echat.citibank.com.tw Open in urlscan Pro
192.193.157.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://echat.citibank.com.tw/
Effective URL:
https://echat.citibank.com.tw/Account/Menu
Submission: On January 04 via automatic, source certstream-suspicious (January 4th 2022, 10:21:37 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 192.193.157.194, located in United States and belongs to CITI5, US. The main domain is echat.citibank.com.tw.
TLS certificate: Issued by DigiCert Extended Validation CA G3 on February 3rd 2020. Valid for: 2 years.

This is the only time echat.citibank.com.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 14	192.193.157.194 192.193.157.194		2912 (CITI5) (CITI5)
13	1

14 192.193.157.194 (United States) 1 redirects

ASN2912 (CITI5, US)
PTR: echat.citibank.com.tw

echat.citibank.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	citibank.com.tw 1 redirects echat.citibank.com.tw	344 KB
13	1

	Domain	Requested by
14	echat.citibank.com.tw	1 redirects echat.citibank.com.tw
13	1

This site contains no links.

Subject Issuer	Validity	Valid
echat.citibank.com.tw DigiCert Extended Validation CA G3	`2020-02-03` - `2022-02-03`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://echat.citibank.com.tw/Account/Menu
Frame ID: EA722A70C36E1700DDFFB714D1D512B9
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

花旗客服即時通

Page URL History Show full URLs

https://echat.citibank.com.tw/ HTTP 302
https://echat.citibank.com.tw/Account/Menu Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

343 kB
Transfer

649 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://echat.citibank.com.tw/ HTTP 302
https://echat.citibank.com.tw/Account/Menu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Menu Show response
echat.citibank.com.tw/Account/
Redirect Chain

https://echat.citibank.com.tw/
https://echat.citibank.com.tw/Account/Menu

6 KB
6 KB

306ms
306ms

Document
text/html

192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

/ ARR/3.0

Resource Hash

e38353c397108c2ce7b910781b24dba6b5dead504b2e1af3597af738a6935180

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1; mode=block
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
X-Frame-Options: DENY SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff nosniff
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubdomains
X-Powered-By: ARR/3.0
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Xss-Protection: 1; mode=block
Date: Tue, 04 Jan 2022 10:21:31 GMT
Content-Length: 6008

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Account/Menu
X-Frame-Options: DENY SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff nosniff
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubdomains
X-Powered-By: ARR/3.0
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Xss-Protection: 1; mode=block
Date: Tue, 04 Jan 2022 10:21:31 GMT
Content-Length: 130

GET
H/1.1 200
OK css
echat.citibank.com.tw/Content/ 0
727 B 303ms
303ms Stylesheet
text/css 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/Content/css?v=

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 04 Jan 2022 10:21:31 GMT
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block, 1; mode=block
Cache-Control: public
Date: Tue, 04 Jan 2022 10:21:31 GMT
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Vary: User-Agent
Content-Length: 0
X-Content-Type-Options: nosniff, nosniff
Expires: Wed, 04 Jan 2023 10:21:31 GMT

GET
H/1.1 200
OK app.lib.css
echat.citibank.com.tw/app/ 119 KB
119 KB 828ms
525ms Stylesheet
text/css 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/app/app.lib.css

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

3a15c352194f27fa8c0408b6c78f4072dec9eba8974e54072ab1f27233c65a7a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 07 Mar 2017 08:35:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "0e45ed41d97d21:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 121544
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK login.css
echat.citibank.com.tw/assets/css/ 5 KB
6 KB 799ms
456ms Stylesheet
text/css 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/assets/css/login.css

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

41bf10ee1951bccc0e4c6a448281a14414326d30072693bdc3128c92fefe41e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 31 Oct 2017 07:04:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "077da701652d31:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 5261
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK chat.css
echat.citibank.com.tw/assets/css/ 7 KB
8 KB 795ms
453ms Stylesheet
text/css 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/assets/css/chat.css

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

354795fe681e7caab7bbd1588b1a212852a7094876719ccfe7b1622f0f169227

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Wed, 17 Jan 2018 04:41:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "072b96d4d8fd31:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 7519
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK app.lib.js Show response
echat.citibank.com.tw/app/ 430 KB
136 KB 688ms
340ms Script
application/javascript 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/app/app.lib.js

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

39adcbf897b6df852321692a0774062fa820328f0d2b4b66771a0a5d9ab351ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Length: 138610
X-XSS-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Wed, 14 Aug 2019 07:53:37 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 04 Jan 2022 10:21:31 GMT
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/javascript
ETag: "8016a617552d51:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes

GET
H/1.1 200
OK app.component.js Show response
echat.citibank.com.tw/app/ 2 KB
2 KB 641ms
294ms Script
application/javascript 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/app/app.component.js

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

544033acc9616e99b4a80f90cc1dc645660b57b2834e89a436117df7ecd0745f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 07 Mar 2017 08:35:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "0e45ed41d97d21:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 1543
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK app.main.js Show response
echat.citibank.com.tw/app/ 7 KB
8 KB 851ms
482ms Script
application/javascript 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/app/app.main.js

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

6c6fac0dfad252caa547bfcb8853b7db230d66fa0d0a71212b312f47e36e007a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Thu, 06 Apr 2017 03:22:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "074a01085aed21:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 7063
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK jquery.signalR.min.js Show response
echat.citibank.com.tw/Scripts/ 39 KB
40 KB 1628ms
987ms Script
application/javascript 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/Scripts/jquery.signalR.min.js

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Thu, 15 Nov 2018 05:40:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "06eddb6a57cd41:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 40039
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK jquery.cookie.js Show response
echat.citibank.com.tw/Scripts/site/ 3 KB
4 KB 1085ms
289ms Script
application/javascript 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/Scripts/site/jquery.cookie.js

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 07 Mar 2017 08:35:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "0e45ed41d97d21:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 3121
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK chat.js Show response
echat.citibank.com.tw/Scripts/site/ 28 KB
8 KB 965ms
167ms Script
application/javascript 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/Scripts/site/chat.js?v=182131

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

15ec060b4e3b9b1022c1378bb209ddefe5175aaa845d07b45b3394fe1aa95868

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Length: 7109
X-XSS-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Mon, 02 Aug 2021 10:52:28 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 04 Jan 2022 10:21:32 GMT
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/javascript
ETag: "0fe387c8c87d71:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes

GET
H/1.1 200
OK alert.js Show response
echat.citibank.com.tw/Scripts/site/ 1 KB
2 KB 1031ms
180ms Script
application/javascript 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to

Full URL

https://echat.citibank.com.tw/Scripts/site/alert.js?v=182131

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

0a685d5e54337a20d51d04fd76aa0e2cc269dd5d2a99334e9ea1640f9dc59c27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Wed, 14 Apr 2021 13:26:37 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "2211bbcb3131d71:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 1502
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK loader.svg
echat.citibank.com.tw/assets/images/ 2 KB
3 KB 305ms
305ms Image
image/svg+xml 192.193.157.194
CITI5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://echat.citibank.com.tw/assets/images/loader.svg

Requested by

Host: echat.citibank.com.tw
URL: https://echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.157.194 , United States, ASN2912 (CITI5, US),

Reverse DNS

echat.citibank.com.tw

Software

Microsoft-IIS/8.5 / ARR/3.0

Resource Hash

2caaca821105a90d0915f61b3d857bbd32d488459badc4cf044ddfc4c997d3d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified: Fri, 30 Sep 2016 06:48:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block, 1; mode=block
Date: Tue, 04 Jan 2022 10:21:32 GMT
ETag: "0c819b2e61ad21:0"
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges: bytes
Content-Length: 2269
X-Content-Type-Options: nosniff, nosniff

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			echat.citibank.com.tw/	1969-12-31 23:59:59	Name: user_session Value: 3eb2hwivfcfk1uexrytfn1l4whnhpc3x51hpgtctfnczfzcwuxnufyilauberdl4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1; mode=block
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

echat.citibank.com.tw
192.193.157.194
0a685d5e54337a20d51d04fd76aa0e2cc269dd5d2a99334e9ea1640f9dc59c27
15ec060b4e3b9b1022c1378bb209ddefe5175aaa845d07b45b3394fe1aa95868
2caaca821105a90d0915f61b3d857bbd32d488459badc4cf044ddfc4c997d3d5
354795fe681e7caab7bbd1588b1a212852a7094876719ccfe7b1622f0f169227
39adcbf897b6df852321692a0774062fa820328f0d2b4b66771a0a5d9ab351ff
3a15c352194f27fa8c0408b6c78f4072dec9eba8974e54072ab1f27233c65a7a
41bf10ee1951bccc0e4c6a448281a14414326d30072693bdc3128c92fefe41e5
544033acc9616e99b4a80f90cc1dc645660b57b2834e89a436117df7ecd0745f
6c6fac0dfad252caa547bfcb8853b7db230d66fa0d0a71212b312f47e36e007a
a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
e38353c397108c2ce7b910781b24dba6b5dead504b2e1af3597af738a6935180
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

echat.citibank.com.tw Open in urlscan Pro 192.193.157.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

343 kBTransfer

649 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

echat.citibank.com.tw Open in urlscan Pro
192.193.157.194 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

343 kB
Transfer

649 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions