www.citi.personalval.online Open in urlscan Pro
198.23.159.170 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.citi.personalval.online/
Submission: On October 30 via automatic, source certstream-suspicious (October 30th 2024, 7:01:29 pm UTC) — Scanned from CA

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 198.23.159.170, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is www.citi.personalval.online.
TLS certificate: Issued by R10 on October 30th 2024. Valid for: 3 months.

This is the only time www.citi.personalval.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	198.23.159.170 198.23.159.170	36352 (AS-COLOCR...) (AS-COLOCROSSING)
2	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:98e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	4

9 198.23.159.170 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: prime.zillionkinghost.com

www.citi.personalval.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98e0 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vecteezy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	personalval.online www.citi.personalval.online	1 MB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	598 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	58 KB
1	vecteezy.com static.vecteezy.com — Cisco Umbrella Rank: 22986	4 KB
16	4

	Domain	Requested by
9	www.citi.personalval.online	www.citi.personalval.online
4	cdnjs.cloudflare.com	www.citi.personalval.online cdnjs.cloudflare.com
2	cdn.jsdelivr.net	www.citi.personalval.online
1	static.vecteezy.com	www.citi.personalval.online
16	4

This site contains no links.

Subject Issuer	Validity	Valid
www.citi.personalval.online R10	`2024-10-30` - `2025-01-28`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
vecteezy.com Cloudflare Inc ECC CA-3	`2024-03-11` - `2024-12-31`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.citi.personalval.online/
Frame ID: 64CC90451B0B91ADF49702EF9DBC1D51
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citi Login Page

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1964 kB
Transfer

3225 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.citi.personalval.online/ 12 KB
4 KB 576ms
96ms Document
text/html 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

54d592fc59358945ee49d70137a3b60fc82f8902907ab09a654263c65d04dc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=2592000
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 30 Oct 2024 19:01:17 GMT
expires: Fri, 29 Nov 2024 19:01:17 GMT
server: LiteSpeed
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 216 KB
33 KB 684ms
96ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
age: 127032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEbqhnn3vxaJL0n%2BDXVQDdJWiuby0oso0sk%2Fb58uWHLc5Q%2BIyVopfWweZdf0o%2BULRlQGsygzs%2FAo4ciRcvMLC74Z27bIn5fDBQwamPIrYwmmg3887uNJUH6tCrJwLMSZvarq%2BTIT1jnSzN4ul18%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 30 Oct 2024 19:01:18 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220074-FRA, cache-lga21990-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dada7371c5642c1-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33467
server: cloudflare
x-jsd-version: 5.3.0-alpha1

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 587ms
95ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "613fa20b-28de"
age: 602032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2F5%2B6KeGh5IdOprA5gD4XzpD%2FKG9XrV3rOXCw36044%2Fx7HghKK21NHQ4ewYx%2FUlnapss%2B8%2F%2BYRoZ56SUnj%2BoiaiHUaCjeOjisQ70buH%2BgE0pms%2FZypyLEWPkkq1y9pb%2Fj2WYYYF8v9h0QU7a5a05Evdl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 19:01:18 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 19:01:18 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dada73679ea4407-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10462
server: cloudflare

GET
H2 200 logo.svg
www.citi.personalval.online/ 2 KB
937 B 145ms
133ms Image
image/svg+xml 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.personalval.online/logo.svg

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

7ef4dfe56502b91894dd82efa27925af4fdd272d5d03332e8b474d3db04b112c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: public, max-age=604800
content-encoding: br
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 19:01:18 GMT
accept-ranges: bytes
content-length: 799
date: Wed, 30 Oct 2024 19:01:18 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Mon, 21 Oct 2024 14:19:20 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 cards.png
www.citi.personalval.online/ 48 KB
48 KB 144ms
133ms Image
image/png 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.personalval.online/cards.png

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

7523f7b4b09ede8c88e2913f2dedc35635a1a22740def288d0e3926d71261efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: public, max-age=31536000
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 19:01:18 GMT
accept-ranges: bytes
content-length: 49062
date: Wed, 30 Oct 2024 19:01:18 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Mon, 21 Oct 2024 14:22:52 GMT
server: LiteSpeed

GET
H2 200 bcard1.jpg
www.citi.personalval.online/ 45 KB
45 KB 85ms
85ms Image
image/jpeg 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.personalval.online/bcard1.jpg

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

ffa6fa4faef56454eaedf9c9b6a29b3069186205950ec224ee4e0bb48169f8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: public, max-age=31536000
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 19:01:18 GMT
accept-ranges: bytes
content-length: 46433
date: Wed, 30 Oct 2024 19:01:18 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 16:16:20 GMT
server: LiteSpeed

GET
H2 200 bcard2.jpg
www.citi.personalval.online/ 81 KB
81 KB 120ms
119ms Image
image/jpeg 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.personalval.online/bcard2.jpg

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

34e3d0396c1949f29ee86c846c47c94ebc8341552bee47cfe29d2e12901c3ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: public, max-age=31536000
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 19:01:18 GMT
accept-ranges: bytes
content-length: 82820
date: Wed, 30 Oct 2024 19:01:18 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 16:16:20 GMT
server: LiteSpeed

GET
H2 200 bcard3.jpg
www.citi.personalval.online/ 51 KB
51 KB 142ms
139ms Image
image/jpeg 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.personalval.online/bcard3.jpg

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

7f22ec0aab4f4e6aa69bde8329597fbe674f47f015828d0abd25713580b868f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: public, max-age=31536000
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 19:01:18 GMT
accept-ranges: bytes
content-length: 51852
date: Wed, 30 Oct 2024 19:01:18 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 16:16:32 GMT
server: LiteSpeed

GET
H2 200 atandt.jpg
www.citi.personalval.online/ 28 KB
28 KB 183ms
181ms Image
image/jpeg 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.personalval.online/atandt.jpg

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

068f72d29f7a1ea179c835b412eacc21dfd0613bfda2374c02fc266fb02120c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: public, max-age=31536000
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 19:01:18 GMT
accept-ranges: bytes
content-length: 28368
date: Wed, 30 Oct 2024 19:01:18 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 16:32:04 GMT
server: LiteSpeed

GET
H2 200 couple.png
www.citi.personalval.online/ 1 MB
1 MB 204ms
202ms Image
image/png 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citi.personalval.online/couple.png

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

dda92094de5156788cb7957fe9b861d3d32947acfb64e2e132358b454f2d639b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: public, max-age=31536000
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 19:01:18 GMT
accept-ranges: bytes
content-length: 1069453
date: Wed, 30 Oct 2024 19:01:18 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Tue, 22 Oct 2024 09:59:56 GMT
server: LiteSpeed

GET
H3 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/js/ 1 MB
434 KB 363ms
178ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/js/all.min.js

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3447f426d02995727d4524c27a250cb188fc3afe414e2caed4fe199b469ccab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "619c057b-6c69d"
age: 604287
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKsuCk6eCcMD%2FsU8wpNxyBGyqzzmGx6OOhtIWvoarcWBz2aT5cUTP7o5KOdxQqEYzXIaIstWz%2BlqqYkEmXug3yrWowi99l%2BDWGOSZFxZ%2BOZp%2B44rvp26dnIs4YWleOcIGPli9dt1BzCbPqOyBOxNdIs8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 19:01:18 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 19:01:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dada73689ed4407-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 444061
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ 79 KB
25 KB 428ms
149ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13ad7-v/eN2cAqUAirQ2QpSHOc5Yx2GyE"
age: 607802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azLAq86wLmi%2Bvd7PUgNcd%2BmEXA6ZnOWbVTEv0xoe%2F4B%2FKJ7Cg0OYkg5R685fqXxDBLY2ZaxG5aZ2dqljcN8m8YLXAahTjZLHrzG8N6I29QUr%2Fuz5NBL93Fy0Hn2YkPmxszsNx%2Fh8BJKBXnbvhM4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 30 Oct 2024 19:01:18 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220023-FRA, cache-lga21985-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dada7371c5a42c1-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24765
server: cloudflare
x-jsd-version: 5.3.0-alpha1

GET
H3 200 abstract-geometric-white-stripe-shapes-with-golden-light-in-gradient-white-background-free-vector.jpg
static.vecteezy.com/system/resources/thumbnails/007/522/796/small/ 3 KB
4 KB 415ms
143ms Image
image/jpeg 2606:4700:4400::ac40:98e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.vecteezy.com/system/resources/thumbnails/007/522/796/small/abstract-geometric-white-stripe-shapes-with-golden-light-in-gradient-white-background-free-vector.jpg

Requested by

Host: www.citi.personalval.online
URL: https://www.citi.personalval.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:98e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eb2786bb9110b6f32d5fd590747c8cc27b33a64948a8bd84044f0bf407b9cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6499e67c9127b91d921f4e0fc8b42bef"
age: 543070
cf-cache-status: HIT
x-amz-version-id: Z0tiEG.g.BEql7RyLKJakdEB6r8ED2dQ
expires: Thu, 30 Oct 2025 19:01:19 GMT
cf-polished: origSize=3630
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 19:01:19 GMT
content-type: image/jpeg
last-modified: Sat, 07 May 2022 22:33:42 GMT
vary: Accept-Encoding
x-amz-cf-id: JV2zACK8E3itgsVgUduBNq4bcZKQWgo4KHPVaP2xrmSCocPbmavvRA==
strict-transport-security: max-age=15552000; preload
cache-control: public, max-age=31536000
via: 1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
cf-ray: 8dada739ddb81986-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3578
x-amz-cf-pop: EWR53-C1
server: cloudflare

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 287ms
286ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.citi.personalval.online
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "613fa20b-131bc"
age: 605130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8h%2Ft%2Bd6MqB%2BR9pdrFPOmt%2FOWedAMLxW7xP7o5gBQ%2FyRFfz7GeQKzDaQ%2BaBQoID%2FiCiKgHoVdleyHskncM5ure41zVBj29Cslu6yl%2FsxDnPjKDF5gGfnYL%2FupSFcDWWszCpRy2361%2F6GzoundjuyXcz9V"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 19:01:18 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 19:01:18 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dada738ed224407-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78268
server: cloudflare

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 75 KB
76 KB 207ms
207ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.citi.personalval.online
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "613fa20b-12bc0"
age: 602876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FOv%2FkSZgARkpqWkOSYK%2BI7R325mEC5TbxCm31WL23BcBm0YG4oKmr46I6vAtarLsiUKr0ZnOhpmpZ5eFeQz4YsXTnPBqPSqdvFkIyWybhfhyp9g65qysMoParHM4rJ8%2Bn0snhgxImDeYnVZPU3ipJWt"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 20 Oct 2025 19:01:18 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 19:01:18 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dada738fd264407-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76736
server: cloudflare

GET
H3 404 favicon.ico
www.citi.personalval.online/ 1 KB
1 KB 141ms
134ms Other
text/html 198.23.159.170
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citi.personalval.online/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

198.23.159.170 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),

Reverse DNS

prime.zillionkinghost.com

Software

LiteSpeed /

Resource Hash

4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.citi.personalval.online/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1251
date: Wed, 30 Oct 2024 19:01:19 GMT
x-xss-protection: 1; mode=block
content-type: text/html
server: LiteSpeed

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vecteezy.com/	1970-01-21 00:38:36	Name: __cf_bm Value: 4Kp59NvPyvDs8Y4D4UjFT507Ic9hUaOUSMvMC6KxrbE-1730314879-1.0.1.1-ScBNb1GcxdNOfgdfDZtXz.KaLv8hHZLPSdipdut5YJ_9wWfo9TXwetzHfQzQGGREPqVpsnOmfSnw8CxdfEZDwg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.citi.personalval.online/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://www.citi.personalval.online/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
static.vecteezy.com
www.citi.personalval.online
198.23.159.170
2606:4700:4400::ac40:98e0
2606:4700::6811:190e
2606:4700::6812:ba1f
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
068f72d29f7a1ea179c835b412eacc21dfd0613bfda2374c02fc266fb02120c6
3447f426d02995727d4524c27a250cb188fc3afe414e2caed4fe199b469ccab0
34e3d0396c1949f29ee86c846c47c94ebc8341552bee47cfe29d2e12901c3ee3
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
54d592fc59358945ee49d70137a3b60fc82f8902907ab09a654263c65d04dc6d
7523f7b4b09ede8c88e2913f2dedc35635a1a22740def288d0e3926d71261efd
7ef4dfe56502b91894dd82efa27925af4fdd272d5d03332e8b474d3db04b112c
7f22ec0aab4f4e6aa69bde8329597fbe674f47f015828d0abd25713580b868f9
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8eb2786bb9110b6f32d5fd590747c8cc27b33a64948a8bd84044f0bf407b9cf6
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
dda92094de5156788cb7957fe9b861d3d32947acfb64e2e132358b454f2d639b
ffa6fa4faef56454eaedf9c9b6a29b3069186205950ec224ee4e0bb48169f8cd

www.citi.personalval.online Open in urlscan Pro 198.23.159.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

1964 kBTransfer

3225 kBSize

1 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

www.citi.personalval.online Open in urlscan Pro
198.23.159.170 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1964 kB
Transfer

3225 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions