www.citi.com Open in urlscan Pro
184.87.60.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUse...
Effective URL:
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAcc...
Submission: On May 01 via manual (May 1st 2024, 8:31:23 pm UTC) from CA — Scanned from CA

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 29 HTTP transactions. The main IP is 184.87.60.208, located in New York, United States and belongs to AKAMAI-AS, US. The main domain is www.citi.com. The Cisco Umbrella rank of the primary domain is 25395.
TLS certificate: Issued by DigiCert EV RSA CA G2 on November 7th 2023. Valid for: a year.

This is the only time www.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	173.213.4.17 173.213.4.17	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
3	63.148.46.76 63.148.46.76	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1 1	23.36.88.236 23.36.88.236	16625 (AKAMAI-AS) (AKAMAI-AS)
18	184.87.60.208 184.87.60.208	16625 (AKAMAI-AS) (AKAMAI-AS)
29	5

3 173.213.4.17 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)

fm.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.info6.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.148.46.76 (Royalton, United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com

sts.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.88.236 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-88-236.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 184.87.60.208 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-60-208.deploy.static.akamaitechnologies.com

www.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	citi.com 1 redirects fm.info6.citi.com — Cisco Umbrella Rank: 340610 l.info6.citi.com — Cisco Umbrella Rank: 119508 online.citi.com — Cisco Umbrella Rank: 20890 www.citi.com — Cisco Umbrella Rank: 25395	2 MB
3	eccmp.com sts.eccmp.com — Cisco Umbrella Rank: 22982	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 363	30 KB
0	techlab-cdn.com Failed p11.techlab-cdn.com Failed
29	4

	Domain	Requested by
18	www.citi.com	fm.info6.citi.com www.citi.com
3	sts.eccmp.com	fm.info6.citi.com sts.eccmp.com
2	fm.info6.citi.com
1	online.citi.com	1 redirects
1	l.info6.citi.com	fm.info6.citi.com
1	ajax.googleapis.com	fm.info6.citi.com
0	p11.techlab-cdn.com Failed	www.citi.com
29	7

This site contains no links.

Subject Issuer	Validity	Valid
info6.citi.com DigiCert EV RSA CA G2	`2023-11-29` - `2024-12-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-24` - `2024-06-09`	a year	crt.sh
www.citi.com DigiCert EV RSA CA G2	`2023-11-07` - `2024-12-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Frame ID: 4CBD314F9E63BE7BF08BEF543BD42CAC
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2... Page URL
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA... HTTP 301
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING... Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

86 %
HTTPS

20 %
IPv6

4
Domains

7
Subdomains

5
IPs

1
Countries

1632 kB
Transfer

6619 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_USCBOL_AccountHome&transId=A20240501P0193962 Page URL
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount HTTP 301
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK url.aspx Show response
fm.info6.citi.com/ats/ 16 KB
5 KB 1055ms
477ms Document
text/html 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_USCBOL_AccountHome&transId=A20240501P0193962
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: db3a8d5be00a52804175c97fb4b5555acd35a5d6f85a8d7ea2c138fb3bf60808

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4910
Content-Type: text/html; charset=utf-8
Date: Wed, 01 May 2024 20:31:18 GMT
Expires: 0
Pragma: no-cache
SERVER
Vary: Accept-Encoding
X-Powered-By

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 548ms
138ms Script
text/javascript 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_USCBOL_AccountHome&transId=A20240501P0193962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fm.info6.citi.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 06:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 06:20:25 GMT

GET
H/1.1 200
OK open.aspx
l.info6.citi.com/rts/ 43 B
432 B 567ms
108ms Image
image/gif 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.info6.citi.com/rts/open.aspx?tp=i-16IJ-9x-M-AjNgU9-1q-7fy1Fb-1c-U4-G-lALQPTVAg5-13TbgL
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_USCBOL_AccountHome&transId=A20240501P0193962
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fm.info6.citi.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 01 May 2024 20:31:18 GMT
Server
X-Powered-By
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, max-age=0
Expires: 0

GET
H/1.1 200
OK conversen-SDK.js Show response
sts.eccmp.com/sts/scripts/ 15 KB
7 KB 568ms
137ms Script
application/javascript 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_USCBOL_AccountHome&transId=A20240501P0193962
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fm.info6.citi.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 20:31:19 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Apr 2024 13:34:50 GMT
Server
Age: 3606
ETag: "0b93586708eda1:0"
X-Powered-By
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7009

GET
H/1.1 200
OK 617 Show response
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 35 B
426 B 532ms
108ms XHR
text/xml 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/617
Requested by: Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fm.info6.citi.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 20:31:20 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 35

GET
H/1.1 200
OK image.gif
sts.eccmp.com/wts/WebEvent/ 807 B
1 KB 109ms
109ms Image
image/gif 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sts.eccmp.com/wts/WebEvent/image.gif?isSplit=false&guid=07f9fe2b-752c-d3da-72ba-f3933b28ee34&segmentNumber=1&pm[linkName]=CN_USCBOL_AccountHome&pm[transId]=A20240501P0193962&rp[cr]=617&rp[wegc]=&rp[et]=100&rp[ap]=&rp[we]=1
Requested by: Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_USCBOL_AccountHome&transId=A20240501P0193962
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fm.info6.citi.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 20:31:18 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: private
Content-Length: 807

GET
H/1.1 404
Not Found favicon.ico
fm.info6.citi.com/ 1 KB
947 B 106ms
105ms Other
text/html 173.213.4.17
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://fm.info6.citi.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount&linkName=CN_USCBOL_AccountHome&transId=A20240501P0193962
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 20:31:19 GMT
Content-Encoding: gzip
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: text/html
Connection: Keep-Alive
Content-Length: 741

GET
H2

200

Primary Request login Show response
www.citi.com/
Redirect Chain

https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

192 KB
39 KB

824ms
170ms

Document
text/html

184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

64d2605cacef914c5934aa8a1cbd96310c761a6c132e442a4b483b811884e92d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://fm.info6.citi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
access-control-max-age: 2147483647
cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: GT1DMS
etag: W/"2fd5b-G1NKfl2hDwsCoQkT+44Y3S/a/oE"
expires: Wed, 01 May 2024 20:31:22 GMT
nonce: 8548039801946473
pragma: no-cache
referrer-policy: no-referrer
scope: VISITOR
server: nginx
sid: 8331cb24-b073-4a08-9393-6d4fbfbc1c28
strict-transport-security: max-age=31536000; includeSubDomains
uuid: d2632812-dadd-46fb-8404-4461fcd9ec39
vary: Accept-Encoding
x-akamai-citisite: GTDC
x-akamai-transformed: 9 38303 0 pmb=mTOE,1
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
x-vcap-request-id: da52580a-20cf-4546-434d-890804f4547c
x-xss-protection: 1 ; mode=block

Redirect headers

content-length: 0
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
date: Wed, 01 May 2024 20:31:21 GMT
location: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
server: AkamaiGHost
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-robots-tag: noindex, nofollow
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 89557c2456a1555bf6f96086ea852669dd0011213c3f Show response
www.citi.com/public/ 158 KB
56 KB 141ms
138ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/public/89557c2456a1555bf6f96086ea852669dd0011213c3f
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-60-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 309be52a9c154934aab450e128399af8f915c514ff385e315ebfde5a8d0e42c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:31:22 GMT
content-encoding: gzip
last-modified: Fri, 05 Apr 2024 17:54:19 GMT
content-md5: fKNSrW9nyZaJfXd9gRQ82w==
etag: 0x8DC55996B2BE2EB
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: https://citimobile.citibankonline.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 56387
expires: Wed, 01 May 2024 20:41:22 GMT

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 1 KB
1 KB 266ms
263ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-60-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0e0a33aaf925ad7016e32d75db351313024bd3f42428a964e656578ed45fad23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 20:31:22 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ion-hop: Prod
access-control-allow-origin: https://citimobile.citibankonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 737
expires: 0

GET
H2 200 tagging.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 42 KB
10 KB 899ms
896ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/tagging.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6fac9e333a345d008b027e55517ba0a7b37f4cf5e2218b01ba9855c7614ec47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: 8e1a2ef0-45d0-46d1-b1ea-b197dfd26ccf
content-length: 9908
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"a700-18f13631278"
access-control-max-age: 2147483647
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://citimobile.citibankonline.com
x-vcap-request-id: b081dcf0-9ddc-43a2-5c75-86a1197b92ee
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 02 May 2024 02:31:22 GMT

GET
H2 200 banner.min.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 14 KB
5 KB 448ms
446ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/banner.min.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7ee631ff5513ea1a236f455459687f7ba034f2ca6bca26ca3bb439ced608a46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: 852a7848-7316-42b4-8ba4-38cfb98534dd
content-length: 4355
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"363d-18f13631278"
access-control-max-age: 2147483647
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://citimobile.citibankonline.com
x-vcap-request-id: 9150852b-ee30-4f46-5206-e588c082454f
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 02 May 2024 02:31:22 GMT

GET
H2 200 Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 74 KB
75 KB 353ms
351ms Font
font/woff 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.citi.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

sid: 4ad79ce3-87e1-4ec6-ba25-17b8f3bb0290
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
nonce: 7216526941977080
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: 1cab13df-5958-4092-b7ff-449bf1cc697f
content-length: 75538
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"12712-18f13631278"
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: font/woff
scope: VISITOR
x-vcap-request-id: b74b2bc2-c81b-4de8-7315-572db6e8583a
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 02 May 2024 02:31:22 GMT

GET
H2 200 Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 70 KB
71 KB 306ms
304ms Font
font/woff 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.citi.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

sid: 6f2345bb-f525-470e-b9e4-cdb7f6395937
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
nonce: 9380611511459637
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: baf4b41c-dd77-4242-bab5-a32334844cb3
content-length: 71874
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"118c2-18f13631278"
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: font/woff
scope: VISITOR
x-vcap-request-id: 60a6e061-4ce7-4fe4-6d8b-90b72f262f36
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 02 May 2024 02:31:22 GMT

GET
H2 200 Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ 77 KB
78 KB 856ms
854ms Font
font/woff 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.citi.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

sid: 02cadc67-6ff7-46b0-9432-d074382c81a5
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
nonce: 9865726532150502
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: b49da0a7-856a-48f2-92ec-95049dccbf4d
content-length: 78762
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"133aa-18f13631278"
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: font/woff
scope: VISITOR
x-vcap-request-id: 403cb344-9aa4-456c-4cf7-a6e42a1665ab
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Thu, 02 May 2024 02:31:22 GMT

GET
H2 200 styles.958e0aa55e23c233.css
www.citi.com/cbol-pre-login-static-assets/ 2 MB
163 KB 606ms
605ms Stylesheet
text/css 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/styles.958e0aa55e23c233.css

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

800b1e1c1ae4398778aba23368c9d3ecb82cc011f70605127e0d657153b10ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: ae0161aa-5d82-4ed6-b313-a97b11f4fe43
content-length: 165852
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:55:14 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"18467d-18f1364a4d0"
access-control-max-age: 2147483647
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://citimobile.citibankonline.com
x-vcap-request-id: b6530012-a00a-4751-6dc9-cac804527a34
cache-control: max-age=2592000, public, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 31 May 2024 12:07:45 GMT

GET
H2 200 fp-clientlib-v5.js Show response
www.citi.com/cbol-pre-login-static-assets/assets/js/ 4 KB
2 KB 338ms
337ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp-clientlib-v5.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3bcf19ce679acd27c2218eeb943c2d8611265d526df55518b416e43f151b4c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: c09b7f48-c4e0-4214-adce-03ba29176c30
content-length: 1547
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"e6d-18f13631278"
access-control-max-age: 2147483647
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://citimobile.citibankonline.com
x-vcap-request-id: c84cc813-95af-44b7-4e66-6b4836b09096
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 02 May 2024 02:31:22 GMT

GET
H2 200 fp.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ 19 KB
5 KB 205ms
204ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/assets/js/fp.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:23 GMT
dclocation: SW1DMS
uuid: a6834f46-3559-4c82-b3c4-25a128868957
content-length: 4844
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"4de4-18f13631278"
access-control-max-age: 2147483647
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://citimobile.citibankonline.com
x-vcap-request-id: 61f7fd59-5146-4c08-4162-253ee0a29d0f
cache-control: public, no-transform, max-age=21600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 02 May 2024 02:31:23 GMT

GET
H2 200 runtime.c3143b0d386b1b39.js Show response
www.citi.com/cbol-pre-login-static-assets/ 3 KB
3 KB 301ms
299ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/runtime.c3143b0d386b1b39.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

86ac6124badbdfa7eeacf2b52699ce7ea556a9b5e5c64e24739fe9b2584c5ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.citi.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: 981947ec-81fb-4e18-bfc6-c93b804aa94e
content-length: 1758
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"d22-18f13631278"
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-vcap-request-id: 039d3653-b3ee-417f-735c-348c7a14afa3
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: max-age=2592000, public, no-transform
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Fri, 31 May 2024 12:07:46 GMT

GET
H2 200 polyfills.adb80ee790195eb1.js Show response
www.citi.com/cbol-pre-login-static-assets/ 48 KB
17 KB 413ms
412ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/polyfills.adb80ee790195eb1.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.citi.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: 9a17e878-47b1-4cd1-bc2a-7cd0f8c314b3
content-length: 16650
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"be3d-18f13631278"
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-vcap-request-id: e692c60c-438c-4f55-4b9c-1a2da1dd495b
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: max-age=2592000, public, no-transform
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Fri, 31 May 2024 12:07:45 GMT

GET
H2 200 scripts.9655e22a1093af91.js
www.citi.com/cbol-pre-login-static-assets/ 52 KB
15 KB 294ms
293ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/scripts.9655e22a1093af91.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:23 GMT
dclocation: SW1DMS
uuid: dc2d9653-5a9b-4077-916e-bfc5e4fa9b69
content-length: 15188
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:53:31 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"d1b6-18f13631278"
access-control-max-age: 2147483647
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://citimobile.citibankonline.com
x-vcap-request-id: df5feafc-fc5f-4a0e-7656-146c6167d627
cache-control: max-age=2592000, public, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 31 May 2024 12:07:45 GMT

GET
H2 200 main.8fa452b23c34d579.js Show response
www.citi.com/cbol-pre-login-static-assets/ 4 MB
792 KB 454ms
454ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.com/cbol-pre-login-static-assets/main.8fa452b23c34d579.js

Requested by

Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-60-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2a576f1e34810e984ded3adac0d88a6f648cdc1176a5f09cdd067f9e797d376a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1 ; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.citi.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 20:31:22 GMT
dclocation: SW1DMS
uuid: d2e2801e-67dc-4409-95ba-bc3f1a2d0582
content-length: 810095
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
last-modified: Thu, 25 Apr 2024 03:55:14 GMT
server: nginx
x-akamai-citisite: SWDC
etag: W/"39677a-18f1364a4d0"
access-control-max-age: 2147483647
access-control-allow-methods: GET,PUT,POST,DELETE,HEAD
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-vcap-request-id: 492bc434-07b9-4f00-6505-59234a4d1487
access-control-expose-headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
cache-control: max-age=2592000, public, no-transform
access-control-allow-credentials: true
access-control-allow-origin: https://citimobile.citibankonline.com
accept-ranges: bytes
access-control-allow-headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
expires: Fri, 31 May 2024 16:20:24 GMT

GET
H2 200 HNlT2w Show response
www.citi.com/XVGQ6R/8/5/46a8l64Kjw/V33bLNSfwDza/ODZq/UxBkF/ 213 KB
79 KB 162ms
161ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/XVGQ6R/8/5/46a8l64Kjw/V33bLNSfwDza/ODZq/UxBkF/HNlT2w
Requested by: Host: www.citi.com
URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-60-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:31:22 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 16:13:53 GMT
etag: "bfda2c1d96ea08d21d53014c4d116ba890087d0ed43c752804976d8a6230a9ae"
stored-attribute-sha-checksum: d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://citimobile.citibankonline.com
cache-control: max-age=21600, max-age=21600
access-control-allow-credentials: true
content-length: 80094

GET 65319_1825202430.js
p11.techlab-cdn.com/e/ 0
0

GET 65257_1825232097.js
p11.techlab-cdn.com/e/ 0
0

GET 64885_1825202523.js
p11.techlab-cdn.com/e/ 0
0

GET 65226_747628217.js
p11.techlab-cdn.com/e/ 0
0

GET
H2 200 6c8322c7341eac98645c10e3d1d3c7ae.js Show response
www.citi.com/assets/scripts/global/ 310 KB
176 KB 537ms
536ms Script
application/javascript 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/assets/scripts/global/6c8322c7341eac98645c10e3d1d3c7ae.js?seed=AECJ2TWPAQAAMCiX8lacVevYbirTICrHe1dKVlhoAhLpitntv1CUjtzj38Ao&X-soz9htCz--z=q
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/89557c2456a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-60-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: da51f7917295e1583149b191d2afb22cef25e59ade3e6b938498ff31b2e973d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:31:22 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://citimobile.citibankonline.com
x-ion-hop: Prod
cache-control: public, max-age=3600, immutable
access-control-allow-credentials: true

POST
H2 201 HNlT2w
www.citi.com/XVGQ6R/8/5/46a8l64Kjw/V33bLNSfwDza/ODZq/UxBkF/ 18 B
701 B 188ms
188ms XHR
application/json 184.87.60.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citi.com/XVGQ6R/8/5/46a8l64Kjw/V33bLNSfwDza/ODZq/UxBkF/HNlT2w
Requested by: Host: www.citi.com
URL: https://www.citi.com/public/89557c2456a1555bf6f96086ea852669dd0011213c3f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.60.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-60-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.citi.com, https://citimobile.citibankonline.com
date: Wed, 01 May 2024 20:31:23 GMT
access-control-allow-credentials: true, true
x_req_id: 110fee84-8114-4b3e-9cd7-d4eb3ada89a0
access-control-allow-headers: Content-Type
vary: Origin
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/e/65319_1825202430.js

Domain: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/e/65257_1825232097.js

Domain: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/e/64885_1825202523.js

Domain: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/e/65226_747628217.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fm.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1162287114.47873.0000
l.info6.citi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1howocpnaayx4c5433psu5ro
l.info6.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1162287114.47873.0000
.citi.com/	1970-01-20 20:26:40	Name: xyz_cr_617_et_100 Value: cr=617&wegc=&et=100&ap=&we=1
.citi.com/	1969-12-31 23:59:59	Name: AKMTLTSID Value: 1CA9A78746E950C481D92DFD63810ACE
.citi.com/	1970-01-20 20:16:42	Name: ak_bmsc Value: 2A019B37D4157DFFBC2786FCE79AB122~000000000000000000000000000000~YAAQLu/dF9RJPiyPAQAAlMnaNRc53w3sitPgMzJJ8haWp6SyQkpvI1cxzjmxsG5VqJJeRVRRHQ+2eqD5e74dNHNDZ5fQt/log0BYswDnUy7Y1YiEVYTubGoYgbCQJKhqjWFAO6+JDUp2XPwjJDFIdvq6TVPmrrpgslSiXu0h/CJdUpEN14hqwwTYshsUri1e8c14vbqlBTgSEdNkIwjM6JzV7yAi8cCvqPJGhHrYI3CfWSsOePSpQiWAoA863QAg4qlaIt11c05gsJ2weTnZ33/fV0rOLe5N+9wUQmQVlZZz4byk+1feOTxoLd2PdMXbAFcWt+L3JHnDsyH8fppnzqSJiabY0/ZKYE6Jt6RDZ3OfPTnqdNXnp2XtrQC5pKffsOmJybNGoA==
.citi.com/	1970-01-20 20:16:49	Name: bm_sz Value: D321C3BDDC5A00E8B1422185A964CFDA~YAAQLu/dF9VJPiyPAQAAlMnaNRfwTqJcG1m1X2xtSMNHAaiK4Y5+gwC8ebD8deo4NsYefezQHo7kSz5gOMIoaAmMs/TFVeWhkL3PCCI6e/jxXi50oPqUcYpVz99I28r9QcqXwzczzF2p9+f14XdD9okknezONNJFq1gi5xr2Z7HFinaUqWMJOD0vvyamqjlDCHnHfqJ1h1g83r8wUfWhFObOwX4sz0oDtltm+niDSupp9euWmHpaERutRx1qz9p9OKFsqhaIkRKeujSprv5R18FMksQRiEs3pN/YvCmbxExPBcHU090AZXqzujKe52sESfhrnviPTaxhg8os91kKee6euT+CDw8+ETWIsUfqm8oLme37niYr5EUFkl4akbQ8WNao2bZNGkIUQEjTxws=~4469304~3356723
.citi.com/	1970-01-21 05:02:11	Name: _abck Value: 6A0698C2C4F93ED007F4F269F5B3586D~-1~YAAQLu/dF9hJPiyPAQAAVsraNQsZw0bZD4kBeGpXUMjAoBqIcpT+/LkQPrarCSNTYCJoI+jg+hFs3D8UW/qwLFi6DM6LXqyi+psgU7Z9luVjdoeRyFrwCeafIWXIdFN83WLGtfbqlkGxUxv6C8fKOy1VSNkAq6KVSs6D1/X5XEFySFAPl2wh2iuUuv0mIcxw2Ew4Aoa4ihiYe0+2+Vm7YDvkoS7iZ/yaZq/KpjaUHh4BAb8ivEkXIw/xdafednXxWwnMI+rr42239nWIRWz8jN31P99wkOoAk4KXp9NNa1VKyPrDG0vvrsHL8nBcqaKD/6EJEMu/3izuPJ+91pC8FjGw1YnuRgj/bNpaH4Zvd2B/l0GVtmcXhRX8N6Ivqa6IMzK8zNyP+UU=~-1~-1~-1
.citi.com/	1970-01-21 05:52:35	Name: NMO5iv8Z Value: A2jK2jWPAQAA3Xe8qa136Cbn6tuFL4UC-4YqEt_5hEkiRhCtsnSl1p_NtMVNAaYAzS6ucgzkwH8AAEB3AAAAAA\|1\|0\|c46ec286ad01ac9b713027f19cb2c2cbc5ca1562

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fm.info6.citi.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fm.info6.citi.com
l.info6.citi.com
online.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
p11.techlab-cdn.com
173.213.4.17
184.87.60.208
23.36.88.236
2607:f8b0:4004:c08::5f
63.148.46.76
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
0e0a33aaf925ad7016e32d75db351313024bd3f42428a964e656578ed45fad23
2a576f1e34810e984ded3adac0d88a6f648cdc1176a5f09cdd067f9e797d376a
309be52a9c154934aab450e128399af8f915c514ff385e315ebfde5a8d0e42c1
3bcf19ce679acd27c2218eeb943c2d8611265d526df55518b416e43f151b4c6c
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
64d2605cacef914c5934aa8a1cbd96310c761a6c132e442a4b483b811884e92d
6fac9e333a345d008b027e55517ba0a7b37f4cf5e2218b01ba9855c7614ec47e
7ee631ff5513ea1a236f455459687f7ba034f2ca6bca26ca3bb439ced608a46f
800b1e1c1ae4398778aba23368c9d3ecb82cc011f70605127e0d657153b10ead
86ac6124badbdfa7eeacf2b52699ce7ea556a9b5e5c64e24739fe9b2584c5ef1
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411
d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b
da51f7917295e1583149b191d2afb22cef25e59ade3e6b938498ff31b2e973d6
db3a8d5be00a52804175c97fb4b5555acd35a5d6f85a8d7ea2c138fb3bf60808
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

www.citi.com Open in urlscan Pro 184.87.60.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

86 %HTTPS

20 %IPv6

4 Domains

7 Subdomains

5 IPs

1 Countries

1632 kBTransfer

6619 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

9 Cookies

1 Console Messages

Indicators

www.citi.com Open in urlscan Pro
184.87.60.208 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

86 %
HTTPS

20 %
IPv6

4
Domains

7
Subdomains

5
IPs

1
Countries

1632 kB
Transfer

6619 kB
Size

9
Cookies

29 HTTP transactions
0 data transactions