34.75.62.224 Open in urlscan Pro
34.75.62.224 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://34.75.62.224/
Effective URL:
https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Submission: On July 23 via automatic, source openphish (July 23rd 2021, 1:22:28 pm UTC)

Summary HTTP 94 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 9 domains to perform 94 HTTP transactions. The main IP is 34.75.62.224, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is 34.75.62.224.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 13th 2021. Valid for: 3 months.

This is the only time 34.75.62.224 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 4	34.75.62.224 34.75.62.224	15169 (GOOGLE) (GOOGLE)
71	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1	74.125.71.154 74.125.71.154	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.13.175 151.101.13.175	54113 (FASTLY) (FASTLY)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
94	17

4 34.75.62.224 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 224.62.75.34.bc.googleusercontent.com

34.75.62.224	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-citi.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

sr.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

6260004.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	citi.com online.citi.com contents3.00110.citi.com Failed	2 MB
7	google.com www.google.com cse.google.com adservice.google.com	206 KB
3	doubleclick.net 1 redirects 6260004.fls.doubleclick.net bid.g.doubleclick.net	2 KB
2	kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	6 KB
2	medallia.com resources.digital-cloud-citi.medallia.com	65 KB
2	rlcdn.com di.rlcdn.com sr.rlcdn.com	132 B
1	google.de adservice.google.de	931 B
1	bluekai.com stags.bluekai.com	338 B
1	googleadservices.com www.googleadservices.com	14 KB
94	9

	Domain	Requested by
71	online.citi.com	34.75.62.224 online.citi.com
5	www.google.com	34.75.62.224 cse.google.com
2	6260004.fls.doubleclick.net	1 redirects 34.75.62.224
2	resources.digital-cloud-citi.medallia.com	34.75.62.224
1	udc-neb.kampyle.com	34.75.62.224
1	nebula-cdn.kampyle.com	resources.digital-cloud-citi.medallia.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	6260004.fls.doubleclick.net
1	bid.g.doubleclick.net	34.75.62.224
1	stags.bluekai.com	34.75.62.224
1	sr.rlcdn.com	34.75.62.224
1	cse.google.com	online.citi.com
1	di.rlcdn.com	34.75.62.224
1	www.googleadservices.com	34.75.62.224
0	contents3.00110.citi.com Failed	online.citi.com
94	15

This site contains links to these domains. Also see Links.

Domain
www.citi.com
www.citicards.com
citigoldprivateclient.citi.com
banking.citi.com
citi.com
www.citigroup.com
jobs.citi.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
play.google.com
itunes.apple.com
www.facebook.com
www.twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
secure-06citi.serveirc.com cPanel, Inc. Certification Authority	`2021-07-13` - `2021-10-11`	3 months	crt.sh
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2020-03-13` - `2022-05-14`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA	`2020-10-21` - `2021-11-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Frame ID: 86B329BF9809BBA010943CCFEE6DD29E
Requests: 88 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 9A7A523D152DE6137E40D85E41A5DFCB
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_pr%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do&phint=__bk_l%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB&phint=__bk_v%3D3.1.8&limit=10&r=61954064
Frame ID: 9F3AC7733314B19C5E022DAF4107B402
Requests: 1 HTTP requests in this frame

Frame: https://6260004.fls.doubleclick.net/activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
Frame ID: 7A29720BC383EB0E1D758E72BFD0F292
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 0D105437E0787381B08CF4F9971A0768
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
Frame ID: AAEF10FE6B5DFE39A01B5AD8A7113303
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
Frame ID: D63DAFBC1367929BBA65B072552F8A64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://34.75.62.224/ HTTP 302
https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

94
Requests

95 %
HTTPS

31 %
IPv6

9
Domains

15
Subdomains

17
IPs

2
Countries

2981 kB
Transfer

6470 kB
Size

4
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citi.com/credit-cards/compare/view-all-credit-cards
Title: View All Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/balance-transfer-credit-cards
Title: Balance Transfer Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/0-percent-intro-apr-credit-cards
Title: 0% Intro APR Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/rewards-credit-cards
Title: Rewards Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/savings-and-cash-back-credit-cards
Title: Cash Back Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/travel-reward-credit-cards
Title: Travel Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/business-credit-cards
Title: Small Business Credit Cards

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/knowledge-center
Title: Citi® Credit Knowledge Center

Search URL Search Domain Scan URL

URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=Y
Title: Respond to Mail Offer

Search URL Search Domain Scan URL

URL: https://citigoldprivateclient.citi.com/contact/
Title: Find a Wealth Team

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-diamond-preferred-credit-card&afc=106
Title:

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-double-cash-credit-card&afc=106&intc=1~1~52~6~BANR~1~dc_citicomREDPE_oct2016
Title: Earn Cash Back Twice

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare/view-all-credit-cards?afc=105&intc=1~1~52~6~BANR~1~mpc_Default_citicomREDPE_aug2016~OMPC105
Title: Choose the Right Citi® Credit Card for You

Search URL Search Domain Scan URL

URL: https://banking.citi.com/cbol/high-yield/savings/default.htm?channel=onsite&Promo_ID=4CEWQH4ZENCHPT&intc=1~1~21~6~BANR~2~HYSANoRate~HP
Title: Save Faster With A High-Yield Rate

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-rewards-plus-credit-card&afc=106

Search URL Search Domain Scan URL

URL: https://banking.citi.com/cbol/HELOC/Rate/default.htm?intc=1~1~52~6~BANR~2~Q3_HELOC_2020~HP

Search URL Search Domain Scan URL

URL: https://citi.com/citi/racial-equity/

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://jobs.citi.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citi
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/citi
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://34.75.62.224/ HTTP 302
https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://6260004.fls.doubleclick.net/activityi;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB HTTP 302
https://6260004.fls.doubleclick.net/activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
34.75.62.224/
Redirect Chain

https://34.75.62.224/
https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

201 KB
202 KB

151ms
151ms

Document
text/html

34.75.62.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.75.62.224 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.62.75.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9424a9bd37f8a8bfa9593148c7f58f3460e86d849af5a797172c53eb6d14a441

Request headers

Host: 34.75.62.224
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=a4cb686cd5b5eed0674ae5f6a5d18e62
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 13:22:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 23 Jul 2021 13:22:06 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=a4cb686cd5b5eed0674ae5f6a5d18e62; path=/
Location: login.php?primarymember_id=14867cda2cd49db37f2327822
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 404 styles.css
online.citi.com//ui.powerreviews.com/tag-builds/10111/4.0/ 0
0 966ms
683ms Stylesheet
text/html 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online.citi.com//ui.powerreviews.com/tag-builds/10111/4.0/styles.css
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 158ms
58ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 13:22:06 GMT

GET
H2 200 main.css
online.citi.com/GFC/branding/responsivebranding/css/ 46 KB
8 KB 385ms
103ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/responsivebranding/css/main.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

0bd3ccc27cf9be600088075633085caa59ffdc6226dd98603eee03baee986d7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 09:55:15 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 7313
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 ddl.min.css
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ 624 KB
69 KB 299ms
124ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 06:51:10 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 69731
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 jfpm.autocomplete.off.js Show response
online.citi.com/JFP/js/modules/ 1 KB
894 B 272ms
265ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/js/modules/jfpm.autocomplete.off.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 344
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 main_branding.css
online.citi.com/GFC/branding/responsivebranding/css/ 332 KB
47 KB 350ms
175ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/responsivebranding/css/main_branding.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e6f62163437764c5ba5175120e4741cb76d1d48cecfec3224ebdf2b856cfe046

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 15:43:06 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 47322
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 branding_header_v2.css
online.citi.com/GFC/branding/responsivebranding/css/ 121 KB
15 KB 364ms
189ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

b04aaad6d5bf7695abacd42f6a6aeb9d7816fc5fac07bbdc2383367dfa4c0f95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 14:33:45 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 15260
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 branding_footer_v2.css
online.citi.com/GFC/branding/responsivebranding/css/ 15 KB
4 KB 383ms
209ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

c4607b5daf8855e6b94c62b06d108884ce2a2b42aca7e0646871ec460064bfdf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 03:10:58 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 3687
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 vendor.js Show response
online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ 204 KB
64 KB 428ms
254ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/vendor.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 64910
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 404 Bootstrap.js
online.citi.com//nexus.ensighten.com/citi/na_prod/ 0
0 1165ms
991ms Script
text/html 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online.citi.com//nexus.ensighten.com/citi/na_prod/Bootstrap.js
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 homePage.min.css
online.citi.com/loginpage/styles/ 24 KB
5 KB 366ms
192ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/loginpage/styles/homePage.min.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e035b79ab90f8c8ce0c5d34ae36fd666e84353307bdbf06ca62fdff8e77691dd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Oct 2020 18:02:06 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 5046
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 jquery.tmpl.js Show response
online.citi.com/JFP/js/jquery/plugins/ 6 KB
3 KB 411ms
237ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/js/jquery/plugins/jquery.tmpl.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 2905
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 fp.min.js Show response
online.citi.com/JSO/js/ 15 KB
5 KB 275ms
268ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JSO/js/fp.min.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 4322
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citilive-search-responsive.css
online.citi.com/JEA/CitiSearch/nexus-platform/css/ 1 KB
882 B 393ms
220ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JEA/CitiSearch/nexus-platform/css/citilive-search-responsive.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ac02986fbe123ddb1c8561aaf515aa9a8b0106064267de9284520ac82b3dc5e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 23:22:40 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 343
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/a57bc5975bc720b0/ 275 KB
90 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/a57bc5975bc720b0/cse_element__en.js?usqp=CAM%3D

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ce5619a84bf7d3e559a5b45aa7f56fee491dd3f648775bbb7b42cb1f6f3c6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92399
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 18:04:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 21:11:14 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/a57bc5975bc720b0/ 41 KB
9 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/a57bc5975bc720b0/default+en.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 18:04:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 21:11:14 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Jul 2021 13:58:12 GMT

GET
H2 451 463166.gif
di.rlcdn.com/ 0
66 B 158ms
53ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/463166.gif?partner_uid=7d0f4114-b82d-409a-851f-1e7f7c838e38
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 bcsid.js Show response
online.citi.com/passivebio/ 947 B
977 B 79ms
79ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/passivebio/bcsid.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 30 Oct 2018 06:18:02 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 427
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 BiocatchATO.js Show response
online.citi.com/passivebio/ 602 KB
113 KB 81ms
81ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/passivebio/BiocatchATO.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

7075cd51e089027f92c8cbb5fa73d4df72bd8a58e112ea577133f4bc7667bada

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Sat, 24 Apr 2021 05:43:31 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 114417
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 pl-profile.png
online.citi.com/GFC/branding/img/redesigned/ 678 B
1 KB 280ms
273ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/pl-profile.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

96a25378d5d5fed38414a3d798eddc8367ebb206b45b125c837b9bab43c8799d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Tue, 21 Jul 2020 15:27:27 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 678
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 atmbranchloc.svg
online.citi.com/GFC/branding/img/redesigned/ 2 KB
1 KB 308ms
301ms Image
image/svg+xml 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/atmbranchloc.svg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 05:29:17 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 758
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/svg+xml
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 lang.svg
online.citi.com/GFC/branding/img/redesigned/ 3 KB
2 KB 314ms
307ms Image
image/svg+xml 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/lang.svg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e37a02e78fe6cf2e9359c395b6c677688c4d4ea5f8f7d4cd79ae03824daa44d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 04 Aug 2020 06:59:05 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 1434
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/svg+xml
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cc-know.png
online.citi.com/GFC/branding/img/redesigned/ 547 B
1 KB 344ms
337ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/cc-know.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e8296753489472722a900b40958f4cb93b5efa530499287debe37fdaac97cdb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Fri, 17 Jul 2020 09:29:34 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 547
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cc-mail.png
online.citi.com/GFC/branding/img/redesigned/ 713 B
1 KB 357ms
349ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/cc-mail.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

351566f41ad89bb03b7855b58661b377836aebe50db166052eaa17f17e156799

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Fri, 03 Jul 2020 10:19:28 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 713
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 banking-savings.png
online.citi.com/GFC/branding/img/redesigned/ 917 B
1 KB 372ms
365ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/banking-savings.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

87578cd8ec6b565afd5be1b9a00845ca3dcb8024d64f2d96e4ce00bb07c94902

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 06 Jul 2020 06:45:19 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 917
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 mort-calculator.png
online.citi.com/GFC/branding/img/redesigned/ 374 B
864 B 386ms
379ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/mort-calculator.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

77aae11467c6e42598b9c17f8a34f9ffb08c3acedd22db327fabf5b1becd24a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 06 Jul 2020 07:56:13 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 374
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 mort-home.png
online.citi.com/GFC/branding/img/redesigned/ 515 B
1006 B 400ms
393ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/mort-home.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

474a06e61c5ff0b6def6e5619529e0664e6fa2d9904ba6f796e4e1032c2ab3c3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 06 Jul 2020 07:56:26 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 515
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Investing-FP.png
online.citi.com/GFC/branding/img/redesigned/ 399 B
889 B 415ms
408ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/Investing-FP.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

31a7d0a6362cd6d8fcbb3200740a252be4fc633363cc71021fb18faf4470eb5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 06 Jul 2020 08:52:29 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 399
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Investing-MI.png
online.citi.com/GFC/branding/img/redesigned/ 822 B
1 KB 430ms
424ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/Investing-MI.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

643030db71af1915a7c02ec3589b64d1b826cb8c8c97e0f7b80d70e0c830726b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 06 Jul 2020 08:52:58 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 822
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Investing-II.png
online.citi.com/GFC/branding/img/redesigned/ 894 B
1 KB 444ms
438ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/Investing-II.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e0a06ba70b7556d61f872bd1ca50148094683ed1ba026a78164563d3c63db0c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 06 Jul 2020 08:52:35 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 894
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 atmbranch.png
online.citi.com/GFC/branding/img/redesigned/ 697 B
1 KB 459ms
453ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/atmbranch.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

489ac0d5e6bb586f0144108a782f87e10aa6387fa5925c0f7b526142dbbf9987

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 02 Jul 2020 08:41:48 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 697
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 WM-conce.png
online.citi.com/GFC/branding/img/redesigned/ 819 B
1 KB 474ms
468ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/WM-conce.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6e866b41975af77f752d3feae581391b018128ad2cb495e783349ca49cb94c38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 06 Jul 2020 09:28:15 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 819
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cbol-smartSearch.css
online.citi.com/NCCS/smartSearch/css/ 8 KB
1 KB 79ms
79ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/NCCS/smartSearch/css/cbol-smartSearch.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:10:30 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 899
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 search.png
online.citi.com/GFC/branding/img/redesigned/ 540 B
1 KB 492ms
486ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/search.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e1cdd8699d632d98047b60975c127bde93707685555e0894c2087105e26298ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Sun, 12 Jul 2020 13:52:29 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 540
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 navigationMobile.png
online.citi.com/GFC/branding/img/redesigned/ 137 B
626 B 508ms
502ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/navigationMobile.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

9704bca992680b1698b6c364e5fd7fd20991aa230c700f3378765fdf99a8b27d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Tue, 21 Jul 2020 10:47:19 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 137
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 closeMobile.png
online.citi.com/GFC/branding/img/redesigned/ 327 B
818 B 521ms
515ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/closeMobile.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

87e414e65461d63f3c18fdec21dc973fbb3b04db9269aa2fa9f2b1e9fb4d58f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Tue, 21 Jul 2020 10:47:19 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 327
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 atmbranchlink.png
online.citi.com/GFC/branding/img/redesigned/ 888 B
1 KB 533ms
527ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/atmbranchlink.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

424b0508d87aeff62bf98099b98490558de97db21d02343fd4b0e46252a74d58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Sun, 26 Jul 2020 08:00:17 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 888
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 icon_globe_med-grey.png
online.citi.com/GFC/branding/img/redesigned/ 1 KB
2 KB 546ms
541ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/icon_globe_med-grey.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f9ea3e5b79df3924376af98d3639b49ef970ef77063203b3ef3abaa84daca88a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 02 Jul 2020 08:42:08 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 1300
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 peworkflow.min.js Show response
online.citi.com/personalization/ 5 KB
2 KB 83ms
83ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/personalization/peworkflow.min.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 06:51:10 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:07 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:07 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 1806
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 HP2.0_Diamond_Preferred_Hero_Card_Background.jpg
online.citi.com/JRS/banners/hero_background/ 108 KB
108 KB 549ms
544ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/hero_background/HP2.0_Diamond_Preferred_Hero_Card_Background.jpg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

73bda4635bfa51c64ab47b1fba9a7cb20b6ab3ae44f7c1d2abf78041a9da0fee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 15 Mar 2018 21:03:36 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 110256
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 8150_cardArt.png
online.citi.com/JRS/banners/card_art/ 44 KB
45 KB 563ms
558ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/card_art/8150_cardArt.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

1cec78f793f28bed6cd96765e693bd6b7ba1efbfdd7d68ca5b8ea5390ff8bec0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 03 Aug 2020 19:29:08 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 45386
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 M1-M7_DoubleCash.jpg
online.citi.com/JRS/banners/modules/ 31 KB
32 KB 579ms
573ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/modules/M1-M7_DoubleCash.jpg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

ddfc50334e444d16f275b7a81eb09c83ddd05bf00a3d47bef2d878671244f2f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 21 Nov 2019 18:59:03 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 32204
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Cards-tile-grey-1120.jpg
online.citi.com/JRS/banners/modules/ 95 KB
95 KB 593ms
588ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/modules/Cards-tile-grey-1120.jpg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb7796994b0a25c85eced58acb80883972894d097abfcb4e4c74425ede753779

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 16 Nov 2020 22:16:06 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 96809
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 8763_M1-M7.jpg
online.citi.com/JRS/banners/modules/ 394 KB
395 KB 606ms
601ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/modules/8763_M1-M7.jpg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5206b43578acc527ea6b59d2c8cb7615812f9ad9d6f47f26ab1d4e5307cfb03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Tue, 06 Oct 2020 19:06:43 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 403226
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 M1-M7_Rewards.jpg
online.citi.com/JRS/banners/modules/ 101 KB
102 KB 629ms
624ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/modules/M1-M7_Rewards.jpg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

70682c9e53d1654953119bab07128e5940673390df2aba12cdf771fb7cd69e64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Mon, 17 May 2021 17:00:38 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 103640
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 2020_Q3_HELOC_M1-M7-3UP.jpg
online.citi.com/JRS/banners/modules/ 84 KB
85 KB 644ms
639ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/modules/2020_Q3_HELOC_M1-M7-3UP.jpg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

649d4d8b2dde5d78c505bbe9a68dd005640d3671df87ac0a9308db570e12c7fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Tue, 18 Aug 2020 20:25:06 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 86280
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 social-media_facebook@2x.png
online.citi.com/GFC/branding/responsivebranding/img/ 329 B
819 B 645ms
640ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/social-media_facebook@2x.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

9fa97f780f20b95ac6a2baeed3961d39ec6086e3417eb59cd294e4e528187b7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 329
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 social-media_twitter@2x.png
online.citi.com/GFC/branding/responsivebranding/img/ 840 B
1 KB 669ms
664ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/social-media_twitter@2x.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

5d343d5e2bc616fe04642af586793b51ba2291a6c9616ee92e4246bde9fa72a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 840
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 social-media_youtube@2x.png
online.citi.com/GFC/branding/responsivebranding/img/ 808 B
1 KB 682ms
678ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/social-media_youtube@2x.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f43f86e82f4cf6b5ddf863fbb8cd9bafb53790bd2016a7b2b36d51ad96fb32b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 808
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Citi_FooterLogo.png
online.citi.com/GFC/branding/responsivebranding/img/ 27 KB
28 KB 687ms
683ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/Citi_FooterLogo.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Wed, 20 May 2020 04:39:29 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 28149
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Citi_FooterLogo_Mobile.png
online.citi.com/GFC/branding/responsivebranding/img/ 11 KB
12 KB 709ms
705ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/Citi_FooterLogo_Mobile.png

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Wed, 20 May 2020 04:39:29 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 11562
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 oo_engine.min.js Show response
online.citi.com/GFC/branding/olab/js/ 42 KB
12 KB 80ms
80ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/olab/js/oo_engine.min.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 11704
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 navBarRedesign.js Show response
online.citi.com/GFC/branding/responsivebranding/js/ 253 KB
30 KB 102ms
94ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/responsivebranding/js/navBarRedesign.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

8e624b75d6f0a6ed3faa9fa53752ce04239993dbe0337fb99cc28badac5c8fcf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 07:25:52 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 30056
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 ddl.min.js Show response
online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ 64 KB
18 KB 114ms
106ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ddl.min.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 17670
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 main.js Show response
online.citi.com/GFC/branding/responsivebranding/js/ 33 KB
8 KB 126ms
119ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/responsivebranding/js/main.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 14:46:15 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 7957
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citilive-search.js Show response
online.citi.com/JEA/CitiSearch/nexus-platform/js/ 3 KB
1 KB 141ms
133ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

ff2cadd5d4f613bc461fe2c427466d05a6a7f975a7a763d8008616df5d757474

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Sun, 18 Jul 2021 08:33:36 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 957
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cbol-smartSearch-inject.js Show response
online.citi.com/NCCS/smartSearch/js/ 13 KB
3 KB 158ms
150ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/NCCS/smartSearch/js/cbol-smartSearch-inject.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

b95fb980f8f91f1c113d3411d3fbf608e143bf4d10fe0706bb6d2231f13bd228

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Mon, 11 May 2020 19:00:46 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 3030
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 TMXProfiling.js Show response
online.citi.com/TMX/ 1 KB
1 KB 170ms
162ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/TMX/TMXProfiling.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Fri, 10 Aug 2018 07:26:42 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 546
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cobrowse_overlay.css
online.citi.com/GPS/portal/css/ 7 KB
2 KB 184ms
176ms Stylesheet
text/css 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GPS/portal/css/cobrowse_overlay.css

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Aug 2019 07:17:14 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 1597
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 errorLogo.svg
online.citi.com/GFC/branding/img/ 1 KB
1 KB 727ms
723ms Image
image/svg+xml 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/errorLogo.svg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f9bd92ac3e3a127d29f3f9786e6233961312cd256b895975cb5dce2f363916e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 24 Apr 2018 15:26:47 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 584
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/svg+xml
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citilive-search-library.js Show response
online.citi.com/JEA/CitiSearch/nexus-platform/js/ 179 KB
61 KB 190ms
182ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-library.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 61658
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citilive-search-service.js Show response
online.citi.com/JEA/CitiSearch/nexus-platform/js/ 9 KB
3 KB 218ms
210ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-service.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 11 Sep 2018 07:31:14 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 2415
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citi-search-tmpl.js Show response
online.citi.com/JEA/CitiSearch/nexus-platform/js/ 1 MB
732 KB 223ms
215ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citi-search-tmpl.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

4061018b43e420a8f4513629af7dc6c78465e9f9d42c13c97104c637c2480f25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 07:27:38 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 747501
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citilive-search-controller.js Show response
online.citi.com/JEA/CitiSearch/nexus-platform/js/ 132 KB
26 KB 247ms
240ms Script
application/x-javascript 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-controller.js

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

0ed28149098ff4c10fe73564f0808527cc9ab60e4abcab1f05a5d02588e6a9ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Sat, 24 Apr 2021 05:43:38 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires: Fri, 23 Jul 2021 19:22:08 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 25945
content-type: application/x-javascript
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 generic1608054710811.js Show response
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 333 KB
62 KB 1448ms
1332ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1608054710811.js
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78af61897fafb5a82b787273472a93de723186b17f46ed315617c70ae2b6a6fe

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Kqi2p6FS.A2AzLCJok5fsBD_5A7fWxpm
content-encoding: gzip
etag: "57e6c47a533050c63dc8fefbdeb401d1"
age: 1
via: 1.1 varnish
x-cache: MISS
content-length: 63129
x-amz-id-2: EQC0T4/vmT1N+tU/ZU8HRwtTu3tq2ct46Q3aIm9+wGHMkDfm/UqjR889utUFNTA6CVsJbx8InaI=
x-served-by: cache-hhn4036-HHN
last-modified: Tue, 15 Dec 2020 17:51:52 GMT
server: AmazonS3
x-timer: S1627046528.149750,VS0,VE1282
date: Fri, 23 Jul 2021 13:22:09 GMT
vary: Accept-Encoding
x-amz-request-id: QXQPH6ZP4QGP74V6
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 0

GET
H2 200 1592741950571_CTA_Feedback(final).png
resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/ 2 KB
3 KB 167ms
50ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/1592741950571_CTA_Feedback(final).png
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Yu5KFpG13jOL6lsHUOzbaMYLsyQXTr7u
content-encoding: gzip
etag: "e6ed675f115fb1568bb1aabc00aa3f30"
age: 63
via: 1.1 varnish
x-cache: HIT
content-length: 2219
x-amz-id-2: gpADKnRFbXCbdLif7YSHy4oDNlhfsZkEObtPdidwuHR76/GX64OLYAb3n16pVRY/uH96e6cvP94=
x-served-by: cache-hhn4036-HHN
last-modified: Sun, 21 Jun 2020 12:19:35 GMT
server: AmazonS3
x-timer: S1627046528.149939,VS0,VE1
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
x-amz-request-id: P0TZ62W1H283EG1R
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 citilogoredesign.png
online.citi.com/GFC/branding/img/redesigned/ 2 KB
2 KB 686ms
686ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/redesigned/citilogoredesign.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 02 Jul 2020 07:18:33 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 1799
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Interstate-Light.woff
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ 74 KB
74 KB 241ms
94ms Font
application/octet-stream 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/Interstate-Light.woff

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Origin: https://34.75.62.224
Referer: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: *
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 75483
content-type: text/plain
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Interstate-Regular.ttf
online.citi.com/JFP/fonts/ 150 KB
79 KB 332ms
185ms Font
application/octet-stream 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/fonts/Interstate-Regular.ttf

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c891ffec93e4e682a8621d0e632f8d918d75857dfb0983cb357a032933fad03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Origin: https://34.75.62.224
Referer: https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: *
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 79753
content-type: text/plain
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Interstate-Bold.woff
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ 70 KB
71 KB 323ms
176ms Font
application/octet-stream 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/Interstate-Bold.woff

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Origin: https://34.75.62.224
Referer: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin: *
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 71859
content-type: text/plain
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
BLOB 200
OK 897230da-2b7c-4f4a-9927-861ca966a4ba
https://34.75.62.224/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://34.75.62.224/897230da-2b7c-4f4a-9927-861ca966a4ba
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 165178

GET
H2 200 close.svg
online.citi.com/loginpage/images/icons/svgs/ 1 KB
1 KB 659ms
658ms Image
image/svg+xml 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/loginpage/images/icons/svgs/close.svg

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 641
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/svg+xml
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 HP8564_M.jpg
online.citi.com/JRS/banners/modules/ 68 KB
68 KB 624ms
623ms Image
image/jpeg 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/banners/modules/HP8564_M.jpg

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

48f649a58460116c321bd0f8437ca535d9175e2cb6c3a02417abe3f52feaedb0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 17 Sep 2020 13:55:44 GMT
x-akamai-citisite: GTDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 69185
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 arrow-btn-next-blue-sm-bold.svg
online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 918 B
1013 B 648ms
647ms Image
image/svg+xml 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-blue-sm-bold.svg

Requested by

Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 499
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/svg+xml
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Citi-Branding-Sprite.png
online.citi.com/GFC/branding/img/ 5 KB
5 KB 641ms
640ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/Citi-Branding-Sprite.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Wed, 14 Jun 2017 18:29:01 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 4952
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 googlePlay_2px.png
online.citi.com/GFC/branding/responsivebranding/img/ 9 KB
10 KB 653ms
652ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/googlePlay_2px.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

3c4287f94e9dc9cda82125a6f528b0d4dcd8c2e9ee26b899c4481490312b146a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 27 Sep 2018 21:21:52 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 9255
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 appStore_2px.png
online.citi.com/GFC/branding/responsivebranding/img/ 8 KB
9 KB 673ms
672ms Image
image/png 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/appStore_2px.png

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2e1950e9fecaa7d00944c88becb315026208890e3d9ffe2545504105e181ad47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
last-modified: Thu, 27 Sep 2018 21:19:09 GMT
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 8272
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 arrow-btn-next-white-sm-bold.svg
online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ 918 B
1010 B 676ms
675ms Image
image/svg+xml 104.111.238.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-white-sm-bold.svg

Requested by

Host: online.citi.com
URL: https://online.citi.com/loginpage/styles/homePage.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-238-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

4f918cd256712c03a1b88007176cabf623cc63740e919d35a217c18dc7ebe607

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Referer: https://online.citi.com/loginpage/styles/homePage.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Fri, 23 Jul 2021 13:22:08 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length: 496
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/svg+xml
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cse.js Show response
cse.google.com/cse/ 10 KB
4 KB 65ms
45ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Requested by

Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

73a073d6e2f2b27d86ceccdfed4e639a15dd92fc59a185cf8db2641675fde1cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Fri, 23 Jul 2021 13:22:08 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3493
x-xss-protection: 0
expires: Fri, 23 Jul 2021 13:22:08 GMT

GET
H/1.1 404
Not Found ddlbase.css
34.75.62.224/JRS/Marketing/common/DDL/1.1.11/styles/ 0
0 145ms
144ms Stylesheet
text/html 34.75.62.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://34.75.62.224/JRS/Marketing/common/DDL/1.1.11/styles/ddlbase.css
Requested by: Host: online.citi.com
URL: https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.75.62.224 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.62.75.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 34.75.62.224
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Cookie: PHPSESSID=a4cb686cd5b5eed0674ae5f6a5d18e62; bmuid=1627046528058-4B3B139E-0760-4141-BA99-ABF8C10BA270; cdContextId=2
Connection: keep-alive
Referer: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 13:22:08 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H3-29 200 cse_element__de.js Show response
www.google.com/cse/static/element/b54a745638da8bbb/ 280 KB
92 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c3ee1cf5ea40bba6290222162d2519c2c037f90538cb7d4327fcff734ced86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 15:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94157
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 15:16:32 GMT

GET
H3-29 200 default+de.css
www.google.com/cse/static/element/b54a745638da8bbb/ 41 KB
9 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 15:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 15:16:32 GMT

GET
H2 451 425466.html Show response
sr.rlcdn.com/ Frame 9A7A 0
66 B 258ms
156ms Document
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sr.rlcdn.com
:scheme: https
:path: /425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.75.62.224/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.75.62.224/

Response headers

date: Fri, 23 Jul 2021 13:22:08 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK 63068 Show response
stags.bluekai.com/site/ Frame 9F3A 71 B
338 B 307ms
198ms Document
text/html 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_pr%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do&phint=__bk_l%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB&phint=__bk_v%3D3.1.8&limit=10&r=61954064
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://34.75.62.224/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.75.62.224/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 81a1
Date: Fri, 23 Jul 2021 13:22:08 GMT
Connection: keep-alive
X-N: S

GET
H3-29

200

activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Fl... Show response
6260004.fls.doubleclick.net/ Frame 7A29
Redirect Chain

https://6260004.fls.doubleclick.net/activityi;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2...
https://6260004.fls.doubleclick.net/activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=ht...

532 B
446 B

110ms
56ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6260004.fls.doubleclick.net/activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB?

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

edb4c4a3711918413facf4ea8554858342f99ca5d4b974f9f6b1d9e57abfaea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6260004.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.75.62.224/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.75.62.224/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jul 2021 13:22:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 421
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 13:37:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jul 2021 13:22:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6260004.fls.doubleclick.net/activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 0D10 0
580 B 188ms
63ms Document
text/html 74.125.71.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.75.62.224/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.75.62.224/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Jul 2021 13:22:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 13:37:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Jul 2021 13:22:08 GMT
cache-control: private

GET
H2 200 dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3F... Show response
adservice.google.com/ddm/fls/i/ Frame AAEF 531 B
910 B 61ms
42ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB

Requested by

Host: 6260004.fls.doubleclick.net
URL: https://6260004.fls.doubleclick.net/activityi;dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aacda763f768fb0485db1786b00cf0ebe71fd32fdd07fb66c33c6cd2321fe8a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6260004.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6260004.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jul 2021 13:22:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3F... Show response
adservice.google.de/ddm/fls/i/ Frame D63D 194 B
931 B 63ms
42ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CNmU9NKk-fECFQtz0wodyUcPNA;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jul 2021 13:22:08 GMT
expires: Fri, 23 Jul 2021 13:22:08 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET cr.png
contents3.00110.citi.com/api/v1/ 0
0

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 153ms
46ms Script
application/javascript 151.101.13.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1608054710811.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 0
via: 1.1 varnish
x-cache: HIT
x-amz-request-id: BJ0RDP7V1MC9Q035
x-amz-id-2: ojmdJgA6VkSiUt2IycOBoTfdDJ6yYpA1Gacpt3pDVnJIE9LUkN9cufLo2i38uqfeLZk39sSEeNk=
x-served-by: cache-fra19161-FRA
accept-ranges: bytes
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1627046530.150162,VS0,VE0
date: Fri, 23 Jul 2021 13:22:10 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 5197
x-cache-hits: 89343

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
317 B 230ms
135ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYyNzA0NjUzMDE4NCIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDIsInVzZXJfaWQiOiAiMTdhZDM4N2NjODY4NjEtMDJhNDQzNjkwNjEzNGMtNTc3MWUzMy0xZDRjMDAtMTdhZDM4N2NjODdkYzIiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly8zNC43NS42Mi4yMjQvbG9naW4ucGhwP3ByaW1hcnltZW1iZXJfaWQ9MTQ4NjdjZGEyY2Q0OWRiMzdmMjMyNzgyMiIsIndlYnNpdGVJZCI6IDUwLCJmZWVkYmFja191dWlkIjogbnVsbCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYzYwMS01ODQ5LTdkMzAtN2YxZi1lODkwLTRjMDEtOTBlOS1kZDZiIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2MjcwNDY1MzAwMzIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTgyLCJrYW1weWxlX3ZlcnNpb24iOiAiMi4zNC4xIiwib25zaXRlX3ZlcnNpb24iOiAiMi4zNC4xIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjI3MDQ2NTMwMDM3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Requested by: Host: 34.75.62.224
URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://34.75.62.224/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-0ccg
date: Fri, 23 Jul 2021 13:22:10 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

POST
H/1.1 404
Not Found TMXProfile.jws Show response
34.75.62.224/US/REST/ManageTMXProfile/ 315 B
515 B 145ms
144ms XHR
text/html 34.75.62.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://34.75.62.224/US/REST/ManageTMXProfile/TMXProfile.jws
Requested by: Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/vendor.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.75.62.224 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.62.75.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Sec-Fetch-Mode: cors
Origin: https://34.75.62.224
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: kampyle_userid=c601-5849-7d30-7f1f-e890-4c01-90e9-dd6b; kampyleUserSession=1627046530032; kampyleUserSessionsCount=1; kampyleSessionPageCounter=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: 34.75.62.224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 13:22:10 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: contents3.00110.citi.com
URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1627046528669-sjn0000254-84ec419d-500e-45ae-9584-48ceff8e3daf&muid=1627046528058-4B3B139E-0760-4141-BA99-ABF8C10BA270

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

297 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
34.75.62.224/	1970-01-20 04:43:02	Name: kampyleSessionPageCounter Value: 1
34.75.62.224/	1970-01-20 04:43:02	Name: kampyleUserSessionsCount Value: 1
34.75.62.224/	1970-01-20 04:43:02	Name: kampyleUserSession Value: 1627046530032
34.75.62.224/	1970-01-20 04:43:02	Name: kampyle_userid Value: c601-5849-7d30-7f1f-e890-4c01-90e9-dd6b

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://online.citi.com/passivebio/bcsid.js(Line 5) Message: Setting new bcsid Cookie
console-api	log	URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822(Line 1742) Message: tmx flag value in javascriptfalse
console-api	log	URL: https://34.75.62.224/login.php?primarymember_id=14867cda2cd49db37f2327822(Line 1746) Message: rsa flagtrue
console-api	log	URL: https://online.citi.com/GFC/branding/responsivebranding/js/navBarRedesign.js(Line 30) Message: jquery version1.9.1
console-api	log	URL: https://online.citi.com/TMX/TMXProfiling.js(Line 4) Message: start tmxProfiling.js
console-api	log	URL: https://online.citi.com/TMX/TMXProfiling.js(Line 6) Message: tmxProfiling js execute

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6260004.fls.doubleclick.net
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
contents3.00110.citi.com
cse.google.com
di.rlcdn.com
nebula-cdn.kampyle.com
online.citi.com
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
stags.bluekai.com
udc-neb.kampyle.com
www.google.com
www.googleadservices.com
contents3.00110.citi.com
104.111.238.178
151.101.13.175
151.101.194.133
172.217.23.98
216.58.212.166
23.45.99.241
2a00:1450:4001:809::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:830::200e
34.75.62.224
35.190.60.146
35.241.45.82
35.244.174.68
74.125.71.154
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0bd3ccc27cf9be600088075633085caa59ffdc6226dd98603eee03baee986d7d
0ed28149098ff4c10fe73564f0808527cc9ab60e4abcab1f05a5d02588e6a9ad
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
1cec78f793f28bed6cd96765e693bd6b7ba1efbfdd7d68ca5b8ea5390ff8bec0
1e8296753489472722a900b40958f4cb93b5efa530499287debe37fdaac97cdb
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
1f43f86e82f4cf6b5ddf863fbb8cd9bafb53790bd2016a7b2b36d51ad96fb32b
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
2e1950e9fecaa7d00944c88becb315026208890e3d9ffe2545504105e181ad47
31a7d0a6362cd6d8fcbb3200740a252be4fc633363cc71021fb18faf4470eb5c
351566f41ad89bb03b7855b58661b377836aebe50db166052eaa17f17e156799
37c3ee1cf5ea40bba6290222162d2519c2c037f90538cb7d4327fcff734ced86
3c4287f94e9dc9cda82125a6f528b0d4dcd8c2e9ee26b899c4481490312b146a
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
4061018b43e420a8f4513629af7dc6c78465e9f9d42c13c97104c637c2480f25
424b0508d87aeff62bf98099b98490558de97db21d02343fd4b0e46252a74d58
474a06e61c5ff0b6def6e5619529e0664e6fa2d9904ba6f796e4e1032c2ab3c3
489ac0d5e6bb586f0144108a782f87e10aa6387fa5925c0f7b526142dbbf9987
48f649a58460116c321bd0f8437ca535d9175e2cb6c3a02417abe3f52feaedb0
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4f918cd256712c03a1b88007176cabf623cc63740e919d35a217c18dc7ebe607
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
5d343d5e2bc616fe04642af586793b51ba2291a6c9616ee92e4246bde9fa72a5
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
643030db71af1915a7c02ec3589b64d1b826cb8c8c97e0f7b80d70e0c830726b
649d4d8b2dde5d78c505bbe9a68dd005640d3671df87ac0a9308db570e12c7fb
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee
6ce5619a84bf7d3e559a5b45aa7f56fee491dd3f648775bbb7b42cb1f6f3c6fc
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
6e866b41975af77f752d3feae581391b018128ad2cb495e783349ca49cb94c38
70682c9e53d1654953119bab07128e5940673390df2aba12cdf771fb7cd69e64
7075cd51e089027f92c8cbb5fa73d4df72bd8a58e112ea577133f4bc7667bada
73a073d6e2f2b27d86ceccdfed4e639a15dd92fc59a185cf8db2641675fde1cc
73bda4635bfa51c64ab47b1fba9a7cb20b6ab3ae44f7c1d2abf78041a9da0fee
77aae11467c6e42598b9c17f8a34f9ffb08c3acedd22db327fabf5b1becd24a2
78af61897fafb5a82b787273472a93de723186b17f46ed315617c70ae2b6a6fe
7c891ffec93e4e682a8621d0e632f8d918d75857dfb0983cb357a032933fad03
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
87578cd8ec6b565afd5be1b9a00845ca3dcb8024d64f2d96e4ce00bb07c94902
87e414e65461d63f3c18fdec21dc973fbb3b04db9269aa2fa9f2b1e9fb4d58f0
8ac02986fbe123ddb1c8561aaf515aa9a8b0106064267de9284520ac82b3dc5e
8e624b75d6f0a6ed3faa9fa53752ce04239993dbe0337fb99cc28badac5c8fcf
9424a9bd37f8a8bfa9593148c7f58f3460e86d849af5a797172c53eb6d14a441
96a25378d5d5fed38414a3d798eddc8367ebb206b45b125c837b9bab43c8799d
9704bca992680b1698b6c364e5fd7fd20991aa230c700f3378765fdf99a8b27d
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda
9fa97f780f20b95ac6a2baeed3961d39ec6086e3417eb59cd294e4e528187b7b
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
aacda763f768fb0485db1786b00cf0ebe71fd32fdd07fb66c33c6cd2321fe8a7
b04aaad6d5bf7695abacd42f6a6aeb9d7816fc5fac07bbdc2383367dfa4c0f95
b5206b43578acc527ea6b59d2c8cb7615812f9ad9d6f47f26ab1d4e5307cfb03
b95fb980f8f91f1c113d3411d3fbf608e143bf4d10fe0706bb6d2231f13bd228
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c4607b5daf8855e6b94c62b06d108884ce2a2b42aca7e0646871ec460064bfdf
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddfc50334e444d16f275b7a81eb09c83ddd05bf00a3d47bef2d878671244f2f4
e035b79ab90f8c8ce0c5d34ae36fd666e84353307bdbf06ca62fdff8e77691dd
e0a06ba70b7556d61f872bd1ca50148094683ed1ba026a78164563d3c63db0c0
e1cdd8699d632d98047b60975c127bde93707685555e0894c2087105e26298ae
e37a02e78fe6cf2e9359c395b6c677688c4d4ea5f8f7d4cd79ae03824daa44d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f62163437764c5ba5175120e4741cb76d1d48cecfec3224ebdf2b856cfe046
e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
eb7796994b0a25c85eced58acb80883972894d097abfcb4e4c74425ede753779
edb4c4a3711918413facf4ea8554858342f99ca5d4b974f9f6b1d9e57abfaea0
eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
f9bd92ac3e3a127d29f3f9786e6233961312cd256b895975cb5dce2f363916e8
f9ea3e5b79df3924376af98d3639b49ef970ef77063203b3ef3abaa84daca88a
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b
ff2cadd5d4f613bc461fe2c427466d05a6a7f975a7a763d8008616df5d757474

34.75.62.224 Open in urlscan Pro 34.75.62.224 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

95 %HTTPS

31 %IPv6

9 Domains

15 Subdomains

17 IPs

2 Countries

2981 kBTransfer

6470 kBSize

4 Cookies

27 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

34.75.62.224 Open in urlscan Pro
34.75.62.224 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

95 %
HTTPS

31 %
IPv6

9
Domains

15
Subdomains

17
IPs

2
Countries

2981 kB
Transfer

6470 kB
Size

4
Cookies

94 HTTP transactions
0 data transactions