uat.echat.citibank.com.tw Open in urlscan Pro
192.193.128.214 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://uat.echat.citibank.com.tw/
Effective URL:
https://uat.echat.citibank.com.tw/Account/Menu
Submission: On November 16 via automatic, source certstream-suspicious (November 16th 2021, 2:44:21 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 192.193.128.214, located in United States and belongs to CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK. The main domain is uat.echat.citibank.com.tw.
TLS certificate: Issued by DigiCert Extended Validation CA G3 on December 26th 2019. Valid for: 2 years.

This is the only time uat.echat.citibank.com.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 14	192.193.128.214 192.193.128.214		24568 (CITI-HK-I...) (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering)
13	1

14 192.193.128.214 (United States) 1 redirects

ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK)
PTR: uat.echat.citibank.com.tw

uat.echat.citibank.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	citibank.com.tw 1 redirects uat.echat.citibank.com.tw	657 KB
13	1

	Domain	Requested by
14	uat.echat.citibank.com.tw	1 redirects uat.echat.citibank.com.tw
13	1

This site contains no links.

Subject Issuer	Validity	Valid
uat.echat.citibank.com.tw DigiCert Extended Validation CA G3	`2019-12-26` - `2021-12-26`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://uat.echat.citibank.com.tw/Account/Menu
Frame ID: E250B70300B00C1040F65E1933802361
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

花旗客服即時通

Page URL History Show full URLs

https://uat.echat.citibank.com.tw/ HTTP 302
https://uat.echat.citibank.com.tw/Account/Menu Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

656 kB
Transfer

650 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://uat.echat.citibank.com.tw/ HTTP 302
https://uat.echat.citibank.com.tw/Account/Menu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Menu Show response
uat.echat.citibank.com.tw/Account/
Redirect Chain

https://uat.echat.citibank.com.tw/
https://uat.echat.citibank.com.tw/Account/Menu

6 KB
6 KB

238ms
238ms

Document
text/html

192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

9afe66a3571de31e646b03e64aefb090adf8392c425c21f965cb3d6317940e50

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com; default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com; default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Date: Tue, 16 Nov 2021 14:44:14 GMT
Content-Length: 6033

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Account/Menu
Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com; default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Date: Tue, 16 Nov 2021 14:44:14 GMT
Content-Length: 130

GET
H/1.1 200
OK css
uat.echat.citibank.com.tw/Content/ 0
541 B 231ms
231ms Stylesheet
text/css 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/Content/css?v=

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 14:44:14 GMT
Date: Tue, 16 Nov 2021 14:44:14 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public
Strict-Transport-Security: max-age=31536000; includeSubdomains
Vary: User-Agent
Content-Length: 0
X-Xss-Protection: 1; mode=block
Expires: Wed, 16 Nov 2022 14:44:14 GMT

GET
H/1.1 200
OK app.lib.css
uat.echat.citibank.com.tw/app/ 119 KB
119 KB 744ms
513ms Stylesheet
text/css 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/app/app.lib.css

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

3a15c352194f27fa8c0408b6c78f4072dec9eba8974e54072ab1f27233c65a7a

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Mar 2017 08:35:52 GMT
Server
ETag: "0e45ed41d97d21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Tue, 16 Nov 2021 14:44:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 121544
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK login.css
uat.echat.citibank.com.tw/assets/css/ 5 KB
6 KB 878ms
468ms Stylesheet
text/css 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/assets/css/login.css

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

41bf10ee1951bccc0e4c6a448281a14414326d30072693bdc3128c92fefe41e5

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Oct 2017 07:04:06 GMT
Server
ETag: "077da701652d31:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Tue, 16 Nov 2021 14:44:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 5261
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK chat.css
uat.echat.citibank.com.tw/assets/css/ 7 KB
8 KB 943ms
532ms Stylesheet
text/css 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/assets/css/chat.css

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

354795fe681e7caab7bbd1588b1a212852a7094876719ccfe7b1622f0f169227

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jan 2018 04:41:24 GMT
Server
ETag: "072b96d4d8fd31:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Tue, 16 Nov 2021 14:44:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 7519
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.lib.js Show response
uat.echat.citibank.com.tw/app/ 430 KB
431 KB 1292ms
880ms Script
application/javascript 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/app/app.lib.js

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

39adcbf897b6df852321692a0774062fa820328f0d2b4b66771a0a5d9ab351ff

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Aug 2019 07:53:37 GMT
Server
ETag: "3a2210617552d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Date: Tue, 16 Nov 2021 14:44:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 440366
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.component.js Show response
uat.echat.citibank.com.tw/app/ 2 KB
2 KB 736ms
323ms Script
application/javascript 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/app/app.component.js

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

544033acc9616e99b4a80f90cc1dc645660b57b2834e89a436117df7ecd0745f

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Mar 2017 08:35:52 GMT
Server
ETag: "0e45ed41d97d21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Date: Tue, 16 Nov 2021 14:44:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 1543
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.main.js Show response
uat.echat.citibank.com.tw/app/ 7 KB
7 KB 951ms
536ms Script
application/javascript 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/app/app.main.js

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

6c6fac0dfad252caa547bfcb8853b7db230d66fa0d0a71212b312f47e36e007a

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Apr 2017 03:22:48 GMT
Server
ETag: "074a01085aed21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Date: Tue, 16 Nov 2021 14:44:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 7063
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.signalR.min.js Show response
uat.echat.citibank.com.tw/Scripts/ 39 KB
40 KB 1189ms
453ms Script
application/javascript 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/Scripts/jquery.signalR.min.js

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Nov 2018 05:40:28 GMT
Server
ETag: "06eddb6a57cd41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Date: Tue, 16 Nov 2021 14:44:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 40039
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.cookie.js Show response
uat.echat.citibank.com.tw/Scripts/site/ 3 KB
4 KB 1117ms
239ms Script
application/javascript 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/Scripts/site/jquery.cookie.js

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Mar 2017 08:35:52 GMT
Server
ETag: "0e45ed41d97d21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Date: Tue, 16 Nov 2021 14:44:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 3121
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK chat.js Show response
uat.echat.citibank.com.tw/Scripts/site/ 28 KB
29 KB 1407ms
464ms Script
application/javascript 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/Scripts/site/chat.js?v=224414

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

f14a378ed0c740c486de8bc7a65c6bc9c8815997557abf4a0584636e29731cbc

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Sep 2021 09:15:41 GMT
Server
ETag: "d9862b435ba5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Date: Tue, 16 Nov 2021 14:44:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 28861
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK alert.js Show response
uat.echat.citibank.com.tw/Scripts/site/ 1 KB
2 KB 1190ms
239ms Script
application/javascript 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.echat.citibank.com.tw/Scripts/site/alert.js?v=224414

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

0a685d5e54337a20d51d04fd76aa0e2cc269dd5d2a99334e9ea1640f9dc59c27

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Apr 2021 13:26:37 GMT
Server
ETag: "2211bbcb3131d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Date: Tue, 16 Nov 2021 14:44:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 1502
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK loader.svg
uat.echat.citibank.com.tw/assets/images/ 2 KB
3 KB 230ms
230ms Image
image/svg+xml 192.193.128.214
ISP Peering

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat.echat.citibank.com.tw/assets/images/loader.svg

Requested by

Host: uat.echat.citibank.com.tw
URL: https://uat.echat.citibank.com.tw/Account/Menu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.193.128.214 , United States, ASN24568 (CITI-HK-ISP_PEER-AP Citibank N.A. - ISP Peering, Hong Kong, China, HK),

Reverse DNS

uat.echat.citibank.com.tw

Software

Resource Hash

2caaca821105a90d0915f61b3d857bbd32d488459badc4cf044ddfc4c997d3d5

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uat.echat.citibank.com.tw/Account/Menu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' data: https://fonts.gstatic.com;, default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Sep 2016 06:48:48 GMT
Server
ETag: "0c819b2e61ad21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Date: Tue, 16 Nov 2021 14:44:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-Ranges: bytes
Content-Length: 2269
X-Xss-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uat.echat.citibank.com.tw/	1969-12-31 23:59:59	Name: user_session Value: 3wmc1zwjhtpqusdekkkr3z3reqwsiwntks5ijlj3hvoa3kkzloyh25c41vo1cc5k

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://uat.echat.citibank.com.tw/Account/Menu(Line 8) Message: The key "target-densitydpi" is not supported.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	font-src 'self' data: https://fonts.gstatic.com; default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

uat.echat.citibank.com.tw
192.193.128.214
0a685d5e54337a20d51d04fd76aa0e2cc269dd5d2a99334e9ea1640f9dc59c27
2caaca821105a90d0915f61b3d857bbd32d488459badc4cf044ddfc4c997d3d5
354795fe681e7caab7bbd1588b1a212852a7094876719ccfe7b1622f0f169227
39adcbf897b6df852321692a0774062fa820328f0d2b4b66771a0a5d9ab351ff
3a15c352194f27fa8c0408b6c78f4072dec9eba8974e54072ab1f27233c65a7a
41bf10ee1951bccc0e4c6a448281a14414326d30072693bdc3128c92fefe41e5
544033acc9616e99b4a80f90cc1dc645660b57b2834e89a436117df7ecd0745f
6c6fac0dfad252caa547bfcb8853b7db230d66fa0d0a71212b312f47e36e007a
9afe66a3571de31e646b03e64aefb090adf8392c425c21f965cb3d6317940e50
a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f14a378ed0c740c486de8bc7a65c6bc9c8815997557abf4a0584636e29731cbc

uat.echat.citibank.com.tw Open in urlscan Pro 192.193.128.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

656 kBTransfer

650 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

uat.echat.citibank.com.tw Open in urlscan Pro
192.193.128.214 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

656 kB
Transfer

650 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions