urlscan.io logo urlscan.io
SecurityTrails logo

www.citiserivice.com Open in urlscan Pro
46.252.181.103  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.citiserivice.com/
Effective URL: https://www.citiserivice.com/US/
Submission: On September 27 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 47 HTTP transactions. The main IP is 46.252.181.103, located in France and belongs to MAGICRETAIL, FR. The main domain is www.citiserivice.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 27th 2020. Valid for: 3 months.
This is the only time www.citiserivice.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 42 46.252.181.103 43424 (MAGICRETAIL)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 107.22.16.63 14618 (AMAZON-AES)
47 5
42    46.252.181.103 (France)

ASN43424 (MAGICRETAIL, FR)
www.citiserivice.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
3    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    107.22.16.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-16-63.compute-1.amazonaws.com
cyseal.cyveillance.com
Domain Requested by
42 www.citiserivice.com 1 redirects www.citiserivice.com
3 www.google.com cse.google.com
1 cyseal.cyveillance.com www.citiserivice.com
1 cse.google.com www.citiserivice.com
1 stackpath.bootstrapcdn.com www.citiserivice.com
47 5
Subject Issuer Validity Valid
www.citiserivice.com
Let's Encrypt Authority X3		 2020-09-27 -
2020-12-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
cyseal.cyveillance.com
Amazon		 2020-01-05 -
2021-02-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.citiserivice.com/US/
Frame ID: F7CE987A39D446365D56BE34C6707662
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.citiserivice.com/ HTTP 302
    https://www.citiserivice.com/US/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

1123 kB
Transfer

2565 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.citiserivice.com/ HTTP 302
    https://www.citiserivice.com/US/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.citiserivice.com/US/
Redirect Chain
  • https://www.citiserivice.com/
  • https://www.citiserivice.com/US/
76 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
b565649f05eda6c9debe0b6262cca80c327bf06dae109be11b4259d32744bede

Request headers

Host
www.citiserivice.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Set-Cookie
bk_login_tries=0; expires=Sun, 27-Sep-2020 21:27:02 GMT; Max-Age=0; path=/ bk_login_tries=3; expires=Sun, 08-Nov-2020 13:37:02 GMT; Max-Age=3600000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Location
US/
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.citiserivice.com
Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 21:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
main.css
www.citiserivice.com/US/assets/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/main.css
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
e45f6d6801dfd651aa989fec89b43ef6fca91c9b48d4cfd701505ad007e86d37

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:48:45 GMT
Server
Apache
ETag
"b8fa-5b051ad025fc4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
7304
ddl.css
www.citiserivice.com/US/assets/ 		624 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/ddl.css
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:45:18 GMT
Server
Apache
ETag
"9bf12-5b051a0ae7224-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
main_branding.css
www.citiserivice.com/US/assets/ 		272 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/main_branding.css
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
286efd8efeed62503c397f72d7d1414b7b72118ee0b083b0d4dfe0955ce62e5d

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:49:43 GMT
Server
Apache
ETag
"4416e-5b051b07b1495-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
44002
vendor.js
www.citiserivice.com/US/assets/ 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/vendor.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:51:10 GMT
Server
Apache
ETag
"32fc9-5b051b5b52ce0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Sozu-Id
2679f5f2-c7b6-48cf-9a18-6b4f25603a10
Accept-Ranges
bytes
homePage.css
www.citiserivice.com/US/assets/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/homePage.css
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:46:12 GMT
Server
Apache
ETag
"6030-5b051a3f28e0d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
5056
jquery.js
www.citiserivice.com/US/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/jquery.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:47:52 GMT
Server
Apache
ETag
"1825-5b051a9e1bdec-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2905
cbol-smartSearch.css
www.citiserivice.com/US/assets/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/cbol-smartSearch.css
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:40:49 GMT
Server
Apache
ETag
"1ebf-5b05190aec53d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
905
HowCanWeHelpButton_default.png
www.citiserivice.com/US/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/HowCanWeHelpButton_default.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
f35167f960fb0ce996db66bdfc5723771a4acc8e7206b282e7dfaa8c2ca81e3b

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:46:16 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"d24-5b051a42c244e"
Content-Length
3364
Content-Type
image/png
citiHomePage.js
www.citiserivice.com/US/assets/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/citiHomePage.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:41:47 GMT
Server
Apache
ETag
"3a12-5b05194270cae-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4261
rsa.js
www.citiserivice.com/US/assets/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/rsa.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:49:46 GMT
Server
Apache
ETag
"8ffb-5b051b0a8ac82-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Sozu-Id
2679f5f2-c7b6-48cf-9a18-6b4f25603a10
Accept-Ranges
bytes
Content-Length
10641
TMXProfiling.js
www.citiserivice.com/US/assets/ 		1 KB
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/TMXProfiling.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:50:36 GMT
Server
Apache
ETag
"4f3-5b051b3acc5a1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
546
peworkflow.js
www.citiserivice.com/US/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/peworkflow.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:49:22 GMT
Server
Apache
ETag
"14c9-5b051af408cb2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1806
HP3443_H.jpg
www.citiserivice.com/US/assets/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/HP3443_H.jpg
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
06d733b09a9fccaa6b2c7ee0e8c9002f782366cbd16f1204e14c43e803d61051

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:46:35 GMT
Server
Apache
ETag
"11b67-5b051a5438fdf"
Content-Type
image/jpeg
Sozu-Id
4894b386-ddfd-418d-959f-39c32f1e30f7
Accept-Ranges
bytes
Content-Length
72551
450x285-rewards.png
www.citiserivice.com/US/assets/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/450x285-rewards.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
b81c40d26fc71a79f47e28b43f4f3818f871c8d0ad99f52e35bcab45b8514a33

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:37:37 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"10796-5b051853ef651"
Content-Length
67478
Content-Type
image/png
8119_M.jpg
www.citiserivice.com/US/assets/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/8119_M.jpg
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
0690a4485453c0be441deee586e2a116b22428f40bfc494ec04af97a5cbc0720

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:38:58 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"1825d-5b0518a1376ad"
Content-Length
98909
Content-Type
image/jpeg
M1-M7_Citi-card-cluster-4.jpg
www.citiserivice.com/US/assets/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/M1-M7_Citi-card-cluster-4.jpg
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
fb42046c6feabb3126634752069391d76d8ded5770a936eb1ce0cdd6aa7358b9

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:48:38 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"196a9-5b051aca02ef0"
Content-Length
104105
Content-Type
image/jpeg
HP7244_M.jpg
www.citiserivice.com/US/assets/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/HP7244_M.jpg
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
18dd14391c927abdc4816f8aa2f22ff434b138b7495fbbcbdfed944f1d77a567

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:47:45 GMT
Server
Apache
ETag
"161f9-5b051a970fe84"
Content-Type
image/jpeg
Sozu-Id
4fe85c83-99bd-4005-a3cb-0abfba584fec
Accept-Ranges
bytes
Content-Length
90617
8150_M.jpg
www.citiserivice.com/US/assets/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/8150_M.jpg
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
ac5765dee0ca74b3ffb169f12880229be905b412bdcc9c87649b3040f5aa688a

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:39:17 GMT
Server
Apache
ETag
"11f5f-5b0518b303588"
Content-Type
image/jpeg
Sozu-Id
58a419de-eaf4-4c1c-bb48-713b7911b216
Accept-Ranges
bytes
Content-Length
73567
citi-logo.png
www.citiserivice.com/US/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/citi-logo.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:41:12 GMT
Server
Apache
ETag
"410-5b051920d963a"
Content-Type
image/png
Sozu-Id
c8949f0e-a905-4fbd-9abc-bda54f0172e7
Accept-Ranges
bytes
Content-Length
1040
2020CertifiedMobileApp.png
www.citiserivice.com/US/assets/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/2020CertifiedMobileApp.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
9b6b088fca09ddacae59b9a27c581dce6746dea026c93adb6c3ca30e586ac8de

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:38:43 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"3a13b-5b05189256519"
Content-Length
237883
Content-Type
image/png
googlePlay_1px.png
www.citiserivice.com/US/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/googlePlay_1px.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:46:08 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"f3c-5b051a3aa6d21"
Content-Length
3900
Content-Type
image/png
appStore_1px.png
www.citiserivice.com/US/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/appStore_1px.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Last-Modified
Sun, 27 Sep 2020 20:40:07 GMT
Server
Apache
ETag
"db9-5b0518e265c52"
Content-Type
image/png
Sozu-Id
8ee2cf90-8ce6-454c-94fa-dc8e31be484a
Accept-Ranges
bytes
Content-Length
3513
oo_engine.js
www.citiserivice.com/US/assets/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/oo_engine.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:49:19 GMT
Server
Apache
ETag
"a90c-5b051af0e3203-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
11720
ddl.js
www.citiserivice.com/US/assets/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/ddl.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:45:16 GMT
Server
Apache
ETag
"ff33-5b051a0916883-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
17727
main.js
www.citiserivice.com/US/assets/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/main.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:49:11 GMT
Server
Apache
ETag
"8469-5b051ae99c91a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Sozu-Id
c96cc65f-889b-43be-95d3-1ca97c380223
Accept-Ranges
bytes
Content-Length
7976
citilive-search.js
www.citiserivice.com/US/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/citilive-search.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:43:49 GMT
Server
Apache
ETag
"9fe-5b0519b6b9f77-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1080
cbol-smartSearch-inject.js
www.citiserivice.com/US/assets/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/cbol-smartSearch-inject.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
b95fb980f8f91f1c113d3411d3fbf608e143bf4d10fe0706bb6d2231f13bd228

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:40:46 GMT
Server
Apache
ETag
"33fb-5b051908407c9-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3034
siteseal2p.js
www.citiserivice.com/US/assets/ 		660 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/siteseal2p.js
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
dd200eba0aa140fd144f8a3dd5fa458ec13acabfa544b5e6a5e039b658b25841

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:49:51 GMT
Server
Apache
ETag
"294-5b051b1002723-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
367
cobrowse_overlay.css
www.citiserivice.com/US/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/cobrowse_overlay.css
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Sep 2020 20:43:51 GMT
Server
Apache
ETag
"1c34-5b0519b83cafe-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1597
Interstate-Light.woff
www.citiserivice.com/US/assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/fonts/interstate/Interstate-Light.woff
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/ddl.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://www.citiserivice.com
Referer
https://www.citiserivice.com/US/assets/ddl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Sozu-Id
d220df1e-98e1-4d75-99e3-2b1efdcf9330
Content-Type
text/html; charset=iso-8859-1
Interstate-Light.ttf
www.citiserivice.com/US/assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/fonts/interstate/Interstate-Light.ttf
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/ddl.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://www.citiserivice.com
Referer
https://www.citiserivice.com/US/assets/ddl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Sozu-Id
c96cc65f-889b-43be-95d3-1ca97c380223
Content-Type
text/html; charset=iso-8859-1
arrow-btn-next-blue-sm-bold.svg
www.citiserivice.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-blue-sm-bold.svg
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://www.citiserivice.com/US/assets/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Sozu-Id
6bb7ea1b-aa86-477f-b079-824fd4ae835e
Content-Type
text/html; charset=iso-8859-1
Citi-Branding-Sprite.png
www.citiserivice.com/US/assets/assets/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/US/assets/assets/Citi-Branding-Sprite.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/main_branding.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://www.citiserivice.com/US/assets/main_branding.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
Citi-Branding-Sprite.png
www.citiserivice.com/GFC/branding/img/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/GFC/branding/img/Citi-Branding-Sprite.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/main_branding.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://www.citiserivice.com/US/assets/main_branding.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Sozu-Id
8bfcd25a-996e-456c-9e09-da5bcd148f8f
Content-Type
text/html; charset=iso-8859-1
appStore_1px.png
www.citiserivice.com/GFC/branding/responsivebranding/img/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/GFC/branding/responsivebranding/img/appStore_1px.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/main_branding.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://www.citiserivice.com/US/assets/main_branding.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
googlePlay_1px.png
www.citiserivice.com/GFC/branding/responsivebranding/img/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/GFC/branding/responsivebranding/img/googlePlay_1px.png
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/main_branding.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://www.citiserivice.com/US/assets/main_branding.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Sozu-Id
915be666-7f85-41d3-b18e-d3306108e1e6
Content-Type
text/html; charset=iso-8859-1
arrow-btn-next-white-sm-bold.svg
www.citiserivice.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-white-sm-bold.svg
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/homePage.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://www.citiserivice.com/US/assets/homePage.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
oo_icon_retina.gif
www.citiserivice.com/GFC/branding/olab/images/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citiserivice.com/GFC/branding/olab/images/oo_icon_retina.gif
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/main_branding.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://www.citiserivice.com/US/assets/main_branding.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
Interstate-Bold.woff
www.citiserivice.com/US/assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/fonts/interstate/Interstate-Bold.woff
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/ddl.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://www.citiserivice.com
Referer
https://www.citiserivice.com/US/assets/ddl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Sozu-Id
956b427c-1917-4fb2-b066-f3fdc615b3d1
Content-Type
text/html; charset=iso-8859-1
cse.js
cse.google.com/cse/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
16ea77d3a28ccad208a803d72a3899028782123303f694404ba83b244f75ff9d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 21:37:02 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3462
x-xss-protection
0
expires
Sun, 27 Sep 2020 21:37:02 GMT
Interstate-Bold.ttf
www.citiserivice.com/US/assets/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citiserivice.com/US/assets/fonts/interstate/Interstate-Bold.ttf
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/ddl.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.103 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://www.citiserivice.com
Referer
https://www.citiserivice.com/US/assets/ddl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:02 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
cse_element__de.js
www.google.com/cse/static/element/26b8d00a7c7a0812/ 		261 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/26b8d00a7c7a0812/cse_element__de.js?usqp=CAM%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80813f64f1296c3ef9d1bac5919dba48a674037da93110861b68ef1bba4c92d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Sep 2020 17:52:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 13:27:13 GMT
server
sffe
age
99884
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88565
x-xss-protection
0
expires
Sun, 26 Sep 2021 17:52:18 GMT
default+de.css
www.google.com/cse/static/element/26b8d00a7c7a0812/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/26b8d00a7c7a0812/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 15:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 13:27:13 GMT
server
sffe
age
23508
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8947
x-xss-protection
0
expires
Mon, 27 Sep 2021 15:05:14 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 21:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
age
817
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
expires
Sun, 27 Sep 2020 22:13:25 GMT
cyss.js
cyseal.cyveillance.com/SiteSeal/ 		0
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cyseal.cyveillance.com/SiteSeal/cyss.js?ref=www.citiserivice.com
Requested by
Host: www.citiserivice.com
URL: https://www.citiserivice.com/US/assets/siteseal2p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.16.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-16-63.compute-1.amazonaws.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_jk/1.2.40 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.citiserivice.com/US/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 21:37:03 GMT
Server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_jk/1.2.40
Connection
keep-alive
Content-Length
0
Content-Type
application/javascript

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| jQuery1910698401274918582 object| respond number| signonInitialHeight undefined| signonModalHeight boolean| signonBlock function| populateEFDParams function| populateClientData function| submitRSADevicePrint function| submitmobilegeolocation function| doSubmit function| signOnUnamePwdError function| clearFieldErrorValidation function| onSelectUser function| insertAfter function| mask function| focusOn function| blurOn function| doMask function| OpenInNewTab function| displayLable function| launchPopup function| tv function| initMLC function| displayServerName function| isTestDomain function| getCookie function| setCookie function| calLinkCharLength function| truncateOtherAlert function| truncateBrowserAlert function| passTmplObj function| closeAlertBox function| showFullMsg function| hideFullMsg function| truncateMsg function| showAlerts function| hideAlerts function| handleOutageAlert function| handleSignonLink function| adjustHeroHeight function| adjustHeroOnRotation function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| getRequestParams string| immediateReferrer boolean| isJavaEnabled string| screenResolution object| peworkflow object| commonUtils function| peintg object| OOo function| commaSeperatedList function| arraysEqual object| CM function| onYouTubeIframeAPIReady boolean| iOS string| titleAttr function| hasClass function| setSearchBarLabel function| changeViewport function| setPageTimeout function| delayPageTimeout function| resetPageTimeout function| sessionRecovery function| callSessionCheck function| sessionCheckReturn function| beforeYouGo function| getBrandingData function| getFinalURL function| lnk function| isSubappBusy function| confirmGo function| ConfirmGo function| myFunction function| closeActiveFlyoutMenu function| hideSearchBar object| globalNavigation function| gssCallback object| requestURL object| params undefined| element undefined| h1Element undefined| fullSearchURL undefined| newElement function| gsearch2 function| scEventL function| scEvent boolean| flag function| gsearch function| searchComplete function| renderSearchControls object| pageTimer object| delayTimer undefined| branding_sc_p3 string| displayPhrase string| displayPhrase2 undefined| subMenuMargin object| year function| getParameterByName object| ids_menu object| ids_hasdrop object| ids_dropbtn function| mobileDropdown function| mobileSubDropdown function| hideMobileDrop function| getSpanishHref function| showSpanishDisclaimer function| closeSpanishDisclaimer function| redirectToSpanishPage function| getEnglishHref function| redirectToEnglishPage object| __gcse object| $desktopSearchWrap object| $desktopSearchBar object| $desktopSearchBtn object| CitiSearchConfig function| NexusPlatformDelegateToCBOL function| NexusPlatformChatEscalationCBOL function| _focusFirstHeader function| _focusPreviousHeader function| _focusNextHeader object| google object| closure_lm_274642

1 Cookies

Domain/Path Name / Value
www.citiserivice.com/ Name: bk_login_tries
Value: 3

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.citiserivice.com/US/assets/TMXProfiling.js(Line 4)
Message:
start tmxProfiling.js

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cse.google.com
cyseal.cyveillance.com
stackpath.bootstrapcdn.com
www.citiserivice.com
www.google.com
107.22.16.63
2001:4de0:ac19::1:b:1a
2a00:1450:4001:81d::200e
2a00:1450:4001:824::2004
46.252.181.103
0690a4485453c0be441deee586e2a116b22428f40bfc494ec04af97a5cbc0720
06d733b09a9fccaa6b2c7ee0e8c9002f782366cbd16f1204e14c43e803d61051
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
16ea77d3a28ccad208a803d72a3899028782123303f694404ba83b244f75ff9d
18dd14391c927abdc4816f8aa2f22ff434b138b7495fbbcbdfed944f1d77a567
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
286efd8efeed62503c397f72d7d1414b7b72118ee0b083b0d4dfe0955ce62e5d
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
80813f64f1296c3ef9d1bac5919dba48a674037da93110861b68ef1bba4c92d3
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a
9b6b088fca09ddacae59b9a27c581dce6746dea026c93adb6c3ca30e586ac8de
9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
ac5765dee0ca74b3ffb169f12880229be905b412bdcc9c87649b3040f5aa688a
b565649f05eda6c9debe0b6262cca80c327bf06dae109be11b4259d32744bede
b81c40d26fc71a79f47e28b43f4f3818f871c8d0ad99f52e35bcab45b8514a33
b95fb980f8f91f1c113d3411d3fbf608e143bf4d10fe0706bb6d2231f13bd228
dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd200eba0aa140fd144f8a3dd5fa458ec13acabfa544b5e6a5e039b658b25841
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45f6d6801dfd651aa989fec89b43ef6fca91c9b48d4cfd701505ad007e86d37
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470
f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8
f35167f960fb0ce996db66bdfc5723771a4acc8e7206b282e7dfaa8c2ca81e3b
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2
fb42046c6feabb3126634752069391d76d8ded5770a936eb1ce0cdd6aa7358b9
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b