42 B
392 B

33ms
32ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=41AB281426764854B99E4EB6E274D8A8&MUID=0EBBFDC090066974204AEC4A918D6834
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/thanks.php
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:47 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 854F715E45074785A061AB9C3165179E Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=41AB281426764854B99E4EB6E274D8A8&MUID=0EBBFDC090066974204AEC4A918D6834
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame A083 3 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:2250:6e00:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.c81358859121583b7adf2ace89cb39f44.com
URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 19:12:15 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 21212
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: Xun72zt0fEhkBPe3IGdb5eFLT83GVD-uyTmOzSA5MieC2oc9n9JX5Q==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame F3F5 3 KB
3 KB 12ms
12ms Script
application/javascript 2600:9000:2315:e000:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:e000:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 17:38:15 GMT
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 26852
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: Mqh9BRlBixIKtqQetb0kG0ydOWYdBIoADyABNNGV2yWZQ0-aFKeZsw==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 7AB6 3 KB
3 KB 10ms
10ms Script
application/javascript 2600:9000:223f:5e00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.b406929acabac9b095f124c81bdfcf57f.com
URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 01:13:42 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 85925
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: RYaQM1M6x3mO2C3NGbxUnEBNCK2wVZqi3nWCk9bFDeqmuF63n1w3Aw==

GET
H2 404 Interstate-Light.woff
dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/ 0
0 274ms
273ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:47 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Bold.woff
dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/ 0
0 278ms
278ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:47 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Light.ttf
dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/ 0
0 298ms
298ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:47 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Bold.ttf
dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/ 0
0 304ms
304ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:47 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Light.woff
dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/ 0
0 289ms
288ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:47 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Interstate-Light.ttf
dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/ 0
0 291ms
284ms Font
text/html 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/cit/city.com/img/styles.a4a9307b7b034ca614a7.css
Origin: https://dobrocred.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:48 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dobrocred.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 embed.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 2 KB
1 KB 154ms
12ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5d1c26722742c44e62a4fbb4b67117d2587aa320f61784a27fea9d66d9f62b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 7ZFGbm5gfkxV.pQuBY8LWu5zWeTQ0IFs
content-encoding: gzip
etag: "a698e80bc62ebcae5d8ef95ef0d2804d"
age: 2336022
via: 1.1 varnish
x-cache: HIT
content-length: 675
x-amz-id-2: u1tZNaC/5T/pnBxInHESXg2tp+0XOzw+i+e+nLGUvcg0/fF1c1+TVdFHYPFKqoR+63eRSZLZFSI=
x-served-by: cache-hhn4073-HHN
last-modified: Fri, 25 Feb 2022 18:17:26 GMT
server: AmazonS3
x-timer: S1650243949.581288,VS0,VE0
date: Mon, 18 Apr 2022 01:05:48 GMT
vary: Accept-Encoding
x-amz-request-id: 1R98NRXW2SWENTVP
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 6

GET
H2 403 1560.js
cdn.pbbl.co/r/ 0
0 153ms
13ms Script
text/html 18.66.122.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/1560.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-116.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f535d9ab677c671bb9941499b923eb4046df0bb53ec631576f4b1c66790da612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42005
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:48 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 173ms
15ms Script
application/javascript 96.16.135.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-135-39.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Mon, 18 Apr 2022 01:05:48 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Mon, 25 Apr 2022 01:05:48 GMT

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame 084B 0
98 B 274ms
133ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/3208fd9f0f76f390e3b95afee618c0da.js?conditionId0=467299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dobrocred.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 18 Apr 2022 01:05:48 GMT
via: 1.1 google

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 56ms
55ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16AA897DEE2E4BB78524032BB85CB402 Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:48Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 18 Apr 2022 01:05:47 GMT
accept-ranges: bytes
content-length: 11347

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 148ms
15ms Script
application/javascript 2600:9000:225e:9200:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&comscore=true
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9200:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
age: 64435
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
date: Sun, 17 Apr 2022 07:11:54 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: peSjMC9ve8y4tvxypRq5-hB4AFbG-7AwOULhJwnPwmZjIJ_AYhS2lQ==

GET
H/1.1 200
OK /
d.agkn.com/pixel/9340/ 43 B
593 B 166ms
17ms Image
image/gif 52.29.167.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9340/?che=1416110135.8202765&abid=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.167.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 generic1642556755234.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 529 KB
88 KB 144ms
13ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b1b13a9bf37b3f15910d0b01bdfd90420f20445ac1cd4dcf296831d5df43c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: rSjn3UrYpUyqzJwJI83SrWd_Yi2yQGv5
content-encoding: gzip
etag: "23e4d609fe08b7a8c3e4f1da77c7f96c"
age: 43748
via: 1.1 varnish
x-cache: HIT
content-length: 89391
x-amz-id-2: BppJackUSJpEre86TnmxkD+kWQsSAFWiSkGFBqfXtx8z0Cf0ieLM3YtacxqKs9IYPvCsg6GOumQ=
x-served-by: cache-hhn4073-HHN
last-modified: Wed, 19 Jan 2022 01:45:56 GMT
server: AmazonS3
x-timer: S1650243949.581362,VS0,VE0
date: Mon, 18 Apr 2022 01:05:48 GMT
vary: Accept-Encoding
x-amz-request-id: D2EDCKHK63J3QP5T
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2

GET
H/1.1 200
OK check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B
content22.online.citi.com/fp/ Frame 4981 138 KB
0 740ms
61ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3226246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f416872676d65266a73623f436870676d65273030333230

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/tags.js(1).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: 5527618d41f91b6a
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 4981 81 B
0 731ms
53ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:49 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 4981 81 B
0 732ms
53ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:49 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099
content22.online.citi.com/fp/ Frame 9670 166 KB
0 708ms
54ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37302e2668716f773f4c616c77782468736f3d4c69667778266a7362753f4368706d6f6524687b623d4168726f6d65273232333030

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/tags.js(2).download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: 31f079b47db06ff4
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 9670 81 B
0 615ms
54ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:49 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 9670 81 B
0 615ms
57ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:49 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673
content22.online.citi.com/fp/ Frame 22E9 0
0

GET clear.png
content22.online.citi.com/fp/ Frame 22E9 0
0

GET cls_report
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 0
0

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
dobrocred.com.br/cit/city.com/img/ Frame 4981 396 KB
155 KB 142ms
141ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:48 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
dobrocred.com.br/cit/city.com/img/ Frame 9670 396 KB
155 KB 143ms
142ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:48 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
dobrocred.com.br/cit/city.com/img/ Frame 22E9 396 KB
155 KB 280ms
280ms Script
application/javascript 216.172.172.133
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.133 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-172-133.unifiedlayer.com
Software: Apache /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/cit/city.com/thanks.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:48 GMT
content-encoding: gzip
last-modified: Sun, 13 Mar 2022 14:08:28 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 204 16003743.js Show response
bat.bing.com/p/action/ 0
120 B 212ms
211ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16003743.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C6ABAC889E174E2F93381DC72FD37B78 Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:48Z
date: Mon, 18 Apr 2022 01:05:47 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
121 B 88ms
88ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=8e46ad1b-12f7-4818-ae7e-354517b58adf&sid=aef07df0beb311ec9bbe4d529e5dc406&vid=aef0e4b0beb311ecbd974da7b8cd686f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&p=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&r=&lt=4820&evt=pageLoad&msclkid=N&sv=1&rn=723858

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0EC516053AA1475287E54BFA84B99BE7 Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:48Z
date: Mon, 18 Apr 2022 01:05:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
164 B 51ms
51ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F56EF22CD38497B9A3ADA8A938DC187 Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:48Z
date: Mon, 18 Apr 2022 01:05:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 16001692.js Show response
bat.bing.com/p/action/ 843 B
847 B 143ms
143ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16001692.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

967a765de5c8723590db8b187db737a6779d0fd6e6c21bab393d93d0996439f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2751E7042AB84C1C95809807E00282C4 Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:48Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
date: Mon, 18 Apr 2022 01:05:47 GMT
content-length: 662

GET
H2 204 0
bat.bing.com/action/ 0
121 B 58ms
58ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=18a4bbce-23c7-453f-a33f-e3114d7ec69c&sid=aef07df0beb311ec9bbe4d529e5dc406&vid=aef0e4b0beb311ecbd974da7b8cd686f&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&p=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&r=&lt=4820&evt=pageLoad&msclkid=N&sv=1&rn=184629

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41E18D273DAC4D46B9A1414B5452BC5E Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:48Z
date: Mon, 18 Apr 2022 01:05:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 46ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CAD36584ACDA488CA91A70C1890A1582 Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:48Z
date: Mon, 18 Apr 2022 01:05:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 75ms
35ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/js(7)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 01:05:48 GMT

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 96ms
95ms Preflight 67.202.32.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.32.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-32-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dobrocred.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://dobrocred.com.br
access-control-max-age: 5
content-length: 0
date: Mon, 18 Apr 2022 01:05:48 GMT
server: nginx

POST
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
328 B 104ms
102ms XHR
text/plain 67.202.32.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: dobrocred.com.br
URL: https://dobrocred.com.br/cit/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.32.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-32-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://dobrocred.com.br
date: Mon, 18 Apr 2022 01:05:48 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK 63068
stags.bluekai.com/site/ Frame F99B 71 B
338 B 254ms
170ms Document
text/html 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=bankappstatus&phint=productID&phint=__bk_t%3Dlet%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&phint=__bk_v%3D3.1.10&limit=10&r=9474060
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://dobrocred.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

BK-Server: 81a1
Connection: keep-alive
Content-Length: 71
Content-Type: text/html
Date: Mon, 18 Apr 2022 01:05:48 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
X-N: S

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 66ms
13ms Script
application/javascript 151.101.1.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 656862
via: 1.1 varnish
x-cache: HIT
content-length: 5197
x-amz-id-2: RylQkz7yNKmPIlZy3lmqZfcB/6zzIHmRGidbWhV8FVsSMejr2NR2Y+QX9+AvedsG/42jv5mFxGc=
x-served-by: cache-hhn4082-HHN
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1650243949.806790,VS0,VE0
date: Mon, 18 Apr 2022 01:05:48 GMT
vary: Accept-Encoding
x-amz-request-id: 9EMFXSFF0V4BTGCE
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 21693

GET
H2 200 c.gif
c.clarity.ms/ 42 B
104 B 41ms
41ms Image
image/gif 52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/16001692.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:48 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ 2 KB
1 KB 328ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1650243948839&cv=9&fst=1650243948839&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ 2 KB
2 KB 322ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1650243948842&cv=9&fst=1650243948842&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ 2 KB
1 KB 324ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1650243948843&cv=9&fst=1650243948843&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ 2 KB
1 KB 321ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1650243948844&cv=9&fst=1650243948844&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ 0
0

GET __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
0

GET
H/1.1 200
OK Primary Request login Show response
www.citi.com/ 230 KB
51 KB 81ms
54ms Document
text/html 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

206172e20cec834555deffe72940032d8a4b08efcb032a6d6b44e9a953e9258e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dobrocred.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 50987
Content-Type: text/html;charset=utf-8
Date: Mon, 18 Apr 2022 01:05:49 GMT
Dclocation: SW1DMS
ETag: W/"39971-l2kQjIGB6EZ1OJjuxjEyEV6cdZQ"
Expires: Mon, 18 Apr 2022 01:05:49 GMT
Nonce: 2631084876619155
Pragma: no-cache
Scope: VISITOR
Server: nginx
Sid: f9541b92-7d09-47e0-9f60-08799a09214b
Strict-Transport-Security: max-age=31536000 ; includeSubDomains max-age=31536000; includeSubDomains
Uuid: d05ce9ec-7775-46f2-aebe-3d1121569921
Vary: Accept-Encoding
X-Akamai-CITISITE: SWDC
X-Akamai-Transformed: 9 - 0 pmb=mTOE,1
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: 93006e40-ad60-4b15-685c-e44297fd8220
X-Xss-Protection: 1; mode=block
x-robots-tag: noindex, nofollow

GET
H3 200 /
www.google.com/pagead/1p-user-list/960621875/ 0
0 57ms
56ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960621875/?random=1650243948842&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=1990808982&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/960621875/ 0
0

GET /
www.google.com/pagead/1p-user-list/644574043/ 0
0

GET /
www.google.de/pagead/1p-user-list/644574043/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/975701947/ 0
0 47ms
38ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975701947/?random=1650243948843&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=3410084227&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/975701947/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/916451471/ 0
0 42ms
37ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/916451471/?random=1650243948839&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=3998814196&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dobrocred.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:05:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/916451471/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 1 KB
1 KB 645ms
645ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-129-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77486b3524e2cc2e6ca8507bee13b0cdf295cdd257144e74128405acddde0ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 733
X-Ion-Hop: Prod
Expires: 0

GET
H/1.1 200
OK tagging.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 44 KB
11 KB 43ms
21ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/tagging.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

128defd3bfdeec3c42be684416639fce585957cf89b179142dc238adf88aa1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10444
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 2deeb1b8-afa0-4215-5f24-bc1cc8380efb
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"ae7e-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK banner.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 19 KB
6 KB 37ms
15ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b7f2f1e03a298672d8b5b5a660f62e85aaf15c530d16015d909d3c737dd93a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 5354
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 7e2cb390-4825-4a1d-740d-b864aaca9ab6
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"4ba5-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 74 KB
75 KB 40ms
18ms Font
font/woff 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/login
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Sid: 95c08f02-9bc9-4612-b3d8-e3866488abc6
Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 6935854116303677
Connection: keep-alive
Content-Length: 75538
X-Xss-Protection: 1; mode=block
Uuid: db4cdec4-efb8-47fc-b529-2086df599558
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
Cache-Control: public, no-transform, max-age=21600
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 8b4a58ce-e614-447c-7392-adb0bbc7386b
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Scope: VISITOR
Access-Control-Allow-Credentials: true
ETag: W/"12712-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Dclocation: GT1DMS
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 70 KB
71 KB 37ms
15ms Font
font/woff 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/login
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Sid: 328668c1-9e12-469d-94e8-fb90666166ce
Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 5679952961898217
Connection: keep-alive
Content-Length: 71874
X-Xss-Protection: 1; mode=block
Uuid: a0449d3c-6e02-4cd3-a75f-b70eb63089a9
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
Cache-Control: public, no-transform, max-age=21600
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: e134b625-1412-4823-6a54-66fb2f24c195
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Scope: VISITOR
Access-Control-Allow-Credentials: true
ETag: W/"118c2-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Dclocation: GT1DMS
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 77 KB
78 KB 65ms
27ms Font
font/woff 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/login
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Sid: a5b556da-4e46-45e0-bc89-451788088ef0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 8963332636484228
Connection: keep-alive
Content-Length: 78762
X-Xss-Protection: 1; mode=block
Uuid: 5853054b-6eb4-4570-bb34-13523b477760
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
Cache-Control: public, no-transform, max-age=21600
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 025f2f48-4195-42ac-5729-df0c9e55c0ea
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Scope: VISITOR
Access-Control-Allow-Credentials: true
ETag: W/"133aa-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Dclocation: GT1DMS
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK styles.1d00953e53326acce2ab.css
www.citi.com/cbol-pre-login-static-assets/ 1 MB
153 KB 70ms
50ms Stylesheet
text/css 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/styles.1d00953e53326acce2ab.css

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

895cf129cc2645aaa6c18973d5db4d59c9b07121d958b71269f41055ea7dc69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 155580
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:57:07 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 74d13147-f32d-4223-587a-312f3e0ac915
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"148e30-18002cffdb8"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK tags.js Show response
content22.online.citi.com/fp/ 87 KB
12 KB 18ms
18ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&allow_reprofile=1&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

babe60f8a568bcfa4f233de14b86ccc47e7f4575ccd0176f49cc012c7b16f905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK fp.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 19 KB
6 KB 20ms
20ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4844
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 77e88540-50d2-4414-55f2-b75db2ff4fff
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"4de4-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK runtime-es2015.77d71c0ed6a02cf73437.js Show response
www.citi.com/cbol-pre-login-static-assets/ 2 KB
2 KB 74ms
28ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/runtime-es2015.77d71c0ed6a02cf73437.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7ff84eaeb73b55c585954d9c067f6d58b2631393b403105bccb0179fcbf45260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/login
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1208
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 346b1ebe-b70f-4299-4b0e-d6e8c8c35f5a
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"93d-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK polyfills-es2015.970d5fb01982acf05605.js Show response
www.citi.com/cbol-pre-login-static-assets/ 175 KB
60 KB 98ms
31ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/polyfills-es2015.970d5fb01982acf05605.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b5b69e04ac1707d00de631bf43e342bdce12e0cd30b9ccd68c511a3b33d3f888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/login
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 60496
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:56:39 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 417480f8-0daa-4df7-505b-0821e9c446ab
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"2bab1-18002cf9058"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK scripts.ccc73c512668b4e837d7.js Show response
www.citi.com/cbol-pre-login-static-assets/ 49 KB
14 KB 19ms
18ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/scripts.ccc73c512668b4e837d7.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 13454
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 424bf7ca-b3b4-4cb2-79e4-3844ebf252e1
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"c4c8-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK main-es2015.00779eb043c420b8efd3.js Show response
www.citi.com/cbol-pre-login-static-assets/ 3 MB
673 KB 111ms
37ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/main-es2015.00779eb043c420b8efd3.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

42c0c119e9e9058cda33545db71f292840f470f9cc817ab2b47df0f1178679b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/login
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 687553
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:57:07 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:49 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: f4d8b0f0-1fb4-4645-5adb-211f6471395b
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"3074ef-18002cffdb8"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:49 GMT

GET
H/1.1 200
OK 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 258 KB
145 KB 341ms
336ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q
Requested by: Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-129-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2aaa3673fc69a7eb3950060729e977a8d3540e1e22d8c0e82afd2f503f8c4906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: public, max-age=3600, immutable
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Access-Control-Allow-Credentials: true
X-Ion-Hop: Prod

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/citi/na_prod/ 230 KB
70 KB 20ms
20ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7abc821719bde6469f938ceb1d46f94060ab8cee449832a420876df7eee63a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:50 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 19:00:15 GMT
server: nginx
etag: W/"62586f3f-397de"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1 200
OK snare.js Show response
mpsnare.iesnare.com/ 38 KB
13 KB 192ms
34ms Script
text/javascript 54.195.39.4

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/snare.js?_=4626316943932578

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.39.4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4b12fddc6e3d5f34ac92cbb3da22ca764525e59dd61722579fb4819845e7eca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:51 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H/1.1 200
OK jamp-spinner-2x.gif
www.citi.com/cbol-pre-login-static-assets/commonui-assets/images/ 36 KB
37 KB 30ms
18ms Image
image/gif 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/images/jamp-spinner-2x.gif

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

79206ccd37edbafc46266406417abb5be984a5d0fb9f38e693d67b6d30cba8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 36855
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 8677b852-fbb0-4db4-66b5-741ff3cb993f
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"8ff7-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK brandingMap.json Show response
www.citi.com/CBOL/IA/Angular/Branding/preLoginBranding/ 260 B
978 B 19ms
18ms XHR
text/plain 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/CBOL/IA/Angular/Branding/preLoginBranding/brandingMap.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

07927093cc6c291ef8c844c2a4f7815821dc71393d60dd8464a8f7070de009a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

client_id: 4a51fb19-a1a7-4247-bc7e-18aa56dd1c40
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
Accept: application/json
channelId: CBOL
Referer: https://www.citi.com/login
countryCode: US
businessCode: GCB
appVersion: CBOL-ANGS-2022-03-01

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 157
Last-Modified: Wed, 02 Mar 2022 04:00:22 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK 1-es2015.0eedb59ed8dea10c1aea.js Show response
www.citi.com/cbol-pre-login-static-assets/ 793 KB
124 KB 29ms
28ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/1-es2015.0eedb59ed8dea10c1aea.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/runtime-es2015.77d71c0ed6a02cf73437.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a7c31efbe0fd145701b3a4d9d407c3d7a0b2589fe03e76a57159478c2f80770c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 125302
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:56:32 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 28f3645f-3442-4d80-7ca2-da273b43080b
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"c65b0-18002cf7500"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1650243951221
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1650243951221

363 B
1 KB

46ms
46ms

XHR
application/json

52.213.194.249

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1650243951221

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Server

52.213.194.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

3932cc3da98b8d60a76995427dcbc56d199622ef5cbb86f96ef02269157c4cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v031-0cf28f2d1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: M5yg6K8sTZM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.citi.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v031-08ace46bf.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.citi.com
X-TID: D4btrwKsQXA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1650243951221
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citi/na_prod/ 2 KB
909 B 43ms
42ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Apr%2014%2019:00:13%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Fwww.citi.com%2Flogin
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44d51f79625071a0932e53718697618a5316b5f5e49757ff19fb468819e26e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 18 Apr 2022 01:05:50 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/script/ 96 B
610 B 41ms
40ms Script
text/javascript 54.195.39.4

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js?_=4626316943932578

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.39.4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

78950385487b0215bf4315c45ac8f63d1902c76518fe8a1744594d332d3c47cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Tue, 18 Apr 2023 01:05:51 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK tags.js Show response
content22.online.citi.com/fp/ 87 KB
12 KB 21ms
21ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&allow_reprofile=1&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94

Requested by

Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/main-es2015.00779eb043c420b8efd3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3d93d98cff692424fbe55a836f5866307b6fd4077d250c9e1d51d3f21f152528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cbol_fuip Show response
www.citi.com/gcgapi/prod/public/v1/config/subApplicationID/ 392 B
2 KB 309ms
308ms XHR
application/json 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/gcgapi/prod/public/v1/config/subApplicationID/cbol_fuip

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

927c1267da41ddfe58361d79a5a203b8662854f49eeb8d2a6eea8180d8a2723d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

client_id: 4a51fb19-a1a7-4247-bc7e-18aa56dd1c40
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
Accept: application/json
channelId: CBOL
Referer: https://www.citi.com/login
countryCode: US
businessCode: GCB
appVersion: CBOL-ANGS-2022-03-01

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Route-Target: DEFAULT:DEFAULT
Citiuuid: f29235ac-cb7a-4683-9477-ce7463120f2a7801479
router-host: api.citi.com
X-Global-Transaction-ID: 126374ce625cb96f992e67ad
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 232
X-Xss-Protection: 1; mode=block
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: max-age=10, public
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId

GET
H/1.1 200
OK cbol_lite_signon_ngadeepdrop.json Show response
www.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/ 90 KB
13 KB 35ms
34ms XHR
application/json 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/cbol_lite_signon_ngadeepdrop.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

0947b665008d1eeed81b209ac4e4201375e43a05096311b2762edafa09b332fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

client_id: 4a51fb19-a1a7-4247-bc7e-18aa56dd1c40
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
Accept: application/json
channelId: CBOL
Referer: https://www.citi.com/login
countryCode: US
businessCode: GCB
appVersion: CBOL-ANGS-2022-03-01

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Route-Target: DEFAULT:DEFAULT
Citiuuid: bbbf2a7d-0cdc-4408-9359-0892762b743e7801488
X-Global-Transaction-ID: 2b769208625cb6ff16c65a5d
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12571
X-Xss-Protection: 1; mode=block
X-Akamai-CITISITE: SWDC
X-Frame-Options: DENY
ETag: "049e3a2b4cbba61cf926cc17b67d284b3"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID,action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Date: Mon, 18 Apr 2022 01:05:51 GMT

GET
H2 204 perf.rnc
nexus.ensighten.com/citi/na_prod/ 0
106 B 12ms
11ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/citi/na_prod/perf.rnc?cid=1129&ns=1650243949047&ce=110&cs=83&dc=0&dclee=2168&dcles=2133&di=1998&dl=199&dle=83&dls=83&fs=79&lee=0&les=0&rede=0&reds=0&reqs=111&resps=164&respe=197&scs=91&ues=0&uee=0
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 18 Apr 2022 01:05:50 GMT

GET
H2 200 fdf45a7c15c1cee06bb71e10dac4e26e.js Show response
nexus.ensighten.com/citi/na_prod/code/ 989 B
1 KB 12ms
10ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
last-modified: Tue, 14 May 2019 17:01:42 GMT
server: nginx
etag: "5cdaf476-3dd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 989

GET
H2 200 d90ce1a791ada193ee0ca4e9ce66632d.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
1 KB 25ms
23ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/d90ce1a791ada193ee0ca4e9ce66632d.js?conditionId0=4905849&conditionId1=491868
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:41:47 GMT
server: nginx
etag: W/"611c02eb-12f1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 da6191c2b2959a15b37bb1f025a35ecd.js Show response
nexus.ensighten.com/citi/na_prod/code/ 5 KB
2 KB 11ms
9ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:19:28 GMT
server: nginx
etag: W/"621e63b0-12ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 557566dc60916e3de69e006bef252459.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
952 B 11ms
9ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:59:12 GMT
server: nginx
etag: W/"5d656160-887"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 d74f82b561a6aa5d9247eaf72394131a.js Show response
nexus.ensighten.com/citi/na_prod/code/ 2 KB
862 B 24ms
23ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/d74f82b561a6aa5d9247eaf72394131a.js?conditionId0=480881
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 17:36:41 GMT
server: nginx
etag: W/"61a66129-631"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 f21cacf863be4d08be1919c31c663fb2.js Show response
nexus.ensighten.com/citi/na_prod/code/ 157 KB
34 KB 12ms
10ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/f21cacf863be4d08be1919c31c663fb2.js?conditionId0=421908
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2a606181ce3e676fd43d0ac59e85d5c54712206b5c0b0c601a4c2d1b805591b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 15:47:14 GMT
server: nginx
etag: W/"62447b82-275e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 51aba9f62787efbaa13e53a8d1ae3892.js Show response
nexus.ensighten.com/citi/na_prod/code/ 1 KB
838 B 13ms
12ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 17:19:01 GMT
server: nginx
etag: W/"612e6485-52a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 468b3e37a21c4198f4939c8aaca98066.js Show response
nexus.ensighten.com/citi/na_prod/code/ 1 KB
850 B 23ms
22ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/468b3e37a21c4198f4939c8aaca98066.js?conditionId0=4854834
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 17:28:43 GMT
server: nginx
etag: W/"615f2e4b-5c5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 97f151a55ab83884e065fc2981f95b45.js Show response
nexus.ensighten.com/citi/na_prod/code/ 137 KB
38 KB 21ms
20ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/97f151a55ab83884e065fc2981f95b45.js?conditionId0=486757
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f9fbde0b84952eac454f8630061c044338c6de9804c9deceedd280138ef52dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:44:34 GMT
server: nginx
etag: W/"62586b92-22583"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 3208fd9f0f76f390e3b95afee618c0da.js Show response
nexus.ensighten.com/citi/na_prod/code/ 39 KB
8 KB 23ms
20ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/3208fd9f0f76f390e3b95afee618c0da.js?conditionId0=467299
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a78d98e1c595c4d981f9f915c3466e6a031c3d9bb5b75fc1f210516fe6c22263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:44:34 GMT
server: nginx
etag: W/"62586b92-9b61"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js Show response
nexus.ensighten.com/citi/na_prod/code/ 396 KB
121 KB 29ms
27ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/96e0eb995483e83e7b3f71968eedeed1.js?conditionId0=3013337
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 19:45:13 GMT
server: nginx
etag: W/"61940a49-63067"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 8e31a20960f50a1c34f7ccb1cd9737ec.js Show response
nexus.ensighten.com/citi/na_prod/code/ 340 B
522 B 22ms
20ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/8e31a20960f50a1c34f7ccb1cd9737ec.js?conditionId0=4906371
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
last-modified: Tue, 14 Dec 2021 18:06:26 GMT
server: nginx
etag: "61b8dd22-154"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 340

GET
H2 200 3fac67bbed26d3e121bb84cefe395515.js Show response
nexus.ensighten.com/citi/na_prod/code/ 4 KB
1 KB 60ms
60ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/3fac67bbed26d3e121bb84cefe395515.js?conditionId0=455897
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 18:06:26 GMT
server: nginx
etag: W/"61b8dd22-fe5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/cds-assets/fonts/interstate/ 74 KB
75 KB 25ms
25ms Font
font/woff 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/cds-assets/fonts/interstate/Interstate-Light.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/styles.1d00953e53326acce2ab.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/cbol-pre-login-static-assets/styles.1d00953e53326acce2ab.css
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Sid: 9c0aca88-b064-4ed1-8649-b8eb150aadf6
Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 7342422931799504
Connection: keep-alive
Content-Length: 75538
X-Xss-Protection: 1; mode=block
Uuid: 75a9012c-a858-4325-9a86-0024d454f6e0
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
Cache-Control: public, no-transform, max-age=21600
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 4c0b278b-31ca-468e-79c0-b76bb82960a0
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Scope: VISITOR
Access-Control-Allow-Credentials: true
ETag: W/"12712-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Dclocation: GT1DMS
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268858

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3463269a9c7b40f9b1ad0267081dc8b1f7356baf3c19377253f499eb1d6ac091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38131
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6260004

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6529697f8aee06a6403774711a28d2ba6873ebcc41bbf2ae0a1ce4318075eb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38132
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c45d662ab1e42f9a6ad694125406cbe3781bf3bbba39f2f6736c70490eb96b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38154
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

617d716b69a6ed168faa6740c05c2699cd8c62b9ac553709c5bd8c7de0c672eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38155
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6415812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6260004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60f144acd0bb44ee700194d36ca6f90d0c66ba10aadbcd30238c76bc53bec6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38156
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:51 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 15ms
14ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2532573&did=551970&errorName=ReferenceError
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 18 Apr 2022 01:05:50 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 16ms
15ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2670712&did=571630&errorName=ReferenceError
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 18 Apr 2022 01:05:50 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 15ms
15ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2670634&did=572752&errorName=ReferenceError
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 18 Apr 2022 01:05:50 GMT

GET
H/1.1 200
OK dest5.html Show response
citi.demdex.net/ Frame DAE9 7 KB
3 KB 272ms
75ms Document
text/html 34.252.147.157

General

Check archive.org

Show headers Download Go to

Full URL

https://citi.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.147.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v031-002176b17.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: oylIawLeTo4=
content-encoding: gzip
date: Mon, 18 Apr 2022 01:05:51 GMT
last-modified: Wed, 13 Apr 2022 14:59:54 GMT
vary: accept-encoding

GET
H2 200 id Show response
metrics1.citi.com/ 89 B
672 B 181ms
32ms XHR
application/x-javascript 15.188.95.229

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&mid=81051648146435906742027070816532390528&ts=1650243951570

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 -, , ASN (),

Reverse DNS

Software

jag /

Resource Hash

5c05a0ddd9ae6b65e920c88e3f59249759ded65189fccfd1aa78967432817bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b6f4bb9f7-gjglm
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.citi.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 89
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yly5bwAAAKFTIQQE
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=87799943040237116651549801304755493667
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yly5bwAAAKFTIQQE

42 B
945 B

53ms
53ms

Image
image/gif

52.213.194.249

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yly5bwAAAKFTIQQE

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Server

52.213.194.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-08173123b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: SV6ugyjWQLo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yly5bwAAAKFTIQQE
Date: Mon, 18 Apr 2022 01:05:51 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

OPTIONS
H2 200 tagging_transformation_login_with_redirect.json
online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/ Frame 0
0 158ms
143ms Preflight 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation_login_with_redirect.json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept: */*
Access-Control-Request-Headers: appversion,client_id
Access-Control-Request-Method: GET
Origin: https://www.citi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,AMWResponse,action,challengeType,TMXSessionId,tenantName,TMXDigitalApplicationType,accessToken,familyIndicator,Otpid,deviceId,subscriberId,CitiProfOnly,digitalApplicationType,environmentId,BioCatchSessionId,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,tenantId,appid,X-Akamai-CITISITE,Dclocation,Uuid,appVersion,devicemodelname,kore-token,x-ts-client-version,stateToken
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: https://www.citi.com
access-control-expose-headers: Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,AMWResponse,action,challengeType,TMXSessionId,tenantName,TMXDigitalApplicationType,accessToken,familyIndicator,Otpid,deviceId,subscriberId,CitiProfOnly,digitalApplicationType,environmentId,BioCatchSessionId,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,tenantId,appid,X-Akamai-CITISITE,Dclocation,Uuid,appVersion,devicemodelname,kore-token,x-ts-client-version,stateToken
cache-control: max-age=21600
content-encoding: gzip
content-length: 0
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
date: Mon, 18 Apr 2022 01:05:51 GMT
vary: Accept-Encoding
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK cedric.js Show response
www.citi.com/cbol-pre-login-static-assets/cbol-core-assets/cedric/ 602 KB
113 KB 29ms
28ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/cbol-core-assets/cedric/cedric.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/main-es2015.00779eb043c420b8efd3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 114765
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 5877a863-2e75-4959-6cef-5c872be2c1d4
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"96983-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1

200
OK

cbol404.htm Show response
www.citi.com/redirect/
Redirect Chain

https://www.citi.com/gcgapi/prod/public/v1/prelogin/e2eConfig/client/cbol
https://www.citi.com/redirect/cbol404.htm

0
440 B

140ms
140ms

XHR
text/html

96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/redirect/cbol404.htm
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: HTTP/1.1
Server: 96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-129-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 17:17:27 GMT
ETag: "e02e8-0-5b259c13717c0"
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20
X-Akamai-Transformed: 9 20 0 pmb=mTOE,1

Redirect headers

Location: /redirect/cbol404.htm
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK fntc_USCBOL.json Show response
www.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/ 3 KB
2 KB 18ms
17ms XHR
application/json 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/fntc_USCBOL.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

26310c56bc9d8552115985a28d506194f726880006b9d84409177773036e419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

client_id: 4a51fb19-a1a7-4247-bc7e-18aa56dd1c40
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
Accept: application/json
channelId: CBOL
Referer: https://www.citi.com/login
countryCode: US
businessCode: GCB
appVersion: CBOL-ANGS-2022-03-01

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Route-Target: DEFAULT:DEFAULT
Citiuuid: b18cb0f4-c474-4782-8558-70a3b698599c7801438
router-host: api.citi.com
X-Global-Transaction-ID: 98b6a370625cb4d8cb381f0d
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1278
X-Xss-Protection: 1; mode=block
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
ETag: "078e8aee32b1d2901436202a38a94e153"
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID,action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Date: Mon, 18 Apr 2022 01:05:51 GMT

GET
H/1.1 200
OK tags.js Show response
content22.online.citi.com/fp/ 87 KB
12 KB 18ms
17ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&allow_reprofile=1&session_id=e5e5b48fff553aff5649b7a2c432d8a93ad7b57fb9b59e2e2601618966a3b565

Requested by

Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/main-es2015.00779eb043c420b8efd3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

96b9abc2f2d4bed897010e396f7616a976406d9cf549bb83073d0bb10cc7bdf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=97
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tagging_transformation_login_with_redirect.json Show response
online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/ 18 KB
5 KB 18ms
17ms XHR
application/json 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation_login_with_redirect.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

efd499dde40eb337e8a3ba1ac8ce81b0f9bbd45caad9bc765578d7d7ce28ad47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

appVersion: CBOLV1.0.0
Referer: https://www.citi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
client_id: 4a51fb19-a1a7-4247-bc7e-18aa56dd1c40

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-route-target: DEFAULT:DEFAULT
x-global-transaction-id: 6e68aa42625cb81bfc2bf4ff
dclocation: GT1DMS
vary: Accept-Encoding
content-length: 2731
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-akamai-citisite: GTDC
x-frame-options: DENY
date: Mon, 18 Apr 2022 01:05:51 GMT
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD,GET,POST,PUT,DELETE
content-type: application/json
access-control-allow-origin: https://www.citi.com
access-control-expose-headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID,action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,AMWResponse,action,challengeType,TMXSessionId,tenantName,TMXDigitalApplicationType,accessToken,familyIndicator,Otpid,deviceId,subscriberId,CitiProfOnly,digitalApplicationType,environmentId,BioCatchSessionId,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,tenantId,appid,X-Akamai-CITISITE,Dclocation,Uuid,appVersion,devicemodelname,kore-token,x-ts-client-version,stateToken
cache-control: public, max-age=21600
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId,Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,AMWResponse,action,challengeType,TMXSessionId,tenantName,TMXDigitalApplicationType,accessToken,familyIndicator,Otpid,deviceId,subscriberId,CitiProfOnly,digitalApplicationType,environmentId,BioCatchSessionId,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,tenantId,appid,X-Akamai-CITISITE,Dclocation,Uuid,appVersion,devicemodelname,kore-token,x-ts-client-version,stateToken
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 82ms
35ms Script
application/javascript 2001:4de0:ac18::1:a:3a

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/1-es2015.0eedb59ed8dea10c1aea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.citi.com/
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d84"
vary: Accept-Encoding
x-hw: 1650243951.dop237.am5.t,1650243951.cds233.am5.hn,1650243951.cds312.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H/1.1 200
OK xmsdk.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/js/ 1 MB
305 KB 17ms
17ms Script
application/javascript 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/js/xmsdk.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/1-es2015.0eedb59ed8dea10c1aea.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 310855
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 51b07172-88c2-4993-5dab-187160001c64
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"145237-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK ssrnewBranding.json Show response
www.citi.com/CBOL/IA/Angular/Branding/ 48 KB
7 KB 21ms
20ms XHR
text/plain 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/CBOL/IA/Angular/Branding/ssrnewBranding.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

3e9b5af876698a354af4d7d7fdaecd9fa4a45ca78f6d7a838f72836679c698d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.citi.com/login
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 6090
Last-Modified: Wed, 16 Mar 2022 13:49:40 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK newLogosSSR.json Show response
www.citi.com/CBOL/IA/Angular/Branding/ 4 KB
1 KB 36ms
36ms XHR
text/plain 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/CBOL/IA/Angular/Branding/newLogosSSR.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

ab12750d996e84426be567f6a1e51c1e088a950fcd4ca92c465df10710da1de7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.citi.com/login
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 682
Last-Modified: Tue, 30 Nov 2021 04:24:54 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK ssrnewTopNavigationIA.json Show response
www.citi.com/CBOL/IA/Angular/Branding/ 48 KB
7 KB 26ms
26ms XHR
text/plain 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/CBOL/IA/Angular/Branding/ssrnewTopNavigationIA.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

860582858712ff8f0cc7c0d15a99ef0ee1df472e02fdbd7a5ddffa7f4d49aada

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.citi.com/login
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 5994
Last-Modified: Thu, 17 Mar 2022 23:08:04 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK right-white-chevi.svg
www.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 2 KB
2 KB 28ms
27ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/right-white-chevi.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6dae862525bc15cc9ca50bbdfcfa1eea606f15777a11047e5905d1cc34816d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Sid: 6d9bc618-ae3d-4fb9-a1f4-7441bbff78fe
Content-Encoding: gzip
ETag: W/"75b-18002ce6390"
Nonce: 1738275792394154
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Connection: keep-alive
Content-Length: 743
X-Xss-Protection: 1; mode=block
Uuid: c91f843f-8e42-4c8c-80f6-d97a30faee79
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
Cache-Control: public, no-transform, max-age=21600
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: b0ea7cf8-6957-4270-614e-3d73e7b6453c
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Scope: VISITOR
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
X-Content-Type-Options: nosniff
Dclocation: GT1DMS
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK search.svg
www.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/ 1 KB
2 KB 60ms
45ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/citi-branding-assets/images/search.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

390c36ad787c04f4acc3f3022a0bb787c9046941c5516d8412a85a959991e4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Sid: b293669c-6b51-468c-b625-307fc012618b
Content-Encoding: gzip
ETag: W/"590-18002ce6390"
Nonce: 6584874336293307
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Connection: keep-alive
Content-Length: 717
X-Xss-Protection: 1 ; mode=block
Uuid: e3456446-dca2-4537-a1f7-d5572d37a11c
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
Cache-Control: public, no-transform, max-age=21600
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: cf419884-9840-48b3-7de3-b595eb39475b
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Scope: VISITOR
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
X-Content-Type-Options: nosniff
Dclocation: GT1DMS
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H2 200 LSO_4959.jpg
online.citi.com/nga-lite-signon/ 171 KB
172 KB 36ms
36ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/nga-lite-signon/LSO_4959.jpg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:51 GMT
last-modified: Mon, 11 Jan 2021 11:55:43 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 174933
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK qrsignon-1.png
www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/ 964 B
2 KB 29ms
29ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b77f337d13fb0416c60878ca32e9e8f04e3df195ca40adbc4744c0c693b0abe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 964
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: image/png
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 0dd96dd4-715f-4690-7b5c-0430abd443aa
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"3c4-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK citilogoredesign.png
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
3 KB 47ms
42ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/citilogoredesign.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:38 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1799
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK 050-location2x.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
1 KB 49ms
39ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/050-location2x.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:39 GMT
X-Akamai-CITISITE: SWDC
ETag: "82bfb-6d8-5d1ff3031f7c0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 758
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK citiKT.svg
www.citi.com/CBOL/IA/Angular/assets/ 3 KB
2 KB 37ms
37ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/citiKT.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

a71478b73edbf42d39394c0e7916ed45e93e3c568d37670c9f943e18b916ea76

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:38 GMT
X-Akamai-CITISITE: SWDC
ETag: "42dd9-df9-5d1ff3022b580"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 1368
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK mail.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/mail.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

f405b8138a4d8c20d68c5f9edd97739b57a3bf21e46adc032dc11c6841fd975f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:36 GMT
X-Akamai-CITISITE: SWDC
ETag: "84567-6c9-5d1ff30043100"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 734
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK savings.svg
www.citi.com/CBOL/IA/Angular/assets/ 5 KB
3 KB 19ms
18ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/savings.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

cb5a59ed02cb332097bed4550e12438115663cb4fa2c3b616a509880167036cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:35 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 2134

GET
H/1.1 200
OK citi_bonus_offers.svg
www.citi.com/CBOL/IA/Angular/assets/ 4 KB
2 KB 17ms
17ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/citi_bonus_offers.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f7013f13882d7717716440ef4954cba246dd9cd6acff2776e5b6598c022bb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:38 GMT
X-Akamai-CITISITE: SWDC
ETag: "8369e-1134-5d1ff3022b580"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 1685
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK calculator.svg
www.citi.com/CBOL/IA/Angular/assets/ 3 KB
2 KB 14ms
14ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/calculator.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

304e34f343ccb0327ef9c168808b6723b7893399c3da5fcd85b808876768bd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:35 GMT
X-Akamai-CITISITE: SWDC
ETag: "47b21-a4e-5d1ff2ff4eec0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 1004
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK home.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
1 KB 15ms
14ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/home.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

0d176caf65545b79de3b90853b699bbe1d8f2c7512bffec29d7a8f09093f982f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:37 GMT
X-Akamai-CITISITE: SWDC
ETag: "42df4-8ed-5d1ff30137340"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 814
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK finDocument.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
1 KB 16ms
15ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/finDocument.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

59e58061a2c0854c141751e3c9e358b9d65623ea9b773265aceed3909d99e4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:37 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 927

GET
H/1.1 200
OK idea.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
1 KB 24ms
23ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/idea.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

b8e163ad0d939e9d2c2958a3d620cbcc72c2b8e5bc813b2dfe09a22b98fd4421

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:36 GMT
X-Akamai-CITISITE: SWDC
ETag: "8455e-9ab-5d1ff30043100"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 921
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK line-data.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
1 KB 18ms
17ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/line-data.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

f51cb148ce0f4f40893c289863293d286008c5c00e149fb7a158c3c9ba6f6dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:36 GMT
X-Akamai-CITISITE: SWDC
ETag: "400bb-866-5d1ff30043100"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 954
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK location-blue.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
1 KB 23ms
23ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/location-blue.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

836721a9e90235a2282bbb177a7787039a9c91c892623462f12c6b17ad03739a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:36 GMT
X-Akamai-CITISITE: SWDC
ETag: "84562-601-5d1ff30043100"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 823
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK profile-service.svg
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
2 KB 20ms
19ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/profile-service.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

ceb0d6fc665067fbcad0fdb8a8be4b39675a97d4182cdcdb8e9d31d78f14c88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 10:40:35 GMT
X-Akamai-CITISITE: SWDC
ETag: "42e0b-9ba-5d1ff2ff4eec0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Date: Mon, 18 Apr 2022 01:05:51 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 1172
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK phone.png
www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/ 10 KB
11 KB 18ms
17ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/phone.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 9873
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: image/png
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: da9fc417-3f5f-40c4-5f1f-eeae07618ea8
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"2691-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK qrsignon.png
www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/ 741 B
2 KB 17ms
16ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 741
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: image/png
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: c4b6934d-af61-4466-49cc-7b67caa8b583
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"2e5-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK laptop-and-phone-pairing.png
www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/ 3 KB
4 KB 19ms
18ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/laptop-and-phone-pairing.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 3044
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: image/png
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 07952f30-e3cf-45fb-75b1-285b8f6e7e9a
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"be4-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK laptop-and-phone-success.png
www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/ 2 KB
4 KB 15ms
15ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/partner-login/qr/images/laptop-and-phone-success.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2544
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: image/png
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: 5975e536-5ce4-45c3-7b92-7a920b152482
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Cache-Control: public, no-transform, max-age=21600
Access-Control-Allow-Credentials: true
ETag: W/"9f0-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 363 B
1 KB 99ms
48ms XHR
application/json 52.213.194.249

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=81051648146435906742027070816532390528&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%01312E5CB7C65D1E38-400008254593FF66&ts=1650243951803

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.194.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

ea3b67ffa6b4d741462ba79576ab7943192f113bdc9ac8fa3a052127a0be6b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.citi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v031-0d1e61c70.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: z4J50EqQQu4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.citi.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 305
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ssrnewbase.json Show response
www.citi.com/CBOL/IA/Angular/Branding/preLoginBranding/ 83 KB
11 KB 21ms
15ms XHR
text/plain 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/CBOL/IA/Angular/Branding/preLoginBranding/ssrnewbase.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

22516a506d658415c2f6feb400613ae241e28649497ee35c6d7823645c9415b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.citi.com/login
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 10040
Last-Modified: Mon, 14 Mar 2022 15:45:12 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK newLogos.json Show response
www.citi.com/CBOL/IA/Angular/Branding/ 4 KB
2 KB 29ms
22ms XHR
text/plain 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/CBOL/IA/Angular/Branding/newLogos.json

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

aa1ba78a6de5d98dd69a38689f6910e260927f78569487b635a97400150b40cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.citi.com/login
Accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 727
Last-Modified: Tue, 30 Nov 2021 04:23:51 GMT
X-Akamai-CITISITE: SWDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK icon_globe_med-grey2x.svg
www.citi.com/CBOL/IA/Angular/assets/ 3 KB
2 KB 72ms
71ms Image
image/svg+xml 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/icon_globe_med-grey2x.svg

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Connection: keep-alive
Content-Length: 1419
Last-Modified: Tue, 30 Nov 2021 10:40:36 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Accept-Ranges: bytes
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK EqualHousing.png
www.citi.com/CBOL/IA/Angular/assets/ 2 KB
2 KB 19ms
17ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/EqualHousing.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:35 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1606
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK googlePlay3x.png
www.citi.com/CBOL/IA/Angular/assets/ 24 KB
25 KB 38ms
36ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/googlePlay3x.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:37 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 25077
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK appStore3x.png
www.citi.com/CBOL/IA/Angular/assets/ 20 KB
20 KB 23ms
22ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/appStore3x.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:38 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 20047
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK social-media_facebook3x.png
www.citi.com/CBOL/IA/Angular/assets/ 445 B
1 KB 22ms
21ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/social-media_facebook3x.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:35 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 445
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK social-media_twitter3x.png
www.citi.com/CBOL/IA/Angular/assets/ 1 KB
2 KB 47ms
26ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/social-media_twitter3x.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:35 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1277
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK social-media_youtube3x.png
www.citi.com/CBOL/IA/Angular/assets/ 1 KB
2 KB 46ms
26ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/social-media_youtube3x.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:35 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1175
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK 320_Citi-PLT3x.png
www.citi.com/CBOL/IA/Angular/assets/ 11 KB
12 KB 21ms
21ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/320_Citi-PLT3x.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:39 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 11562
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK 1440_Citi-PLT3x.png
www.citi.com/CBOL/IA/Angular/assets/ 27 KB
28 KB 24ms
24ms Image
image/png 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.com/CBOL/IA/Angular/assets/1440_Citi-PLT3x.png

Requested by

Host: www.citi.com
URL: https://www.citi.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Last-Modified: Tue, 30 Nov 2021 10:40:39 GMT
X-Akamai-CITISITE: GTDC
Date: Mon, 18 Apr 2022 01:05:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-WebKit-CSP: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 28149
X-Content-Security-Policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/cds-assets/fonts/interstate/ 70 KB
71 KB 37ms
22ms Font
font/woff 96.16.129.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/cds-assets/fonts/interstate/Interstate-Bold.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/styles.1d00953e53326acce2ab.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.129.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/cbol-pre-login-static-assets/styles.1d00953e53326acce2ab.css
Origin: https://www.citi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Sid: bccce4cf-6816-458c-bd8e-99761cef0c9b
Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Nonce: 8450708935361537
Connection: keep-alive
Content-Length: 71874
X-Xss-Protection: 1; mode=block
Uuid: 043eb670-c0ac-4c05-810c-afffc90a5680
Last-Modified: Thu, 07 Apr 2022 06:55:22 GMT
Server: nginx
Cache-Control: public, no-transform, max-age=21600
X-Akamai-CITISITE: GTDC
X-Frame-Options: DENY
Date: Mon, 18 Apr 2022 01:05:51 GMT
Access-Control-Max-Age: 2147483647
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Content-Type: font/woff
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
X-Vcap-Request-Id: b5df490a-92e3-4878-5c06-5de0cd1c735b
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Scope: VISITOR
Access-Control-Allow-Credentials: true
ETag: W/"118c2-18002ce6390"
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Dclocation: GT1DMS
Expires: Mon, 18 Apr 2022 07:05:51 GMT

GET
BLOB 200
OK ecaf8264-708c-4866-bd50-0f7ebf1e7eb1
https://www.citi.com/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.citi.com/ecaf8264-708c-4866-bd50-0f7ebf1e7eb1
Requested by: Host: www.citi.com
URL: https://www.citi.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 165178

GET
H/1.1 200
OK check.js;CIS3SID=29CD655B94AD2391ABB266C945B71178
content22.online.citi.com/fp/ Frame F6C5 432 KB
76 KB 24ms
23ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&jb=37322426627b6d773f7766666566696c65662668736f3d756c666d6e696e6d6c246a7b62753f776e6465646b6c6766266a73623f7766666564696e656c273232756c66656e616c6766

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&allow_reprofile=1&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: c934bfe443513e67
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=96
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame F6C5 81 B
475 B 46ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame F6C5 81 B
475 B 47ms
15ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 2 KB
773 B 8ms
6ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 7ZFGbm5gfkxV.pQuBY8LWu5zWeTQ0IFs
content-encoding: gzip
etag: "a698e80bc62ebcae5d8ef95ef0d2804d"
age: 2336026
via: 1.1 varnish
x-cache: HIT
content-length: 675
x-amz-id-2: u1tZNaC/5T/pnBxInHESXg2tp+0XOzw+i+e+nLGUvcg0/fF1c1+TVdFHYPFKqoR+63eRSZLZFSI=
x-served-by: cache-hhn4073-HHN
last-modified: Fri, 25 Feb 2022 18:17:26 GMT
server: AmazonS3
x-timer: S1650243953.508275,VS0,VE0
date: Mon, 18 Apr 2022 01:05:52 GMT
vary: Accept-Encoding
x-amz-request-id: 1R98NRXW2SWENTVP
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 7

GET
H3 200 js
www.googletagmanager.com/gtag/ 105 KB
41 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-916451471

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42003
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 01:05:52 GMT

GET
H/1.1 200
OK bk-coretag.js
tags.bkrtx.com/js/ 51 KB
16 KB 15ms
14ms Script
application/javascript 96.16.135.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/da6191c2b2959a15b37bb1f025a35ecd.js?conditionId0=4897099

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-135-39.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Mon, 18 Apr 2022 01:05:52 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Mon, 25 Apr 2022 01:05:52 GMT

GET
H2 200 dpm_pixel_min.js
c.tvpixel.com/js/current/ 103 KB
32 KB 11ms
11ms Script
application/javascript 2600:9000:225e:9200:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&comscore=true
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9200:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
age: 64439
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
date: Sun, 17 Apr 2022 07:11:54 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: N1-JKcXZZE-50_fenn36c5WBfv-6aX-RcCI3vM06XmMn32-ZikizCA==

POST
H2 200 s06281756468057
metrics1.citi.com/b/ss/citiuscombprod/1/JS-2.9.0/ 43 B
465 B 103ms
37ms XHR
image/gif 15.188.95.229

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics1.citi.com/b/ss/citiuscombprod/1/JS-2.9.0/s06281756468057

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 -, , ASN (),

Reverse DNS

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Apr 2022 01:05:52 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 19 Apr 2022 01:05:52 GMT
server: jag
xserver: anedge-7b6f4bb9f7-gglv4
etag: 3543871903369330688-4619371457106778060
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.citi.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 17 Apr 2022 01:05:52 GMT

GET
H3 451 425466.html
sr.rlcdn.com/ Frame BE71 0
0 131ms
118ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/3208fd9f0f76f390e3b95afee618c0da.js?conditionId0=467299
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 18 Apr 2022 01:05:52 GMT
via: 1.1 google

GET
H2 200 bat.js
bat.bing.com/ 38 KB
11 KB 40ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 865301C0E978442098C3BB7BDD6568C0 Ref B: FRA31EDGE0621 Ref C: 2022-04-18T01:05:52Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 18 Apr 2022 01:05:51 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK check.js;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0
content22.online.citi.com/fp/ Frame 1781 432 KB
76 KB 37ms
35ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&jb=3532262e68736d773d4c6b6c75782668736d3f4c61667d7a266271627735436a726d6f67246a71603f416a72676d65253030393038

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&allow_reprofile=1&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 762d092569702bf2
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 1781 81 B
474 B 23ms
20ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cls_report
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 39 KB
5 KB 123ms
123ms XHR
application/json 192.193.200.243

General

Check archive.org

Show headers Download Go to

Full URL

https://prod.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?_cls_s=b2cf93ab-a7ed-442c-be64-fc0b58a4a40e%3A0&_cls_v=44b77f27-4931-44ee-956e-ba485600bdc2&pv=2&f_cls_s=true

Requested by

Host: www.citi.com
URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?cache=AID-LjqAAQAAn4U96RT0_0NNEjFCOmJbMkqjmzEHO_nr_Mb8y0Ud24TLDXy6&X-soz9htCz--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.193.200.243 -, , ASN (),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:52 GMT
content-encoding: gzip
vary: origin
Server: GlassBox Cligate
X-Akamai-CITISITE: SWDC
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: https://www.citi.com
access-control-allow-credentials: true
Connection: close
content-length: 4475

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js
nexus.ensighten.com/citi/na_prod/code/ Frame F6C5 396 KB
121 KB 17ms
17ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/96e0eb995483e83e7b3f71968eedeed1.js?conditionId0=3013337
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/96e0eb995483e83e7b3f71968eedeed1.js?conditionId0=3013337
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:52 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 19:45:13 GMT
server: nginx
etag: W/"61940a49-63067"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 96e0eb995483e83e7b3f71968eedeed1.js
nexus.ensighten.com/citi/na_prod/code/ Frame 1781 396 KB
121 KB 41ms
41ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citi/na_prod/code/96e0eb995483e83e7b3f71968eedeed1.js?conditionId0=3013337
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/96e0eb995483e83e7b3f71968eedeed1.js?conditionId0=3013337
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:52 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 19:45:13 GMT
server: nginx
etag: W/"61940a49-63067"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK check.js;CIS3SID=21A913F011FAFA2B380A846DA515E787
content22.online.citi.com/fp/ Frame 3939 432 KB
76 KB 30ms
27ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/check.js;CIS3SID=21A913F011FAFA2B380A846DA515E787?org_id=89oebq5k&session_id=e5e5b48fff553aff5649b7a2c432d8a93ad7b57fb9b59e2e2601618966a3b565&nonce=e2b5f75a06da6b69&pageid=1&jb=35302626687367773f4e696e77782468736d3d446b6c757a246a716075354360706f6d67246a71603f4b6a72676d67253032313032

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/tags.js?org_id=89oebq5k&allow_reprofile=1&session_id=e5e5b48fff553aff5649b7a2c432d8a93ad7b57fb9b59e2e2601618966a3b565

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: e2b5f75a06da6b69
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=95
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 3939 81 B
475 B 47ms
29ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=e5e5b48fff553aff5649b7a2c432d8a93ad7b57fb9b59e2e2601618966a3b565&nonce=e2b5f75a06da6b69&pageid=1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 49ms
46ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27toString%27)&lnn=-1&fn=&cid=1129&client=citi&publishPath=na_prod&rid=2836703&did=578343&errorName=TypeError
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 01:05:52 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 18 Apr 2022 01:05:51 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/9340/ 43 B
593 B 18ms
16ms Image
image/gif 52.29.167.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9340/?che=5453870772.081233&abid=[CS]v1|312E5CB7C65D1E38-400008254593FF66[CE]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.167.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 1781 81 B
474 B 20ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame 3939 81 B
475 B 49ms
30ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=e5e5b48fff553aff5649b7a2c432d8a93ad7b57fb9b59e2e2601618966a3b565&nonce=e2b5f75a06da6b69&pageid=1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 01:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 generic1645813044147.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 532 KB
88 KB 9ms
9ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1645813044147.js
Requested by: Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: n9np7L1i8NPYVmXlDkA6OOYu.Ggu5g4q
content-encoding: gzip
etag: "b6b583d1c21fe708664599f47fe6d042"
age: 2318428
via: 1.1 varnish
x-cache: HIT
content-length: 89444
x-amz-id-2: DznJIXvrnDy8Uw4uQn+QFjtUjIcASEgJLzXYhDM7uTIqcAIydfKT20BJNNRXxdDO/izjbd4EQd4=
x-served-by: cache-hhn4073-HHN
last-modified: Fri, 25 Feb 2022 18:17:26 GMT
server: AmazonS3
x-timer: S1650243953.650468,VS0,VE0
date: Mon, 18 Apr 2022 01:05:52 GMT
vary: Accept-Encoding
x-amz-request-id: 1BPBMPNJ35B6E58B
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 5

POST s04355806672908
metrics1.citi.com/b/ss/citiuscombprod/1/JS-2.9.0/ 0
0

GET
H/1.1 200
OK clear.png
content22.online.citi.com/fp/ Frame F6C5 81 B
528 B 45ms
14ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&jb=37322426627b6d773f7766666566696c65662668736f3d756c666d6e696e6d6c246a7b62753f776e6465646b6c6766266a73623f7766666564696e656c273232756c66656e616c6766

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 89oebq5k/c934bfe443513e670f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b
Referer: https://www.citi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:52 GMT
Last-Modified: Mon, 18 Apr 2022 01:05:52 GMT
Server: Apache
Etag: 8c7cdc0cfb1748448b28cab82cd8ce57
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://www.citi.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 17 Apr 2027 01:05:52 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178
content22.online.citi.com/fp/ Frame A890 0
0 17ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 18 Apr 2022 01:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET clear.png
content22.online.citi.com/fp/ Frame F6C5 0
0

GET
H/1.1 200
OK sid_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178
h.online-metrix.net/fp/ Frame E499 0
0 72ms
32ms Document
text/html 91.235.132.130

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 18 Apr 2022 01:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET clear.png
content22.online.citi.com/fp/ Frame F6C5 0
0

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame F6C5 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178
content22.online.citi.com/fp/ Frame 4B27 0
0 34ms
33ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=29CD655B94AD2391ABB266C945B71178?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 18 Apr 2022 01:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png
content22.online.citi.com/fp/ Frame F6C5 0
218 B 32ms
32ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&ja=313b32392e2e613f3224723f3026663f31343032783132303224696e3d313e38327839323032247378793f327a32246470723d332e393430322c313238322c333632322c393a32322e333e32302c313030322c333630302c333038382c302438246d7c3d613a3a326162616661353564646664643b6d6338363131343f323660396335612e656c3f36247b61643d3236266e683f6874747071273b4925324e2d30467f77772c616974692c616d6f2732466c6f656b662464703d68747c727327334327324e2d3044666d6a706f637267642c636d6d2e627227304e2e706c353b2470603d373a6432386163346061646265313131603f3138356165306c316266623066342e606a3f37343e3b663362373831626739633037663b6c3e36323a3932613d6564673a64266a716d3f4e6b6e75782668716a3f436a726f6d6d27323231323226627b6d773f4e616c757826687360753f4368726f6f672e666863353c246e6c6d3d3a24747a643f477661273246556e696c67756e246d617460703d3630323164396b30606761383065366361353430323832616433373d3c30316e6c3635303831363364366563633036666339346164606c35323131333131346124703f726c7d6f6b6c5d64646373685e64616e736721706c75656b66577769666c6d777b5f6d676669615f726e637b67725e66616e716d23706e756769665d61666f60675f696b706d60637c5c66616c716523706e7567696e5d737d61636b7c616f655666616e716521706e77656b6c5f73686f61697f6376675e666164716523706e776761665d70676364726c617967725c66636c736521726e7d6f696e577e6e6357706c637b65725e64636e716721706c75656b665d646776616c7e705e64616e716529786e77656b665d7376675d766b657565725e66636e7b6d2170647d6569665f6a6374615e66636e716724676c5f633f756d60676e5765624f4e253030332c302d3a322a4d726d6c474c2530304753273230322e32273a3843687a676f697d6d29556762474c273032454e534c253232475b273232312e302d30302a4f72676e4f44273032475b273230474e534e2530304553253032392630253a3841687a6f6d6b776d29576760496b765765624b6b762d30305565624744434e454c475d69667b76636c616d665f617270617b7327334225323247505c5f62646d6c64576d696c6f61782531402730324558545f616d646d725d6275666e67725d68636e66576e6e6d63762d3142253232455a545d666c6f61765d6a64656e6c2d31422d3230475a545f667063655d666570746827314a273232455854577168636467705f7c6d7a7677706d5d6c6f642733402530304558545d766d7074757a6d5d63676d7070677373696d6c5d60727463253340273a32455a545f746d7a747772675d636765727067717b6b6f6e5f7067766327334225323247505c5f746d7076757a655f646b6c7465705d636c6b736f74726d7261612531422532385545404b4b565f4d50565d766770767572655d666b6c7665725f616c6b7b67747267786b632d33422730304558565d715045422533422730384d45515f656c6d6f656c745d6b6e6c6d7a5d776b66762533422732324f47535f66626d5d7a6d6e646d7a5d6d61706d63722533422730324d47535f7374636c6c6372665f64657a6b7663746b74657b2d31402730384d45535f76657a747772655f666e6d697c25334a2d30304745535d766578747770675d646c6f61745d6e616c65637225334a2732324f47515f7c6d7a7677706d5d68616c645f646c6d6174253340273a384f455b57766570747570675f68616e645d646e6f61745f6e6b666761702533422d30304d45515d766d7a76677a5d69707261795d6f606a676374253340273a3857454a4f4e5f6b6f6c6d705f6275646467705d666c6f6176273b4025303057454a454c5d636d6f707a6d7171676657766578747772675f637374632531402d3a30574d4a454c57636f6f727265737167665d76657874757067576774612533422d3030554540454c576b6d6f72706d717365645d746778767572655f67766b3925334a2d30305f4542454e5f636f6f727067717365645f766770767570655f733b76632733402732385f4740494b5c5d574542454c5d636d6d70726571716d6c5f746d7076757a655f71317463253140273032574542474e5d6b6d6d727265737b67645d74677a747d7a675d71317c615f737265622733402532305747404f445f646d6a77675772656c66657265705d6b6c646f253342273038554540474c5f6c677076685d7665707c777067273b402532305545404b4b545f5745404544576465787c6a5f7c657876777265253140273032574542474e5d6c7061755f62756e646570732731422d3a325547404f4e5f6c6f71655d636d6e74657876273b4a2532385f47424349545d554542474e5d6e6d71655f636f6c766d7a74273342253a32574742454e5f657d6e766b5d6c706177313426656c5d683d333932323e3865356d3d37333b6637646366623532633663673035313464643e30386334333169612675676e743d416676676e273a32496e632c2675676e723d496e7667642d3230417a6b732d32304d72656e474e273032476e67696e67246b61643f32&jb=3137362664793f4f6d78616e6c61253046372e3225323028556b666c6f777b2d3030465425303231302e3227314027323057696c343c2733402532307034342b2530324178786e6755676a4969742530463733352e333625303220434854454427324b2532326e696b652730324567636b6f292730384168706f6d652d30463330322c30263c3a3b342c3f3725323051616461706925324637313f263336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 01:05:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET clear.png
89oebq5kmfuf2kekxyvy2jfkil7nmq4bjvguklawc934bfe443513e67am1.e.aa.online-metrix.net/fp/ Frame F6C5 0
0

GET clear.png
content22.online.citi.com/fp/ Frame 1781 0
0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0
content22.online.citi.com/fp/ Frame B0B3 0
0 19ms
18ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1

Requested by

Host: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&jb=3532262e68736d773d4c6b6c75782668736d3f4c61667d7a266271627735436a726d6f67246a71603f416a72676d65253030393038

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 18 Apr 2022 01:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET clear.png
content22.online.citi.com/fp/ Frame 1781 0
0

GET
H/1.1 200
OK sid_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0
h.online-metrix.net/fp/ Frame 3753 0
0 27ms
26ms Document
text/html 91.235.132.130

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 18 Apr 2022 01:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET clear.png
content22.online.citi.com/fp/ Frame 1781 0
0

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 1781 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0
content22.online.citi.com/fp/ Frame D7BD 0
0 36ms
19ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content22.online.citi.com/fp/top_fp.html;CIS3SID=CC88E050F20EDBD0EE46197EC3F57DB0?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 18 Apr 2022 01:05:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET clear.png
content22.online.citi.com/fp/ Frame 1781 0
0

GET clear.png
89oebq5klgmlkgeszlsnzkmky665sry7uyqxaffi762d092569702bf2am1.e.aa.online-metrix.net/fp/ Frame 1781 0
0

GET 16003743.js
bat.bing.com/p/action/ 0
0

GET 0
bat.bing.com/action/ 0
0

GET 16001692.js
bat.bing.com/p/action/ 0
0

GET 0
bat.bing.com/action/ 0
0

POST tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ 0
0

GET p
sb.scorecardresearch.com/ 0
0

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 94ms
93ms Preflight 67.202.32.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.32.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-32-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.citi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.citi.com
access-control-max-age: 5
content-length: 0
date: Mon, 18 Apr 2022 01:05:53 GMT
server: nginx

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 crossdomain.html
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 2309 0
0 16ms
15ms Document
text/html 2600:9000:2315:e000:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/cbol-core-assets/cedric/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:e000:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34572
content-length: 221
content-type: text/html
date: Sun, 17 Apr 2022 15:29:42 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-id: zwXMnJf7zVZkiSMeR7QZjmaI3fF-36pACDygf0QM9xL7fs_Mi9yq3A==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 60B4 0
0 14ms
13ms Document
text/html 2600:9000:223f:5e00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/cbol-core-assets/cedric/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15
content-length: 221
content-type: text/html
date: Mon, 18 Apr 2022 01:05:39 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id: fnasrR2p2DRzBRN8hiOtMK420konKjIWRWu_5CWZwItveZfCP3a9dA==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 4619 0
0 14ms
13ms Document
text/html 2600:9000:2250:6e00:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/cbol-core-assets/cedric/cedric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79242
content-length: 221
content-type: text/html
date: Sun, 17 Apr 2022 03:05:12 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id: z59KA9fVL6Xal-rqEQAFO2tiXUCo4OxAtqClitRdLPv7MTruWiBYdg==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Domain: www.citi.com
URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Domain: contents3.00110.citi.com
URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1650243946177-sjn0000237-c1553f93-2bc3-44f1-b39d-4b7fa602861e&muid=1650243945724-42B83473-70E2-4A66-A908-EA1FFD00575D

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3730242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d4368706d6f6726687b623d4368726f6d67253230333032

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=2

Domain: prod.report.nacustomerexperience.citi.com
URL: https://prod.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?_cls_s=ebaf9ebf-89f8-4a92-83c5-0062944128af%3A0&_cls_v=bf6a9835-c495-4fac-946b-8cfe11965f39&pv=2&f_cls_s=true

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1650243948845&cv=9&fst=1650243948845&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1650243948846&cv=9&fst=1650243948846&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1650243948847&cv=9&fst=1650243948847&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1650243948849&cv=9&fst=1650243948849&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Domain: udc-neb.kampyle.com
URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMC4wLjQ4OTYuNzUgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiTGludXggeDg2XzY0IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NTAyNDM5NDg4NjciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4MDNhMzQ1MTNkM2MyLTAxOTBhN2E3ODczYTY3LTFhMzQzMzcwLTFkNGMwMC0xODAzYTM0NTEzZWRmIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLWNpdGkiLCJhY2NvdW50SWQiOiA0OSwidXJsIjogImh0dHBzOi8vZG9icm9jcmVkLmNvbS5ici9jaXQvY2l0eS5jb20vdGhhbmtzLnBocCIsIndlYnNpdGVJZCI6IDUwLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0N2UwLTFhYzctYjJmOC1lZTlhLTVkM2YtYTg0Zi1mOWIzLTgyZTgiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY1MDI0Mzk0ODcwNCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA3NTMsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NTAyNDM5NDg3MDgsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0=

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/960621875/?random=1650243948842&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=1990808982&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/644574043/?random=1650243948844&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=1743047018&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/644574043/?random=1650243948844&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=1743047018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/975701947/?random=1650243948843&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=3410084227&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/916451471/?random=1650243948839&cv=9&fst=1650243600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdobrocred.com.br%2Fcit%2Fcity.com%2Fthanks.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=3998814196&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=16003743&Ver=2&mid=8e46ad1b-12f7-4818-ae7e-354517b58adf&sid=aef07df0beb311ec9bbe4d529e5dc406&vid=aef0e4b0beb311ecbd974da7b8cd686f&vids=0&evt=pageHide

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=16001692&Ver=2&mid=18a4bbce-23c7-453f-a33f-e3114d7ec69c&sid=aef07df0beb311ec9bbe4d529e5dc406&vid=aef0e4b0beb311ecbd974da7b8cd686f&vids=0&evt=pageHide

Domain: metrics1.citi.com
URL: https://metrics1.citi.com/b/ss/citiuscombprod/1/JS-2.9.0/s04355806672908

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&jb=3334246c7b693f6434326c3a3231396436333536353865386060696e33316a6b35666935633432

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&jd=353a2426626e6c3f313a2e6866683d36643433613038303361673f3e3933316a64626b63663b3a6265353333353134266a66746c3f38383131353a3330

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: 89oebq5kmfuf2kekxyvy2jfkil7nmq4bjvguklawc934bfe443513e67am1.e.aa.online-metrix.net
URL: https://89oebq5kmfuf2kekxyvy2jfkil7nmq4bjvguklawc934bfe443513e67am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=0f7e88fcb39ba1ef1b4fd5aa27984a99bd8d163110fc2bca1412c8b074ed8c5b&nonce=c934bfe443513e67&pageid=1&di=yes

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&jb=3334266471613f643630663a32313964363337343d306d3a626a63663139626137646337613632

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&jd=3534262e68666c3f3338246866683d366434316338303831636d35363b3b39606660616164393a60673733313f33362668667c6e353038373a333a

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: content22.online.citi.com
URL: https://content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&ja=313b30312426613f3026783f3026663f3134323070393a32302e63663f393632307a3330323024717a7b3f30703026647272353124313432302c33303830243136323024333232322c313432302c313030322e313e38382e313a32302e382c32266f763f63383a30636061646b37376466666c663165633a343133363f303e6239633769246d6c3f34267161643d3236266e6a3d607c7c72732d3141273a462732447575752e616b766b2c63676d2532446c6767616e2466723d6a767c707b253343253a44253044646f60706f637267642c616f65266a70253a442672643d3126726a3f353864303a6363366a636662673139336a37313a376167326c336a646230643c24686a3f636663333735356033353131306a3e63656a6730646c333532363137346334372468716f354c696e77782e6a7b623f4168726d6f6d253a303132302e68736d773d4c6b6c757826687360773d4b607a6d6d6d246e6a6b3d36266c666f3f38247678663f457c6325324455666b666f756c266d6376607235343032336c33633060656332306536636135343230303a6966313d37343239666634373a3a33343366346763613a3464633b3469666a6435303331313331366926703f706477676b6c5f666e6373685e64616e71652978647767616c5f75616e666f75715d6f65666b635d726c697965725c66696c7b6523726c75656b665f69646f6065576363706d6261765c66616c716523726c7d6f616c5f7977696163746b6d675c64636c716723726e756f696e5f7168676363776374655e646364736d21706e756f6b6e5d7065616e726c617967725c6461647b6d23706477676b665f746c615d726e617b67705c646164736521726c7d67616e5d666576636e7e725666616e736d23706e7767696c5d7376675d766b67776d7a56646164716523786c77676b6c5d686174635c64636c7b6526676e5f6b3d7f6560656c5767604f4c2d3230332e382732322a4f70676c474c2530304751253a383a2c302d30304160726d6d6b776f2b576760454e273238474c534e253a304d53273030312c322d3238284f726566454c2730304551273230474e534e2732384d5b273238332e322d3232436a706d6f69776f2b55676243697457676243697c25303257656045444146474c475f616c7376636e6367665f617270617b71253b4a2d30304d5a545d6a6c676e665d6f6b6e6f637a2731422d3230455a545763676c6d705f6277646e657a5f68636c6e5d666e6d6174273142253232455a565f6e6467637457606c676664273340273032455a565d6470616f5f6465727460253b42273030455a56577360616467725776657a767572675d6c6f642733402732384d50565f7c6778767d72675f616d6f72726771716b6d6e5762707461253b422d32324758545d766d787c7572675f6b6d6d72706573716b6f6e5f70677661253b4a2d30304d5a545d7c657a747770675d666b6e7667705f696e69736d747a6f786961273342273038574d424b4b54574758565d74657a767572655d666b6e746d7a57636e61716f767a6f726961273140253032475a565f7b52474227334a253a304d47535f676e6d6d6d6e745d696666657a5d75696c762533422732324d455b576e606f5770656c6c65705f6f6b726f61722731402732384f45535d737c6166646370645f66677a697e61746b766d712531402532324d45535f76657a76757a6d57646c676374273b422732324d47515f76677a7677726d5f666c6d617c5f64696c67617227314a253a304f47535776657a767572675d68616c645f646e6f697c2d31422d30304d4d535d74677a767772675d6a636e6657666c6f6374576c616e6763722531402d32384f45515f7e67727667785f63707261795d6f6068656b7c2d31422d3030554d42454c5d616d6e6f705d607764666d725f666e6f69742d334027323055474a47445f636d6d787065717165645d766578747772675d617b7c6b27334a2732325f4540474e5d616d6d7270677171656c5f74657a747d726d5f6776632531402d323857454047445d636d6f707267717365645d74677a747d7a6d5d657c6131273b42273232554740474e5d616d6f707a657373676457746d78767772655d713b746b253340253a325747404b49565d574542454c5d616f65787a67737b67645d7c657a747770675d733176612731422d32305747424f4c57636d6f707267717b656c5f7467787c7772675d733376615f737265622731422d3a3855454a454c5d6c656075655d70676e66677067705f616e666f27334a253a30554742474e5d6c657874685d746d7a7477706525314025323055454049495c575f47424f4e5f666d7076685d76677a747770672731422d32305747424f4c57647063775f60776e666d727327334a273232554542454e5f6c6f71655d616f667c6d7a742d3142273a30554540494b565f554740454e5f646f73655d63676e7c657a76253340273a305f4542454c576f756e76695f66706177313426656e5f60353b3b30383430673d65373531316435666364603732613c61653037313c666e36303a6134313369632e77676e76354b6e76676c253032496e632c2675656c7a35416c746d6e253038497069712730324f72676c454e253a30456e656966652e6361663d31&jb=3137342e6e713f4f6f7a6b6e6c61253046372c302d3a382a57616c646d7f732732324c5627323233322c32253b4225323257616e3e3427314225303270363c292530304972706e67576560496974253046373137263b3e2732382a4b4a5c4d4e2530412730306e6b6967273238476563696f21253a30416a726f6f672d324e3130322e382c343a3b362e35372532305161646372612d3a44353b352e313e

Domain: 89oebq5klgmlkgeszlsnzkmky665sry7uyqxaffi762d092569702bf2am1.e.aa.online-metrix.net
URL: https://89oebq5klgmlkgeszlsnzkmky665sry7uyqxaffi762d092569702bf2am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94&nonce=762d092569702bf2&pageid=1&di=yes

Domain: bat.bing.com
URL: https://bat.bing.com/p/action/16003743.js

Domain: bat.bing.com
URL: https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=31d6af1b-9ab4-4909-b03f-c20e21a008d2&sid=b1a0de90beb311ec92420b77a3ddd650&vid=b1a12f30beb311ecbb3a87e456d69936&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Fwww.citi.com%2Flogin&r=https%3A%2F%2Fdobrocred.com.br%2F&lt=3518&evt=pageLoad&msclkid=N&sv=1&rn=322151

Domain: bat.bing.com
URL: https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=31d6af1b-9ab4-4909-b03f-c20e21a008d2&sid=b1a0de90beb311ec92420b77a3ddd650&vid=b1a12f30beb311ecbb3a87e456d69936&vids=0&ea=Application&evt=custom&msclkid=N&rn=990764

Domain: bat.bing.com
URL: https://bat.bing.com/p/action/16001692.js

Domain: bat.bing.com
URL: https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=45cae031-0011-477c-8b4a-405be649116b&sid=b1a0de90beb311ec92420b77a3ddd650&vid=b1a12f30beb311ecbb3a87e456d69936&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&p=https%3A%2F%2Fwww.citi.com%2Flogin&r=https%3A%2F%2Fdobrocred.com.br%2F&lt=3518&evt=pageLoad&msclkid=N&sv=1&rn=732244

Domain: bat.bing.com
URL: https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=45cae031-0011-477c-8b4a-405be649116b&sid=b1a0de90beb311ec92420b77a3ddd650&vid=b1a12f30beb311ecbb3a87e456d69936&vids=0&ea=Application&evt=custom&msclkid=N&rn=179341

Domain: p.tvpixel.com
URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2

Domain: sb.scorecardresearch.com
URL: https://sb.scorecardresearch.com/p?c1=2&c2=34402982&ns_type=hidden&ns_event=page_view&c6=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&c7=https%3A%2F%2Fwww.citi.com%2Flogin&c8=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&c9=https%3A%2F%2Fdobrocred.com.br%2F&rn=1650243953047

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-819500023&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c

Verdicts & Comments Add Verdict or Comment

368 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dobrocred.com.br/	1969-12-31 23:59:59	Name: cdContextId Value: 1
.dobrocred.com.br/	1970-01-20 11:09:39	Name: bmuid Value: 1650243945724-42B83473-70E2-4A66-A908-EA1FFD00575D
dobrocred.com.br/	1970-01-20 02:24:05	Name: 7830 Value: error
dobrocred.com.br/	1970-01-20 02:24:05	Name: 7018 Value:
dobrocred.com.br/	1970-01-20 04:33:39	Name: 64072 Value:
.dobrocred.com.br/	1970-01-20 04:33:39	Name: _gcl_au Value: 1.1.468236079.1650243946
.dobrocred.com.br/	1970-01-20 11:09:39	Name: cdSNum Value: 1650243946177-sjn0000237-c1553f93-2bc3-44f1-b39d-4b7fa602861e
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MjAxNzAxNLUwNhfiM9TVNdctzk2JTC_2MI0EAJhBd4ElAAAA
.rfihub.com/	1970-01-20 11:45:39	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MjAxNzAxNLUwNhfiM9TVNdctzk2JTC_2MI2U4jU0MzUwMjG2NDEzMjYFAMXKJsk0AAAA
.dobrocred.com.br/	1970-01-20 02:24:05	Name: _dpm_ses.dc5a Value: *
dobrocred.com.br/	1969-12-31 23:59:59	Name: _cls_s Value: ebaf9ebf-89f8-4a92-83c5-0062944128af:0
.tvpixel.com/	1970-01-20 11:09:39	Name: sp Value: a28fbd30-c139-4494-bd46-bfad5cb93b3b
.c.bing.com/	1970-01-20 11:45:39	Name: SRM_B Value: 0EBBFDC090066974204AEC4A918D6834
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:45:39	Name: MUID Value: 0EBBFDC090066974204AEC4A918D6834
.c.clarity.ms/	1970-01-20 02:24:04	Name: ANONCHK Value: 0
.bing.com/	1970-01-20 11:45:39	Name: MUID Value: 12CF0958659D6B0E3AF118D264166A45
.dobrocred.com.br/	1970-01-20 02:25:30	Name: _uetsid Value: aef07df0beb311ec9bbe4d529e5dc406
.dobrocred.com.br/	1970-01-20 11:45:39	Name: _uetvid Value: aef0e4b0beb311ecbd974da7b8cd686f
.agkn.com/	1970-01-20 11:09:39	Name: ab Value: 0001%3A1RqkwLMkUX5i7Rseg1zfeAMXuh8SpgL1
.agkn.com/	1970-01-20 11:09:39	Name: u Value: C\|0CAAp73XsKe917AAAAAAAATPZAAAAAA
.dobrocred.com.br/	1970-01-20 11:09:39	Name: _dpm_id.dc5a Value: 46379894-66ae-4382-a737-89f4c4aced70.1650243947.1.1650243949.1650243947.262953ae-c04a-4ded-a995-b609edcc84e7
dobrocred.com.br/	1970-01-20 11:09:39	Name: mdLogger Value: false
dobrocred.com.br/	1970-01-20 11:09:39	Name: kampyle_userid Value: 47e0-1ac7-b2f8-ee9a-5d3f-a84f-f9b3-82e8
dobrocred.com.br/	1970-01-20 11:09:39	Name: kampyleUserSession Value: 1650243948704
dobrocred.com.br/	1970-01-20 11:09:39	Name: kampyleUserSessionsCount Value: 1
dobrocred.com.br/	1970-01-20 11:09:39	Name: kampyleSessionPageCounter Value: 1
.dobrocred.com.br/	1970-01-20 11:09:39	Name: cd_user_id Value: 1803a34513d3c2-0190a7a7873a67-1a343370-1d4c00-1803a34513edf
.doubleclick.net/	1970-01-20 02:24:04	Name: test_cookie Value: CheckForPermission
.citi.com/	1969-12-31 23:59:59	Name: AKMTLTSID Value: A4441B7A264D4B898AF4F07AEB8C16DF
content22.online.citi.com/	1970-01-21 21:36:03	Name: thx_guid Value: cb159421972b40a4944eb682dffaa62c
.citi.com/	1970-02-07 08:41:31	Name: NMO5iv8Z Value: AwdVNDqAAQAACAPKNjQYpvsDzMBYoR_KFoaFh91tC11cBBOm5jwxVhEhrLhDAYrHJoWucpl_wH8AAEB3AAAAAA\|1\|0\|72f8f44328267c22d5fa8e389b6210b3a898eca9
mpsnare.iesnare.com/	1970-01-20 11:09:39	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: /WgQKth360RYgSUAZ6Ky6LCgsZQcg41sBM3nzbMvneI=
.citi.com/	1970-01-20 02:24:05	Name: tenantId Value: CBOL
.citi.com/	1969-12-31 23:59:59	Name: tmx_sessionid Value: 5c5961f215760ed64fb08896e8f129a7e6ccf066f67d8450308a813745269e94
www.citi.com/	1970-01-20 02:24:05	Name: 7830 Value: error
www.citi.com/	1970-01-20 02:24:05	Name: 7018 Value:
www.citi.com/	1970-01-20 04:33:39	Name: 64072 Value:
.citi.com/	1970-01-21 22:12:03	Name: _cls_v Value: 44b77f27-4931-44ee-956e-ba485600bdc2
.citi.com/	1969-12-31 23:59:59	Name: _cls_s Value: b2cf93ab-a7ed-442c-be64-fc0b58a4a40e:0
.citi.com/	1970-01-20 04:33:39	Name: _gcl_au Value: 1.1.1947767962.1650243951
.demdex.net/	1970-01-20 06:43:15	Name: demdex Value: 87799943040237116651549801304755493667
.citi.com/	1969-12-31 23:59:59	Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1
.citi.com/	1970-01-20 19:56:42	Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C19101%7CMCMID%7C81051648146435906742027070816532390528%7CMCAAMLH-1650848751%7C6%7CMCAAMB-1650848751%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1650251151s%7CNONE%7CvVersion%7C3.1.2

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://dobrocred.com.br/cit/city.com/thanks.php Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff' from origin 'https://dobrocred.com.br' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dobrocred.com.br/cit/city.com/thanks.php Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff' from origin 'https://dobrocred.com.br' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dobrocred.com.br/cit/city.com/thanks.php Message: Access to font at 'https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff' from origin 'https://dobrocred.com.br' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://citimobile.citibankonline.com' that is not equal to the supplied origin.
network	error	URL: https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://dobrocred.com.br/cit/city.com/img/logo.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/bat.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://dobrocred.com.br/cit/city.com/thanks.php Message: Access to XMLHttpRequest at 'https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1650243946177-sjn0000237-c1553f93-2bc3-44f1-b39d-4b7fa602861e&muid=1650243945724-42B83473-70E2-4A66-A908-EA1FFD00575D' from origin 'https://dobrocred.com.br' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1650243946177-sjn0000237-c1553f93-2bc3-44f1-b39d-4b7fa602861e&muid=1650243945724-42B83473-70E2-4A66-A908-EA1FFD00575D Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dobrocred.com.br/cit/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.pbbl.co/r/1560.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.citi.com/login Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://www.citi.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.citi.com/login Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://www.citi.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.citi.com/login Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://www.citi.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
20766699p.rfihub.com
89oebq5klgmlkgeszlsnzkmky665sry7uyqxaffi762d092569702bf2am1.e.aa.online-metrix.net
89oebq5kmfuf2kekxyvy2jfkil7nmq4bjvguklawc934bfe443513e67am1.e.aa.online-metrix.net
bat.bing.com
c.bing.com
c.clarity.ms
c.tvpixel.com
c1.rfihub.net
cdn.pbbl.co
citi.demdex.net
cm.everesttech.net
code.jquery.com
content22.online.citi.com
contents3.00110.citi.com
d.agkn.com
dobrocred.com.br
dpm.demdex.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
h.online-metrix.net
metrics1.citi.com
mpsnare.iesnare.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online.citi.com
p.tvpixel.com
prod.report.nacustomerexperience.citi.com
resources.digital-cloud-citi.medallia.com
sb.scorecardresearch.com
sr.rlcdn.com
stags.bluekai.com
tags.bkrtx.com
udc-neb.kampyle.com
www.citi.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
89oebq5klgmlkgeszlsnzkmky665sry7uyqxaffi762d092569702bf2am1.e.aa.online-metrix.net
89oebq5kmfuf2kekxyvy2jfkil7nmq4bjvguklawc934bfe443513e67am1.e.aa.online-metrix.net
bat.bing.com
content22.online.citi.com
contents3.00110.citi.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
metrics1.citi.com
p.tvpixel.com
prod.report.nacustomerexperience.citi.com
sb.scorecardresearch.com
udc-neb.kampyle.com
www.citi.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.111.238.178
142.250.181.226
15.188.95.229
151.101.1.175
151.101.66.133
18.195.42.228
18.66.122.116
192.193.200.243
193.0.160.129
2001:4de0:ac18::1:a:3a
216.172.172.133
2600:9000:223f:5e00:1e:54f1:26c0:93a1
2600:9000:224a:4c00:1:76cf:fe80:93a1
2600:9000:2250:6e00:13:ab57:d440:93a1
2600:9000:225e:9200:1d:bf0a:0:93a1
2600:9000:2315:e000:a:6cdf:4440:93a1
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:829::2008
34.252.147.157
35.190.60.146
52.142.114.2
52.213.194.249
52.29.167.104
52.51.88.158
54.195.39.4
67.202.32.1
69.192.160.219
91.235.132.130
91.235.133.67
96.16.129.152
96.16.135.39
008aaa0eebea326ea356339b06467c2eb5f98d4b76759ae45f6eb1f953db28ee
0264c5423e565a05bcc16d1abdfec999c4e92fd5ea90146251a8549cb93773f6
02e871a789bf3801140ce6b9d8a205d308ca81bce448e87fb6bdd60ee98cafc1
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
07927093cc6c291ef8c844c2a4f7815821dc71393d60dd8464a8f7070de009a6
0947b665008d1eeed81b209ac4e4201375e43a05096311b2762edafa09b332fe
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
0d176caf65545b79de3b90853b699bbe1d8f2c7512bffec29d7a8f09093f982f
0e8665d56063213d42b3650b1325534735f0fefe09ee48a7f734f83b5e4bfdfe
0ed87b4fd56a4ea6f91e90ec9227281332adcb6d90c16871ddd93a8b0769fa24
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
128defd3bfdeec3c42be684416639fce585957cf89b179142dc238adf88aa1f4
1a58f7d24fa32c87690d31b5f46c8a02e760b9501d4582c4f2d475f174140b75
1a6193c0936ec29f4350799172f83ad78a95112799ea30c662e80f25b418361c
1c69468ad43d43f8c701bcd193de8688ba49a17128a730c065c7a06d08106daf
1f7013f13882d7717716440ef4954cba246dd9cd6acff2776e5b6598c022bb2c
206172e20cec834555deffe72940032d8a4b08efcb032a6d6b44e9a953e9258e
21201ecc3c1f81d2725b4f6b81c4dfa208edabe6a023711d6b48933b7acabf84
22516a506d658415c2f6feb400613ae241e28649497ee35c6d7823645c9415b7
26310c56bc9d8552115985a28d506194f726880006b9d84409177773036e419a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a606181ce3e676fd43d0ac59e85d5c54712206b5c0b0c601a4c2d1b805591b6
2aaa3673fc69a7eb3950060729e977a8d3540e1e22d8c0e82afd2f503f8c4906
2c3e0f1421ec0c865caf07a6fee834c43eb456613a9d1aee3a3db0c463c9d340
304e34f343ccb0327ef9c168808b6723b7893399c3da5fcd85b808876768bd1b
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
3463269a9c7b40f9b1ad0267081dc8b1f7356baf3c19377253f499eb1d6ac091
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
390c36ad787c04f4acc3f3022a0bb787c9046941c5516d8412a85a959991e4d8
3932cc3da98b8d60a76995427dcbc56d199622ef5cbb86f96ef02269157c4cbf
3d93d98cff692424fbe55a836f5866307b6fd4077d250c9e1d51d3f21f152528
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3e9b5af876698a354af4d7d7fdaecd9fa4a45ca78f6d7a838f72836679c698d0
3f383b43ed678109c3a4006112945b4381899317658913dcf1d061a55b47cab5
4027f452062da70c1206681e4d1e3ad20d633d217bcd0f954f98e4ea7743c842
42c0c119e9e9058cda33545db71f292840f470f9cc817ab2b47df0f1178679b2
441dbbcac58f504c76ab5ff91afa232a4f7734790a9fd2345cad297f00537aa0
44d51f79625071a0932e53718697618a5316b5f5e49757ff19fb468819e26e1d
48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a
48e89b7e40e096b89d864a5c8ee340ce44ca60fe9675310ef2f3f40a53a7d593
4b12fddc6e3d5f34ac92cbb3da22ca764525e59dd61722579fb4819845e7eca8
4b1b13a9bf37b3f15910d0b01bdfd90420f20445ac1cd4dcf296831d5df43c04
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
51c6043803bec020097c7f9559f9f87f1b427daf7590f68f2ce2b3a4feaf661a
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
53c561089a7987d29afa32543f9d7585b9a4f565b0b6c54b703e802f2f52d386
5846dcb105dd364250873dfae29adc3eeed9bf005585e1dd5872d593ec0f0b24
59e58061a2c0854c141751e3c9e358b9d65623ea9b773265aceed3909d99e4bd
5a2aa8a1ce876434e8f0912c3be63026f79d0b0f24ea591e5379d9186fae451f
5c05a0ddd9ae6b65e920c88e3f59249759ded65189fccfd1aa78967432817bdf
5cbb5852d6dd001b4defb3f6ace7f8beb88d0f19d20d00ebfd086a24c31988db
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
60efe6c61d482a9ad16c13a430e4f9b230d4a7667873a043327afadd372bef6d
60f144acd0bb44ee700194d36ca6f90d0c66ba10aadbcd30238c76bc53bec6f4
617d716b69a6ed168faa6740c05c2699cd8c62b9ac553709c5bd8c7de0c672eb
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
6529697f8aee06a6403774711a28d2ba6873ebcc41bbf2ae0a1ce4318075eb7a
66e0a4b3019f0e19c99a314095a7e13932cd8afcb82a236475abf3f8723ea69d
677cec65f2895fca126756615b8f96c2801078d2b59a98bab4aab3ee8a89d645
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17
6bb0c1eaae6f6770f889c139ca441c1c21ab76ba7cd86cb28600955f3ee15302
6dae862525bc15cc9ca50bbdfcfa1eea606f15777a11047e5905d1cc34816d37
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
6f56350d404b7363262ab1a2331f6ee082822c230c2dda9061439acb0ee2ea29
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b
76fb126ee024dcf4a093ac4d3614448b9281355f1033a422fc929298e88fa877
77486b3524e2cc2e6ca8507bee13b0cdf295cdd257144e74128405acddde0ad6
78950385487b0215bf4315c45ac8f63d1902c76518fe8a1744594d332d3c47cc
79206ccd37edbafc46266406417abb5be984a5d0fb9f38e693d67b6d30cba8bb
7abc821719bde6469f938ceb1d46f94060ab8cee449832a420876df7eee63a75
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c61e941b642ce421086c40e8edd357d643de75763ebe83073d329f2693f6786
7ce1ab6d7d544d02fdbfd070df6d6290a630944648f78629bccf6b7c426254ff
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7e035fe791d86c0346cacc50c10ab1cea6941f3dae04a87b7acc0e30ce6436d9
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7ff84eaeb73b55c585954d9c067f6d58b2631393b403105bccb0179fcbf45260
836721a9e90235a2282bbb177a7787039a9c91c892623462f12c6b17ad03739a
84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb
85272ec3d43640c29bdc41f4f2f7c2942b2f96d76254e8b2802006eab8bc44fa
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
860582858712ff8f0cc7c0d15a99ef0ee1df472e02fdbd7a5ddffa7f4d49aada
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
895cf129cc2645aaa6c18973d5db4d59c9b07121d958b71269f41055ea7dc69c
8a13175818c1064520ce05abb77e35d1c88111dcf0cd991d5227a55ff196a7e3
8c45d662ab1e42f9a6ad694125406cbe3781bf3bbba39f2f6736c70490eb96b5
927c1267da41ddfe58361d79a5a203b8662854f49eeb8d2a6eea8180d8a2723d
93a2bf9c16a92eea122a84d246579a50fb89c3b269c78c080588cee14129b2c7
967a765de5c8723590db8b187db737a6779d0fd6e6c21bab393d93d0996439f5
96b9abc2f2d4bed897010e396f7616a976406d9cf549bb83073d0bb10cc7bdf0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
a1012b65a2ec44d9f1a2e3a11f74e644e505cb6544e3717b4442cb9aa73452b0
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
a71478b73edbf42d39394c0e7916ed45e93e3c568d37670c9f943e18b916ea76
a78d98e1c595c4d981f9f915c3466e6a031c3d9bb5b75fc1f210516fe6c22263
a7c31efbe0fd145701b3a4d9d407c3d7a0b2589fe03e76a57159478c2f80770c
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
aa1ba78a6de5d98dd69a38689f6910e260927f78569487b635a97400150b40cf
aaf58b530fe940f9235a0eb0eedb3ece0050ceab2bd96db2dd767beb6f0b798b
ab12750d996e84426be567f6a1e51c1e088a950fcd4ca92c465df10710da1de7
ac3211cc5864f812b2e7fe668137258fe2e2405cc42642d4fbcd07199f3c4028
b4d7c52d0920ce3ce14dd5f198df3fb2e9bf39ff31e209a92cf146c86de4ce62
b5b69e04ac1707d00de631bf43e342bdce12e0cd30b9ccd68c511a3b33d3f888
b5d1c26722742c44e62a4fbb4b67117d2587aa320f61784a27fea9d66d9f62b4
b6f517c4279c052b89206db39d95274ef20699f4142aaa9e4339790d3228a64f
b77f337d13fb0416c60878ca32e9e8f04e3df195ca40adbc4744c0c693b0abe8
b7f2f1e03a298672d8b5b5a660f62e85aaf15c530d16015d909d3c737dd93a46
b8e163ad0d939e9d2c2958a3d620cbcc72c2b8e5bc813b2dfe09a22b98fd4421
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
babe60f8a568bcfa4f233de14b86ccc47e7f4575ccd0176f49cc012c7b16f905
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
c49f7ec632ced66bfd8ac1ed0cc98a6c8e583f7b36e1faccf190a04955d39c01
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
c9c84a02bd7802730402506e08933a2bf019ce78600f266189b86a2d53c0bdd6
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cb5a59ed02cb332097bed4550e12438115663cb4fa2c3b616a509880167036cc
cd9882dfede3076583d89a9dae769051a4794fb34837c79176c10a9c9d48705a
ceb0d6fc665067fbcad0fdb8a8be4b39675a97d4182cdcdb8e9d31d78f14c88a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
dfb30742c209a6119b53853df43d609166ce3b72e09c0f6d7bafaac8a4f1bd00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
e72132b479fe2fc32b2ffcc2a8efa78ef1814d4492b610fd3f06a46fae54d6cb
e76caa473d34a77670863ffd51ee0e59b44c4bdc6367aa0e8e698bf6b264919f
e83c9c5a686b6460be3df5f34ddbe456588d4f575083e74045a00c4ff2be7db0
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ea3b67ffa6b4d741462ba79576ab7943192f113bdc9ac8fa3a052127a0be6b57
ec92c710f2d67faf40a7c39947630493ffd75ca46a82cfadde25e8eb05e53bf3
ecddeb2adfa02b823671f9e56787dd23cadfe86fa9042940d5fea9e38054c174
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcb0e09a533713a54d617f43991909e46d6430c9c1531787ea15492a15b9e86
efd499dde40eb337e8a3ba1ac8ce81b0f9bbd45caad9bc765578d7d7ce28ad47
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
f405b8138a4d8c20d68c5f9edd97739b57a3bf21e46adc032dc11c6841fd975f
f51cb148ce0f4f40893c289863293d286008c5c00e149fb7a158c3c9ba6f6dc8
f535d9ab677c671bb9941499b923eb4046df0bb53ec631576f4b1c66790da612
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9fbde0b84952eac454f8630061c044338c6de9804c9deceedd280138ef52dcf
fbfbcd5ac1839093e7f7fed9f57af9bdca51c799c591af25b624ebc421fdd052

www.citi.com Open in urlscan Pro 96.16.129.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

335 Requests

84 %HTTPS

30 %IPv6

30 Domains

41 Subdomains

33 IPs

3 Countries

7905 kBTransfer

23597 kBSize

44 Cookies

0 Outgoing links

Page URL History

Redirected requests

335 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.citi.com Open in urlscan Pro
96.16.129.152 Public Scan

Screenshot
Live screenshot

Full Image

335
Requests

84 %
HTTPS

30 %
IPv6

30
Domains

41
Subdomains

33
IPs

3
Countries

7905 kB
Transfer

23597 kB
Size

44
Cookies

335 HTTP transactions
1 data transactions